Simple: December 2008

Wednesday, December 17, 2008

xss filtering

http://directwebremoting.org/blog/joe/2008/12/04/xss_filtering.html

blackberry security

http://www.networkworld.com/news/2008/121708-5-ways-to-secure-your.html?page=1

gifar

http://xs-sniper.com/blog/2008/12/17/sun-fixes-gifars/

Tuesday, December 16, 2008

Afterglow and TShark

Fun with tshark (wireshark) command line

Submitted by daryl on Mon, 11/24/2008 - 23:33

* sniffer

* tshark

* visualization

* wireshark

Get csv output of source and destination IP addresses from a pcap (wireshark or tcpdump) capture file.

tshark -r file.pcap -T fields -E separator=, -e ip.src -e ip.dst

Creates a file similar to:

192.168.1.105,192.168.1.120

192.168.1.120,192.168.1.105

72.14.247.83,192.168.1.105

192.168.1.105,72.14.247.83

72.14.247.19,192.168.1.105

192.168.1.105,72.14.247.19

192.168.1.105,74.53.76.3

74.53.76.3,192.168.1.105

192.168.1.105,72.14.247.83

72.14.247.83,192.168.1.105

Then if you have afterglow installed you can create a visualization of the source and destination information by doing the following:

(from the $HOME/afterglow/src/perl/graph directory)

tshark -r file.pcap -T fields -E separator=, -e ip.src -e ip.dst | perl afterglow.pl -c color.properties > file.dot

This creates a filter of the data for drawing a direct graph using neato.

Now using neato create a gif file to display a visualization of the data.

neato -Tgif -o test.gif ./file.dot

Security thoughts

1. Good end point security assumes the network is hostile.

2. Good network security assumes the end point is hostile.

3. Good data security assumes the user is hostile.

Thursday, December 11, 2008

Creating a Patch and Vulnerability Management Program

http://csrc.nist.gov/publications/nistpubs/800-40-Ver2/SP800-40v2.pdf

Wednesday, December 10, 2008

secure switch

http://secureswitch.com/SecureSwitch.htm

pass thru authentication

windows trust model

online password generator

password generator

Sunday, December 07, 2008

How to correct "disable Autorun registry key" enforcement in Windows

http://support.microsoft.com/kb/953252

router forensics

http://sansforensics.wordpress.com/2008/11/24/cisco-router-forensics/

pen test tool site

http://www.toolcrypt.org/index.html

pen test tool site

http://www.toolcrypt.org/index.html

Saturday, December 06, 2008

excel port scanner

http://www.cqure.net/wp/hedgehog/

excel port scanner

http://www.cqure.net/wp/hedgehog/

secure os separation

http://www.ghs.com/products/rtos/integritypc.html

secure os separation

http://www.ghs.com/products/rtos/integritypc.html

Friday, December 05, 2008

tcp tools

http://www.comlab.uni-rostock.de/research/tools.html

tcp tools

http://www.comlab.uni-rostock.de/research/tools.html

Wednesday, December 03, 2008

another enterprise password manager

http://www.passlogix.com/products/v-GO_sharedaccountsmanager/benefits/

another enterprise password manager

http://www.passlogix.com/products/v-GO_sharedaccountsmanager/benefits/

enterprise password tool

http://www.liebsoft.com/index.cfm/products?id=360

enterprise password tool

http://www.liebsoft.com/index.cfm/products?id=360

wireshark network traffic filters article

how to write wireshark filter

wireshark network traffic filters article

how to write wireshark filter

security visualisation articles

secviz

security visualisation articles

secviz

rsa tutorial

http://scienceblogs.com/goodmath/2008/12/public_key_cryptography_using.php

rsa tutorial

http://scienceblogs.com/goodmath/2008/12/public_key_cryptography_using.php

backup cartoon

http://raistlin.soup.io/post/8405140/Image

backup cartoon

http://raistlin.soup.io/post/8405140/Image

incident handling cheat sheets

http://www.zeltser.com/network-os-security/security-incident-survey-cheat-sheet.html

http://www.darkreading.com/blog/archives/2008/12/cheat_sheets_fo.html

http://www.zeltser.com/network-os-security/security-incident-questionnaire-cheat-sheet.html