ramblings on various information security topics
From the category archives:
I made an error in the how-to on configuring the system to automatically boot to persistent mode.
Instead of 'Default 5', it should be 'Default <label>' where label is the text following the 'label' line for the menu option you want to boot. In my case it looks like 'Default ubnentry5'.
I apologize for the confusion and [...]
{ 0 comments }
Hi there folks.
With the final release of Backtrack 4 Final right around the corner, I thought I would get ahead of the curve and update the how-to. I have access to the pre-final via the Informer.
The updated version is where the original Beta instructions used to live. I have copied the Beta instructions to a [...]
{ 0 comments }
In today's Bits post, I mentioned that a top 25 coding errors report was going to be issued today. Well, it's happened. From the SANS website:
Today in Washington, DC, experts from more than 30 US and international cyber security organizations jointly released the consensus list of the 25 most dangerous programming errors that lead to [...]
{ 0 comments }
@hevnsnt posted the following message to Twitter this morning.
hevnsnt watching Strand's hacker vids at http://vimeo.com/user595761/videos
There are some nice videos there. Here are the titles of a few with direct links:
Password Cracking
Basic Netcat Usage
IDS and Packets
Definitely worth spending some time on.
-Kevin
infosec videos, infosec education, information security education, information security videos
{ 0 comments }
A quick note about something that @cji tweeted about.
Fortify has a taxonomy of coding errors that affect security. The really cool thing is the examples in many different languages.
Its right here, go check it out.
{ 0 comments }
What is the Security Catalyst Community?
The Security Catalyst Community is a forum where individuals who are interested in or work in the Information Security field can come together and leverage each others strengths and experiences. There are several things that make this forum so great:
Everybody uses their real name. That may seem like something [...]
{ 0 comments }
A few weeks ago I wrote about participating in Cyber Defense Competitions as a Red Team member. This weekend I had the opportunity to do so again. This time with a bunch of High School students.
This weekend was the annual IT Olympics event that is put on by Iowa State. The event [...]
{ 0 comments }
F-Secure has been involved in a course being offered by The Telecommunications Software and Multimedia Laboratory.
While that is interesting in itself, the cool part is that all of the coursework, slides and homework have been put on-line for free.
Don't be discouraged if you go to the labs main site and don't speak or read Finnish. [...]
{ 0 comments }
Scott Young over at PickTheBrain writes in this post about a couple of ways to improve the quality of the conversations we have with people.
He points to two basic rules that can help make conversations more meaningful.
The conversation is not about you.
You need to give trust to get trust.
I will leave it you to [...]
{ 0 comments }
I am a big fan of Seth Godwin's blog which can be found here:
http://sethgodin.typepad.com/
If you are not familiar with Mr. Godwin, I highly recommed perusing his blog. While not an infosec blog, his insights into marketing and perception are useful in many ways.
He had a post that pointed to this YouTube video. Watch [...]
{ 1 comment }
