Password and Hash

22 08 2012

Password attack: very good article

online rainbow table

malware signature
Oh sweet!!

No this one is not related to this topic, but it’s so sweet!!
SMS Spoofing and its tool.

stealth ideas to check egress rules on firewall

14 08 2012

To verify egress rules on firewall. we could
1. look at firewall policies
2. ask some employees to help in other words do social engineering
3. guess

The first two approaches are not what I would like to talk today instead I am focusing on guessing technique. A stager of Metasploit called reverse_tcp_allports is one of the nice ideas to do this.
However, if we need more stealth, create a server which responses to any TCP port like 65K Open TCP Ports and watch for our traffic.

“The quieter you become the more you can hear”

Application Security Infographic by veracode

8 06 2012

Infographic by Veracode Application Security

Building Secure Web Applications
Building Secure Web Applications

How Mobile Apps are Invading Your Privacy
How Mobile Apps are Invading Your Privacy

Searching for the 1st PC Virus

30 04 2012

Amazing and inspiring!!! Mikko is awesome

Software Security

26 03 2012

A good visualisation infographic by VeraCode.

Secure Coding and Software Security

Infographic by Veracode Application Security

System Hardening

19 07 2011

As Counter Hack Reloaded by Ed Skoudis and Tom Liston says: “System hardening is a difficult task, and if anyone tell you differently, they’re trying to sell something”.

I could not agree with them more that system hardening is tough, time consuming and quite difficult. Sometimes you made it too loose, but some other time it was too tight. We need the security baseline to be referred to. Those links below are good enough resource. You need to strike a balance between what you need and how security should be.

CIS Security Configuration Benchmarks
Security Configuration Guides

Stay safe!!

Site Advisor

31 05 2011

For any suspicious URL, we can verify whether it is safe and secure with some help from these services.

If you got a shortlink, I suggest you should take a look at
LongURL in order to expand any short link

After you feel like the link you are going to visit is not certainly secure, try consulting
1. Trend Micro Site Safety Center
2. McAfee SiteAdvisor

Stay safe!! 🙂