Elamb Cybersecurity

Blog

  • Network Vulnerability tool: AutoScan is a utility for network exploration

    AutoScan is a utility for network exploration.

    I used AutoScan on my home network and found out that my Router has Linux on it.  For my customer's enclave I used Autoscan to quickly locate vulnerabilities.

    Although the network is small the scan was usefull since it has given me a good idea what affect AutoScan will have on my customers larger newtork with more valuable assets and a potentially larger number of risks.

    AutoScan did not alter my customers work as it instantly picked up workstations, internetworking devices and printers.  The built in nmap scripts adds a very nice touch. 

    If you're a mobile White Hat on the go like me, autoscan within the WHAX live CD is a great security tool to add to your “batbelt.”

    The objective of the program is to post the list of all equipment connected to the network. A list of ports preset is scanned for each equipment. You can find many more vulnerability tools with tags at Technorati & Del.icio.us:
    http://del.icio.us/tag/vulnerability+assessment

    read more | digg story

  • Whoppix replaced by WHAX: bootable CD

    Remember Whoppix–White Hat Knoppix? Well, it's now based off of SLAX
    instead of Knoppix, making WHAX. This was done for modularity, making
    it more easily customizable.

    I've made a copy of Whoppix, Knoppix STD and WHAX and each time I've
    had to re-learn how to make a bootable CD and each time I figure it out
    I wonder how the hell could I be so silly as to forget something so
    easy.  It's like having a brain fart and forgeting how to spell
    “of.”

    The key is to burn it as an Image or .ISO NOT BOOTABLE.  Most of the popular burners have this feature.

    Anyway here is how you do it:

    *note: SLAX and Knoppix variations
    often are compressed into an archive file or .rar.  Many systems
    automatically see this as a .ISO or image file.  No need to
    extract it.

    Making a Data CD from a CD Image with Easy CD Creator (Save the Image to your Hard drive) 

        1)  Insert a blank CD in CD Recorder

        2)  Select “Record CD from Image” from the File menu

        3)  Select the image file WHAX-x-beta.iso or whatever
             the .ISO file is named and click Open. 
       
        4)   Once the Record CD Setup dialog box appears, 
              Click Start Recording

    Basically, just look for the burn Image or .ISO feature and your good.


  • New email address registries for "Do not contact"

    Utah and Michigan are the first two states to have both passed the legislation which is aimed at minors having access to otherwise unwanted, sexually explicit or violent electronic communications.

    read more | digg story

  • Kevin Mitnick: Stealing the Network: How to Own a Continent

    Could hackers take over a continent?
    CIA agent Knuth had been very insistent when he recruited Flir. He needed personal student information, including social security numbers, and, as an agent for a non-domestically focused intelligence agency, didn't have the authority to get such from the US government.

    read more | digg story

  • RSS: Safe At Any Feed?

    with Microsoft's move to integrate RSS into the Windows operating system, and build it into Internet Explorer, still the dominant browser, the idea that hackers and scammers will turn to RSS gains some credence.”RSS in the operating system and IE likely means that more people will be saying 'let's start looking for vulnerabilities,'”

    read more | digg story

  • British security firm Sophos warns about a new threat

    British security firm Sophos is warning e-mail users worldwide about a new worm called Kedebe (W32/ Kedebe-F) designed to compromise computer security.

    read more | digg story

  • Official digg podcast coming soon!

    We are pleased to announce that former TechTV hosts Kevin Rose and Alex Albrecht have agreed to host a weekly podcast version of digg. Each 30 min podcast will cover the most dugg stories, as well as their personal favorites. Expect to see the first release sometime within the next two weeks!

    read more | digg story

  • Domain 1.0 – General Security Concepts (Security+)

    1.1 Recognize and be able to differentiate and explain the following access control models

     o MAC (Mandatory Access Control)

    · Access controls based on security labels (Sensitivity labels) associated with each data item

    · Lattice = MAC model

    · Uses levels of security to classify users and data is a characteristic of MAC

    o DAC (Discretionary Access Control)

    · Access controls that are created and administered by the data owner are considered.

    · Each object has an owner, which has full control over the object

    · Inherent flaw in DAC is that it relies only on the identity of the user or process, leaving room for a Trojan horse

    o RBAC (Role Based Access Control)

    · Access control decisions are based on responsibilities that an individual user or process has in an organization

    · Relationship of user, role, operation: multiple users, multiple roles and multiple operations

    http://del.icio.us/rss/tag/access+control

    http://del.icio.us/rss/tag/rbac

     

  • Spending too much time aimlessly on the internet?

    Combines FireFox live Bookmark update feature with Del.icio.us and organize them by time.

    Neat tip on how to save time while browsing the internet using Firefox and a Del.icio.us account.

    read more | digg story

  • Absolutely Del.icio.us – Complete Tool Collection

    del.icio.us is a very popular social bookmarks manager. This is possibly the largest collection of tools related to del.icio.us and is constantly updated.

    read more | digg story