My Buddy Aamir Lakhani wrote a awesome Installation guide for kali Linux. This is a updated version of what is available in our book. Check out the original post HERE via www.drchaos.com
Introducing kali Linux
The creators of BackTrack have released a new, advanced penetration testing Linux distribution named kali Linux. BackTrack 5 was the last major version of the BackTrack distribution. The creators of BackTrack decided that to move forward with the challenges of cyber security and modern testing a new foundation was needed. Kali Linux was born and released March 13th 2013. Kali Linux is based on Debian and an FHS-Compliant file system. Continue reading →
I published an article for PenTest magazine’s November 2013 issue. The article is titled “Launching Social Media Based Attacks”. Below is the introduction from the article. You can find the complete article at http://pentestmag.com/. Continue reading →
A few weeks ago Aamir Lakhani put up a blog post on how to install and configure Snort on Security Onion with Snorby. Since the release of the article He has received numerous requests on how to disable some of the rules. Here is a post on tuning by Aamir. The original post can be found HERE.
My buddy who wrote the Kali Linux book with me released another short book on setting up XenMobile. I was one of the reviewers for this and believe it is a great guide for anybody looking to configure a new XenMobile environment. You can find the book HERE as well as Amazon, Barns & Noble or other online resellers.
Mobile Device Management or MDM has become a very popular topic following the smart phone and tablet market explosion (more on this found HERE). Everybody seems to own a range of mobiles devices making provisioning wireless and maintaining security a ongoing challenge. To address this demand, a handful of vendors have developed mobile device management solutions to provide these and other capabilities. Continue reading →
I had a article published in PenTest Magazine earlier this year. Enough time has passed so I’m now able to post the entire article on my blog. You can find the original article in the PenTest Mag extra titled Backtrack Compendium found at http://pentestmag.com/. Continue reading →
For those not following recent technology news, Cisco just acquired Sourcefire for 2.7 billion dollars. This has generated a ton of interest in Sourcefire and something I’ve been hammered on the last few weeks being a Cisco engineer responsible for security. As a result, I’m posting a summary of what Sourcefire is all about.
NOTE: Expect changes as Cisco and Sourcefire merge. Also assume I may be off on some areas as I’m still learning the technology. Continue reading →
Here is a interesting post from Billy Austin found on www.drchaos.com HERE
What 3rd party apps do remote workers have installed?
Remote workers are nothing new, but the challenge of hunting down employees on-the-go and assessing these devices can be a task in and of itself. With the increase of cyber incidents triggered by remote connectivity & insecure 3rd party apps, one would think these devices are in-scope for security and compliance quarterly checkup scans. After speaking with security and auditing colleagues, it proved to be quite the opposite. Continue reading →
I recently posted about how to setup a Cisco ASA CX lab HERE. I ended the last post once I had access to the ASA CX GUI via local PRSM. This post will focus on configuring CX once its operational, review the local management GUI and creating some basic policies.
The ASA and CX module act as two separate systems exchanging traffic through policy maps. Unlike proxy-based solutions, all ports can be included in a security policy aka an Application Layer / Next Generation Firewall function. This post will touch upon enforcing Internet use policies such as denying gambling websites, viewing application layer traffic, blocking applications such as YouTube and monitoring for security threats leveraging Cisco’s global correlation engine via Cisco Security Intelligence Operations (SIO). Continue reading →