Skip to content

Category Archives: Security

Topics relating to information security.

Security without firewalls: Sensible or silly?

For years, infosec experts have called the firewall a critical ingredient to security, whether it’s in a large enterprise or on a home PC. But the San Diego Supercomputer Center (SDSC) has defied that logic with what some would consider surprising success. —————————————– Personally, I think that this is a wrong approach. A firewall is […]

Penetration Testing vs Vulnerability Assessment

A good explanation of the differences between the two, many managers think Penetration Testing sounds more exciting, but actually in the majority of cases it’s a Vulnerability Assessment that’s carried out. —————————– Not a bad little article. One thing that he fails to mention (or I just missed it) was that penetration testing is usually […]

Nmap, what is it and how do you use it?

Nmap is a security tool written by Fyodor. It is an opensource security tool which is licensed under the GNU GPL. Nmap is what is called a network scanner. It is not a vulnerablility scanner like nessus. A decent analogy would be if you had an address to a particular house and wanted to figure […]

Future of NIST

NIST created guidelines for selecting and specifying security controls for information systems that support the executive agencies of the U.S. government. read more | digg story I plan on writing my own article about NIST documentation. However, this is a decent little introduction to NIST 800-53 and the direction of NIST security controls.

Cracking WEP PartII

So, now we are hopefully capturing traffic and saving IVs to crackme.ivs for channel 10. Now we must generate traffic by doing an active attack (or we could be sniffing traffic for weeks on a low use WAP). To do this we are going to use aireplay. So, the first thing we need to do […]