Written by Rick Deacon
Recently I’ve been faced with a very difficult type of question, and it
isn’t even technical. No, it’s not the typical ‘How do you find a
buffer overflow?’ or ‘Can you write me code entirely in assembly in 20
minutes?’ It’s much more difficult to answer. It’s answer, to many
people, may be the ‘key’ they are looking for in this industry. The
question is very often phrased as “So what did it take for you to get where
you are?” or “How do I get into the security industry?” and even
sometimes “How do I become a hacker?”
There are many different approaches to this subject, and I firmly believe
there only a few ways to truly succeed in security or IT in general. A lot of
people assume four years of school is going to land you your dream job, where
you’re a hacker in your own peaceful office behind a wall of 6 monitors
watching packet captures fly... (more)
No matter what facet of information security you're in, from being the CISO
down to just installing security patches and keeping up to date, there will
probably be a point where you need to see the details of a hack. Maybe it's
because you need to fingerprint what it does or how it acts on your network.
Maybe it's because you need to be able to reproduce it in a penetration test.
Either way you look at it, sometimes you just need to test something out.
Obviously, this could go one of a few ways. You could execute these hacks on
your network. This could lead to potentially bad out... (more)
Recently, we were planning a migration from MRTG to Cacti, and we ran into a
few issues during this process.
Some of the obstacles that I ran into during the migration:
Data imported into Cacti was not accurate.Data would import accurately, but
would get overwritten at 5 minute intervalsThe graph wouldn't show up when
data was importedAfter trial, error and a lot of research, I was able to
successfully export the data from MRTG and import it into Cacti.
We were running an older version of MRTG which stored its data into log
files, but to export the data so that it could be imported i... (more)
By: Bill Mathews - Anyone who listens to our podcast should know that I hate
all anti-virus and anti-virus vendors. I really don’t have too many shades
of grey when it comes to it, so it’s pretty hard to make me want to do
anything regarding anti-virus technology that isn’t just recommending you
get rid of the platform that is so susceptible to it. I’ve argued (and
still argue) that even though there is clearly a malware issue with Android
phones (unless lots of folks are lying), it is not as bad as the vendors make
it out to be.
They have a whole new platform to infect…err, get ... (more)
By: Ian Gillespie
Warning: I am not an Information Security expert – I am the Lead Designer
at Hurricane Labs. I do not know the detailed best practices of securing a
network or how to set up a SIEM such as Splunk. You may be asking yourself,
“Why the heck is this guy even writing an article on a blog about
Information Security?!” Hold on a second – what I propose is an
outsider’s perspective on the idea of information security as a whole. My
perspective may not be the same as that of an information security
specialist, but that’s the point. The purpose of this article is to