Tweet I am starting a series of blog posts that detail security related strategies, penetration testing and best practice methodologies. To start our series, I am going to delve into the world of SQL injection techniques and a general overview for those who are looking to learn a little more about this method of injection. [...] Read More
Scheduled antivirus scans to prevent viral injections on user generated content
Tweet When dealing with high traffic sites, especially media based or community based sites, there is always the risk of javascript, virus, XSS or other malicious injection of badness when giving a community of users the ability to upload files to your site. There are several things to consider when evaluating all “points of entry” [...] Read More
Shell Script to Report On Hacking Attempts
It is always a good idea , when implementing open source firewall implementations (iptables, pf, etc), to build in as much reporting and verbosity as possible. Somewhere along the line, we wrote a script to provide daily reports on intrusion attempts to penetrate our network -- this usually happens when someone exceeds certain connection thresholds. Read More
Network Audit Bash Script Using Netbios and Nmap
In order to quickly audit a network , I created this bash script to scan selected IPs, read from a configuration file, and compile a simple report to be emailed. The script can be modified to suit your needs, such as exporting the data to a database or perhaps an HTML report for a web based reporting site. Read More
Testing for weak SSL ciphers for security audits
Weak ciphers allow for an increased risk in encryption compromise, man-in-the-middle attacks and other related attack vectors. Read More
Detect ARP poisoning on LAN
Occasionally during security audits it may be necessary to check your LAN for rogue machines. All the potential rogue machine in your LAN needs to do is poison your ARP cache so that the cache thinks that the attacker is the router or the destination machine. Read More
Creating a FreeBSD wireless access point
To set up a wireless access point using FreeBSD, you need to have a compatible wireless card. We are using a Prism 2-based chipset. For a complete list of cards that are supported, consult the man page for wi, or visit the Wireless Network Interface Section of the FreeBSD documentation site. Read More
Monitoring raw traffic on a Juniper Netscreen
Tweet Occasionally I will run into situations where the only way to definitively diagnose network related problems is to perform raw traffic dumps on a main internal / external interface. The reasons for needing to perform this could be anything. I thought I’d share the quick and easy steps to perform in order to do [...] Read More