Creating a proxy chain in Linux

| 0 comments

There obviously are time that you may want to make use of a proxy server in order to provide yourself a level of anonymity that you may otherwise no have. Proxies also provide benefits in terms of restricted content that may be filtered with your region or country. Think of it this way, if YouTube is blocked in the Middle East then a proxy may help you to overcome that block. Now to be clear a proxy server also helps to increase performance by storing a copy of frequently used webpages. When a browser requests a webpage stored in the …

Continue reading

Security via obfuscation: MAC Address

| 0 comments

Every network interface card has a unique 48 bit identifier known as a MAC address. This address is burned into the EEPROM on the card, and often is used by networking equipment to track users as they come and go, frequently associating MAC address to a hotel, credit card, credentials, and so on. In fact, even most consumer gear will record the MAC addresses of all computers that have ever issued DHCP requests to them, and these logs usually cannot be purged. When you combine this with the fact that most Cable/DSL service providers will also record your MAC address …

Continue reading

Intelligence and Security Professional Certification

| 0 comments

Next month I embark upon my journey with the Center for Governmental Services at Auburn University to obtain intelligence analytic trade-craft skills essential for analysts in today’s operational environments. My goal is to develop skills in the handling and analysis of locally generated information, intelligence as related to homeland security, and classified and unclassified intelligence generated from the various intelligence communities. This study should prove to be very informative and educational to say the least. The fact that the faculty are former senior intelligence officers and managers from the CIA, DIA, NRO, NSA, State/INR, NGA, ODNI, Military Service intelligence components, …

Continue reading

Cracking MD5 using Hashcat

| 0 comments

If you are not familiar with Hashcat then you are in luck. Before I get started, Wikipedia states Hashcat is the self-proclaimed world’s fastest CPU-based password recovery tool. It is available free of charge, although it has a proprietary codebase. Versions are available for Linux, OSX, and Windows and can come in CPU-based or GPU-based variants. Hashcat currently supports a large range of hashing algorithms, including: Microsoft LM Hashes, MD4, MD5, SHA-family, Unix Crypt formats, MySQL, Cisco PIX, and many others. The MD5 message-digest algorithm is a cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed in text …

Continue reading

Digital forensics and hardware identification

| 0 comments

I thought I would sit down and begin a series of articles surrounding digital forensics with hardware identification being the lead in. The subject of forensics is one that I personally have not placed a great deal of effort and recently I took the Computer Hacking Forensic Investigator training from EC-Council. On day one, I knew I was hooked and it may not be for reason that you may suspect. I enjoy hacking from a white hat perspective and understanding the black hats is key to being successful. Ironically on day one of the training, I quickly learned that my …

Continue reading