Photography around Auburn, AL

| 0 comments

Auburn is a city in Lee County, Alabama, United States. It is the largest city in eastern Alabama with a 2013 population of 58,582. It is a principal city of the Auburn-Opelika Metropolitan Area. The Auburn-Opelika, AL MSA with a population of 150,933, along with the Columbus, GA-AL MSA and Tuskegee, Alabama, comprises the greater Columbus-Auburn-Opelika, GA-AL CSA, a region home to 501,649 residents. Auburn is a college town and is the home of Auburn University. Auburn has been marked in recent years by rapid growth, and is currently the fastest growing metropolitan area in Alabama and the nineteenth-fastest growing metro area in the United States since 1990. The following photos are from my hand at photography and I hope you find them as intriguing as I do.

Photography at Chewacla State Park, Auburn, AL

| 0 comments

Chewacla State Park’s 696 scenic acres is a quick stop right off interstate 85 at Auburn, AL. The facilities include a 26-acre lake, swimming area, playgrounds, hiking trails, mountain biking trails, a modern campground, picnic areas with tables, grills and shelters, and newly renovated cabins. If you have the opportunity to visit in Fall or early Winter, I am sure that you will find the colors amazing. This park is not as large as other State Parks that I have visited over the years, but it is a great place to spend the day with the family or taking photos. The following photos are from my hand at photography and I hope you find them as intriguing as I do.  

Security via obfuscation: MAC Address

| 0 comments

Every network interface card has a unique 48 bit identifier known as a MAC address. This address is burned into the EEPROM on the card, and often is used by networking equipment to track users as they come and go, frequently associating MAC address to a hotel, credit card, credentials, and so on. In fact, even most consumer gear will record the MAC addresses of all computers that have ever issued DHCP requests to them, and these logs usually cannot be purged. When you combine this with the fact that most Cable/DSL service providers will also record your MAC address and bind it to your account, and the fact that some of them don’t even seem to wait for a court order to turn your info over, it becomes apparent that your MAC address essentially is your identify, but I of course disagree with this! One particularly useful hack is to change your MAC address. This can be useful if you want to make it a bit more difficult to track your device down. Thus, changing your MAC address is highly desirable for a number of reasons. If you curious about finding the manufacturer and location of a given MAC …

Continue reading

Using the web application attack and audit framework known as w3af to test your security

| 0 comments

w3af is a Web Application Attack and Audit Framework is an amazing tool that is written in Python and has the capability to find more than 200 defined vulnerabilities. Not only does it look for the usual suspects such as SQL injection, it also handles crawling, bruteforce, authentication, and so much more. There are a number of vulnerability scanners both commercial and open source, but it all comes down to what you prefer. I tend to lean toward the open source community because of transparency, community involvement, and the fact there is zero cost. Unfortunately web applications pose one of the greatest risks to organizations because often these applications are either public facing, open to business partners and of course employees (the insider threat). The fact is web applications are a rich target because there are so many different attack vectors. For example, the following five examples a very often used and very easy to exploit once vulnerabilities have been identified. Cross-site scripting (XSS): Is the act of injecting lines of code into web pages in some shape or fashion. If not defended against, malicious code will eventually lead to a breach. Session Hijacking: Each unique user is assigned a …

Continue reading

The Dollars and Sense of Enterprise Access

| 0 comments

This week I attended the 2014 US Business Leadership Network (USBLN) conference in Orlando, Florida where I was honored to speak on the subject of accessibility. I took part in a panel discuss where I spoke with a number of very knowledgeable people from a number of organizations that included Sprint, Verizon, and IBM. I of course represented Northrop Grumman and I focused on policies and procedures around accessibility. If you are interested in this subject, you will find the PowerPoint deck at the end of this post. Today more than ever, we conduct our lives in a digital medium. In many cases, a task may only be able to be completed digitally. Awareness of the nature and implication of legislation and policy regarding accessibility is significant in shaping organizational policy. In the era of the Internet, accessibility, or the lack there of, often erects obstacles to employees, business partners, and the general public. An article titled Accessibility in Practice: A process-driven approach to accessibility by Sarah Horton and David Sloan make a number of very interesting points: Involve people with disabilities effectively. Remediating accessibility barriers early. Introducing accessibility into the development process may be experienced as a disruptive. Electronic, …

Continue reading