Welcome!

Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Hurricane Labs

Many of the mid to high-end Check Point appliances feature a built in LCD display and control panel. When an appliance is booted up, the display will show the appliance model and the Check Point logo, as pictured. The LCD and control panel buttons allow a user with physical access to an appliance to perform basic configuration tasks, such as changing the management interface IP address and default gateway, or reboot the appliance. In many cases, this may not be desirable. To restrict this access on an appliance running Check Point’s GAiA operating system, run the following command from the clish shell: my­-firewall> set lcd access none This will prevent any configuration changes from the LCD screen. There is also an option available which requires a numeric passcode to unlock the LCD display. Check Point also offers various screensaver options for the LCD display... (more)

Nothing New Under the Sun

I recently wrote a couple of to-be-published articles basically laying out all the reasons why we as security professionals should not be running away from so-called "new" technology. Essentially I am asking that we take the time to really understand what's so new about this stuff. SmartPhones, the "cloud", etc these are all repackaged versions of old technology. We're terrified of them because we think we don't understand them. The sad part is, we don't. We seem to be under the impression that all new technology is bad and inherently insecure, it isn't. It's not any more insecu... (more)

Open Source Firewalls - Untangle and pfSense comparison

So this week I had the opportunity of setting up a little lab to test both of these firewalls. Before this week I had no idea these firewalls even existed, and the only open source routing/firewall software I even knew of at the time was Vyatta; which is really only for routing purposes. Starting off, you really need to pay attention to the system requirements, especially Untangles. I attempted to install both of these using Ubuntu with VirtualBox and was in for a nasty surprise. Originally skimming the requirements brought me to this issue, to where I used an old Dell Dimension ... (more)

How Strong is your Fu for Charity

This past weekend Offensive Security held a capture the flag event to raise money for Hackers for Charity. After participating in their previous capture the flag event it was an easy decision to sign up for this one. Information about the event can be found on the following page - http://www.information-security-training.com/events/hsiyf-for-charity-registration-page/ Below you will find a walk through of the first target in the competition “iVuln”. The first task after connecting to the vpn was to map out the network and identify all targets on the network as this information w... (more)

OpenDLP Pass-The-Hash

OpenDLP is a great time saving tool when looking for sensitive data on windows machines but one pain with using it is that it requires a username and password for the target machine. Passwords are not always a luxury provided when conducting a pentest, but password hashes are usually plentiful in a windows environment and time crack passwords is not always feasible. The details of obtaining windows password hashes is out of scope for this guide and it will be assumed the reader is familiar with "passing the hash". This guide also assumes that you have already patched your systems... (more)