Cisco 4345 IDS IPS Basic Configuration Guide

Posted on December 9, 2013 by admin

I recently stood up a Cisco 4345 Intrusion Detection / Prevention (IDS / IPS) appliance and documented the configuration process. Here is a simple guide to setup a next generation Cisco 4345 IPS appliance.

Overview

Cisco offers various forms of threat detection options that range from modules in firewalls to dedicated appliances such as the 4345 IPS. Regardless of platform, the underlying technology is similar using a mix of threat reputation described as identifying attackers and various forms of scanning for stopping attacks. An example of stopping an attacker is blocking websites with “bad credit scores” based on how long they have been up on the Internet, the content of the site, traffic seen from the site and so on. So a website claiming to be a American bank may get flagged based on being seen from a foreign country, recently registered as a new site and flagged for SPAM. The majority of attacks on your organization can be prevented by dropping obvious malicious traffic using this method. This leaves a security solution’s resource intensive detection processes the ability to focus on the remaining 5-10% of attacks that make it through credit scoring based detection rather than scanning everything. Continue reading →

Rating: 5.0/5 (1 vote cast)

The Ultimate Installation Guide for Kali Linux

Posted on December 4, 2013 by admin

My Buddy Aamir Lakhani wrote a awesome Installation guide for kali Linux. This is a updated version of what is available in our book. Check out the original post HERE via www.drchaos.com

Introducing kali Linux

The creators of BackTrack have released a new, advanced penetration testing Linux distribution named kali Linux. BackTrack 5 was the last major version of the BackTrack distribution. The creators of BackTrack decided that to move forward with the challenges of cyber security and modern testing a new foundation was needed. Kali Linux was born and released March 13^th 2013. Kali Linux is based on Debian and an FHS-Compliant file system. Continue reading →

Rating: 0.0/5 (0 votes cast)

Cool Home Network Device – Meraki Z1

Posted on November 29, 2013 by admin

Cisco acquired Meraki, the leader in cloud controlled WiFI, routing and security late 2012. For those that haven’t heard of Meraki, the concept behind the technology is pretty cool. All device configuration and management is handled using a cloud / web accessible GUI. You can configure everything and ship equipment to where it needs to provide network access prior to first powering things on. Once you are ready, all you do is plug in the equipment and it works (IE all configuration is sent to the device via encrypted tunnel from the cloud) . It really is that simple.

Continue reading →

Rating: 5.0/5 (1 vote cast)

Privacy and security on Facebook – Things you should know and avoid doing

Posted on November 22, 2013 by admin

The Bestcomputerscienceschools.net (Link HERE) provided me a infographic covering privacy and security of Facebook. I really liked the research and agree with the suggested tips to use Facebook more security. Check it out. Continue reading →

Rating: 0.0/5 (0 votes cast)

Article publish in PenTest magazine – Launching Social Media Based Attacks

Posted on November 20, 2013 by admin

I published an article for PenTest magazine’s November 2013 issue. The article is titled “Launching Social Media Based Attacks”. Below is the introduction from the article. You can find the complete article at http://pentestmag.com/. Continue reading →

Rating: 0.0/5 (0 votes cast)

Metasploit 101 – A Introduction to using Metasploit

Posted on November 18, 2013 by admin

Metasploit is one of the most popular open source penetration testing frameworks available today. It offers tons of tools that range from scanning utilities to easy to launch exploits that include encoders used to bypass common security defenses. I’ll walk you through an example by compromising a Windows based authentication server that is not properly patched. Continue reading →

Rating: 5.0/5 (1 vote cast)

Silk Road 2.0 online black market reopened after FBI shutdown

Posted on November 12, 2013 by admin

There has been a lot of press around the closing and now reopening of Silk Road. For those that haven’t heard, Silk Road is underground amazon like network for dealing illegal goods and services. It leverages the Tor or onion router concept to conceal the identity of users using the service. You can find more on silk road HERE.

Drugabuse.com created a infographic displaying details on the history of Silk Road. I found it interested and have posted it below. You can find out more about the people sponsoring the infographic HERE.

Continue reading →

Rating: 5.0/5 (1 vote cast)

Fine-tuning Snort rules in Security Onion

Posted on November 11, 2013 by admin

A few weeks ago Aamir Lakhani put up a blog post on how to install and configure Snort on Security Onion with Snorby. Since the release of the article He has received numerous requests on how to disable some of the rules. Here is a post on tuning by Aamir. The original post can be found HERE.

If you followed the article, The Ultimate Guide to Installing Security Onion with Snort and Snorby, you are no doubt seeing quite a few events on your Snorby dashboard.

Before you begin, make sure you have root privileges. Type in sudo –i to get root privileges. Continue reading →

Rating: 0.0/5 (0 votes cast)

RSA Europe talk on Emily Williams found on PCWorld, Yahoo news, Cio.com and other sources

Posted on October 31, 2013 by admin

My buddy Aamir Lakhani and I performed a penetration test using social media sources (Facebook and LinkedIn) as a method to compromise users from our target. You can find more about our project aka Emily Williams HERE and HERE as well as at www.drchaos.com. Continue reading →

Rating: 5.0/5 (1 vote cast)