Security via obfuscation: MAC Address

| 0 comments

Every network interface card has a unique 48 bit identifier known as a MAC address. This address is burned into the EEPROM on the card, and often is used by networking equipment to track users as they come and go, frequently associating MAC address to a hotel, credit card, credentials, and so on. In fact, even most consumer gear will record the MAC addresses of all computers that have ever issued DHCP requests to them, and these logs usually cannot be purged. When you combine this with the fact that most Cable/DSL service providers will also record your MAC address …

Continue reading

Rip music from YouTube using youtube-dl, ffmpeg, and lame

| 0 comments

In a previous post I wrote about how to Rip DEFCON videos from YouTube and this got me to thinking about music. Is it possible to take a video that contains a music track and extract the audio to MP3 format? Well the answer surprisingly enough is yes. Now before you get to excited, you must understand that doing this clearly violates copyright laws and for that reason, I am writing about this purely from an educational point of view. Everything I am covering here is done on OS X and I used the homebrew package manager to install the required …

Continue reading

Are you a Google Dork?

| 0 comments

Are you a Google Dork? Do you know what it means to be a Google Dork? The fact is Google is a wonderful search engine and it can very easy point you into the direction of your interest. However the darker side of Google, well depending upon how the search engine is used can often lead to information that you would never think would be indexed by Google. Before you begin thinking Google is evil here take note that the data is placed online by anyone with an Internet connection, therefore Google is doing nothing evil rather the search engine …

Continue reading

Learning BackTrack 5: The Art Of Penetration Testing

| 0 comments

BackTrack is an absolutely amazing Linux based penetration testing environment that is entirely dedicated to hacking. I must say that you should use common sense when you begin digging into the security tools provided because the last thing you want to do is break the law and find yourself in trouble. Now to say that there are many security tools available in BackTrack would be an understatement. In fact there is so many available that I would never start to list theme here. If you wish to see for yourself, simply execute the following within your terminal instance: dpkg –list …

Continue reading

Microsoft Baseline Security Analyzer

| 0 comments

If you’re running a Windows platform then you must secure your operating system and the Microsoft Baseline Security Analyzer (MBSA) makes it a breeze. Securing your operating system is absolutely the single most important step you can take to protect yourself. Computers have become so mainstream in homes today that often daily activities that they were previously down with pen and paper are all but extinct. There are a number of actions that should be taken which include staying up to date with patches and of course controlling user account but this just begins to scratch the surface. Unless you’re …

Continue reading

Free Security Vulnerability Guides From Veracode

| 0 comments

Veracode focuses on security for organizations to accurately identify and manage application security risk. They offer a number of resources to include podcast, whitepapers, cheat sheets, and much more. SQL Injection Cheat Sheet The SQL Injection Cheat Sheet provides a summary of everything you need to know about SQL Injection. The SQL Injection Cheat Sheet contains the key concepts of SQL Injection and a SQL Injection example and tips for prevention of SQL Injection attacks. Note that you must register with Veracode in order to obtain these cheat sheets. Download the FREE SQL Injection Cheat Sheet Cross-Site Scripting (XSS) Cheat …

Continue reading