The Washington Post launched Top Secret America today. Aside from the fact that there’s a lot of conjecture, this is still American media, so I’ve learned to accept it. The site is supposed to focus on the boom in intelligence spending since 9/11, which we can debate all day. However one thing in particular that [...]
I recently took (and passed) one of the most controversial IT certifications last week – the CEH – mostly because it fulfilled the DoDD 870.01 baseline certification for CND, but also because I wanted to see what this exam was all about! The last time someone posted about the CEH the comment thread was insanely [...]
There’s been a lot of talk on the island about the “Cyberwar” term and this is yet another example… The Wallstreet Journal reported that the NSA allegedly awarded a contract to Raytheon for an Information Security program called “Perfect Citizen”. The details are sketchy – as they should be – but the idea is that [...]
Fingerprinting servers for OS details has been a common practice in the hacker community for years. However, little attention has been given to the fingerprinting of the specific applications. I’m not talking about determining what server or OS you run, I want to know specifically what CMS, portal package or even what API you use! [...]
I always seem to be “that guy” who is tapped to fix a computer for friends and family. Unfortunately, I always end up getting overly frustrated… I realize that not everyone understands the importance of network security, but there are a few things that you MUST do to protect yourself and MY sanity!
A while back I wrote a quick windows app to parse out the results of the DISA Linux STIG Security Readiness Review (SRR). In case you’re unfamiliar, the Linux STIG (or Security Technical Implementation Guide) is a set of computer security guidelines put out by DISA. These documents are fairly lengthy, so they (or someone) [...]