New Year, new site. Just keeping things fresh. More to come as posts are moved over…
We all have to start somewhere. The question is, where?
The sheer number of tools available can make it difficult to choose a place to start. This is complicated by the fact that most of the tools on the market have a very steep learning curve, and that many of these tools can be hazardous to run on a production network.
There are several pentesting distributions on the market (Pentoo, NodeZero, Kali, and BackBox are good examples) loaded with tools and utilities. Unfortunately, these offer so many tools, they don;t help answer the question of where to start. Let’s look at a couple areas that are important and find some tools that cen help get you started on the road to success. Continue reading “Network Security Tools for Newbies”
Step 3: Paint with Better Brushes
Now that we have covered some of the core issues, it is time to flush out the details. The only real way to do this is to read, and not just a little. Information is your friend here. No technology, product, solution, or approach can totally replace an informed professional with security knowledge. This is why most products focus on finding threats and alerting the operator. This is also where the dollars vs hours balance is focused. The more you understand about the threats to your network, the better you can not only manage the threats but also select the tools with which to do so. It is CRITICAL that you do not underestimate the importance of this step. Continue reading “Third Step in Reducing the Cost to Implement a Security Plan”
In my last blog I discussed how to create and implement a security policy to reduce steps and lower the cost of securing your business. Now I’m tackling Step 2. Continue reading “Second Step to Reducing the High Cost of Implementing an Information Security Plan”
This is the first blog of a three-part series. I’m in Support at AlienVault and spend my share of time on the forums. I have seen a few posts regarding the cost of implementing security processes and procedures on a network. This is a valid question to consider, as the prospect of creating a security policy and implementing it on a network can be daunting for a beginner. In the following post, are a handful of ideas that hopefully will assist you in developing and implementing your plan. I will also stick to basic theory as my choice of products to use is obviously somewhat biased. 😉 This is the first installment in a blog series intended to share what I’ve learned working on the AlienVault Forums. Continue reading “Three Steps to Reduce the High Cost of Implementing an Information Security Plan”
The Go kit is one of the hot button-issues in amateur radio. Everyone has their own idea of what a go-kit should be. Let’s start simple and work our way up from there. Continue reading “Making Your Go-Kit”
I have previously posted a blog post describing how to monitor for ARP Spoofing. With IPv6 on everyone’s mind today (It IS on your mind, right?), it would seem that it is a good time to talk about a similar concern for IPv6 networks. IPv6 networks do not support multicast, but they DO have a comparable protocol. Unfortunately, it is also subject to the same exploits using similar techniques. Like ARP however, there are tools available to assist in monitoring and detecting NDP spoofing attempts. Let’s look at how we can proactively monitor this critical function of our network. Continue reading “Monitoring for NDP Spoofing”
“Maman died today.” I have often wondered why Camus would open such a striking book as The Stranger with those three simple words. It was hard for me to understand what he meant to convey, what he meant to describe when he chose those words, how much he was opening the stage for his story. His wisdom was lost because I did not grasp the depth of his story. I am so sad to say I now understand that the story was not about one man’s journey in life, and the consequences of his mistakes, but the numbness of the soul which a man suffers after the loss of his mother. I regret more than anything to say that I now share Meursault’s sadness. Continue reading “Maman”
My mobile rig is designed with emergency communications in mind.
The vehicle is a 2001 Blazer ZR2 4X4. A basic vehicle which should be able to handle any weather events which can occur in the area. It is also a comfortable vehicle with decent fuel mileage, which makes my life a lot more enjoyable. Continue reading “Mobile Operations”
Of the many ways that a network can be infiltrated, one of the most difficult to detect and manage is ARP spoofing. This is due to the fact that ARP does not take security into account in its design. Fortunately, there are tools available to assist in monitoring for and detecting ARP spoofing attempts. Obviously, the first steps in addressing a security incident is knowing that there IS an incident, so let’s look at how we can proactively watch for these incidents on our network. Continue reading “Monitoring for ARP Spoofing”