ramblings on various information security topics
From the category archives:
I am at the RSA conference again this year. At the same time and nearby, Security BSides is holding an event.
Most of you are are probably aware of the RSA conference, but many may not be familiar with Security BSides. From the site:
What is BSides?
BSides is a community driven unconference built for and by information [...]
{ 3 comments }
I apologize for the downtime today. It was entirely my fault.
Things should be okay now.
Kevin
{ 0 comments }
I have published my latest Backtrack 4 how-to.
Backtrack 4 - Bootable USB Thumb Drive with "Full" Disk Encryption
This is a step-by-step guide showing how to create a encrypted bootable Backtrack 4 USB thumb drive. I put quotes around full in the title because technically the whole disk isn't encrypted.
We use LVM and the native encryption [...]
{ 2 comments }
I was looking at my checking account on-line a few days ago and saw something that sparked this blog post.
My bank has a very handy service where they scan the checks we write (yes, checks are still used in some cases ) and you can view them online for a limited time. Very cool. [...]
{ 0 comments }
There is a new post up on the RSA Security Blogger Meetup blog with a few more details and an action that needs to be taken if you are interested in attending. Go check it out.
Things Are Shaping Up
-Kevin
{ 0 comments }
Just a quick note to let you know that the Backtrack 4 USB How-to with Persistent Changes and Nessus has been updated for Nessus 4.0.1.
That is all.
-Kevin
{ 0 comments }
Over the course of the last week or so, there has been a great thread on the PaulDotCom mailing list related to getting started in information security. Paul has posted a nice article that gathers some of the comments together.
The time spent reading the article and then the actual thread is well spent for both [...]
{ 0 comments }
Securing our Government Networks
Lt. Gen. Keith B. Alexander is the head of the NSA.
States that the NSA does not want to be in charge of information security for the nation.
Speaking to the data collection issues recently. They self-report when they make a mistake outside of their mandate.
Going to cover history of NSA, where they are [...]
{ 2 comments }
In my previous post, we setup an encrypted private directory to address being able to keep the data from a pen test safe. I also found that TrueCrypt works great on Backtrack 4. It also addresses the issue of file and directory names not being encrypted. Of course the downside is that the volume must [...]
{ 1 comment }
In the last post in our series, we spent some time looking at the definition of asset. In the post previous to that, we described the system we are assessing and a presented a diagram that shows the system and its architecture.
In this post, we are going to start the discussion about threats, but first, [...]
{ 2 comments }
