Learning BackTrack 5: The Art Of Penetration Testing

| 0 comments

BackTrack is an absolutely amazing Linux based penetration testing environment that is entirely dedicated to hacking. I must say that you should use common sense when you begin digging into the security tools provided because the last thing you want to do is break the law and find yourself in trouble. Now to say that there are many security tools available in BackTrack would be an understatement. In fact there is so many available that I would never start to list theme here. If you wish to see for yourself, simply execute the following within your terminal instance: dpkg –list …

Continue reading

Stop Online Piracy Act And The Future Of Internet Freedom

| 0 comments

I thought it was time that I sat down and put to paper so to speak my thoughts about the Stop Online Piracy Act (SOPA). For those of you that know me personally know that I am not a fan of SOPA for many of the reasons that other individuals as well as large technology companies have stated. In short SOPA is entirely to vague and leaves the door open for entirely a nanny state which I am sure you agree will kill the Internet freedoms we enjoy today. SOPA “explained” by Guardian Opinion Time I must say that there …

Continue reading

Database Security

| 0 comments

Databases are the core targets for hackers and they can be a source of vengeance when it comes to disgruntle employees.  In this case, the Human Resources (HR) group has requirements to house data that are used across the corporation from management to the level of employees, which requires numerous security considerations. Traditionally access control has been performed at the application level within code however if a database accounts properly for access control the value of this level of control begins to take shape.  The workflow demonstrated in figure 1 provides the needed foundation to address interfaces, enforcement, and access …

Continue reading

WikiLeaks Lessons Learned

| 0 comments

In the end, the distinction that is drawn from WikiLeaks is that this organization in no way resembles traditional or modern day hackers.  In order to back up this assertion it is important to understand the definition of a hacker, which is a person who illegally gains access to and sometimes tampers with information in a computer system. Traditional Hackers While WikiLeaks had been existence for some time, they gained notoriety when a United States (US) service member leaked classified Pentagon documents.  For this reason, I advocate that the term hacker is not relevant.  In fact, it seems the US …

Continue reading

Metasploit: Penetration Testing Tool Of Choice

| 0 comments

Penetration testing is key to security and Metasploit is an easy-to-use penetration testing solution that provides network penetration testing capabilities, backed by the world’s largest fully tested and integrated public database of exploits. Built on feedback from the Metasploit user community, key security experts, and Rapid7 customers, Metasploit Express enables organizations to take the next step forward in security. If you’re running or responsible for any type of IT system that hackers or cyber criminals may want to break into, deface, or bring down for business or pleasure, Metasploit Framework is for you. The tool enables you to carry out …

Continue reading