Filters:

  • Technologies

  • Instructors

  • Category: Security

    The Best Anti-Phishing Tool in the Enterprise… Is Free!

    Phishing is a combination of social engineering and technology that tries to trick users into disclosing sensitive information. You’re probably already familiar with the stereotypical Nigerian Prince email – an unsolicited email from an unknown sender identifying himself as a Nigerian Prince and offering to pay you to help him transfer his money to your … Continue reading The Best Anti-Phishing Tool in the Enterprise… Is Free!

    Security+ SY0-301 versus SY0-401 and other questions

    The SY0-401Security+ exam went live in April 2014, though you may still take the SYO-301 exam through December 31, 2014. In either event, the Security+ credential is now a Continuing Education certification such that you will want to update your knowledge and skill sets regardless of the exam version you initially pass. While teaching our … Continue reading Security+ SY0-301 versus SY0-401 and other questions

    Using Nmap to Reconnoiter the DMZ and Perimeter Networks

    The importance of reconnaissance in vulnerability discovery and penetration testing is usually overlooked. Network security personnel with little training or experience will often begin their analysis by finding a few target systems and immediately attempt to compromise their security with user/password logins and vulnerability penetration tests. These premature attempts to compromise pseudo-random hosts are likely … Continue reading Using Nmap to Reconnoiter the DMZ and Perimeter Networks

    Using WebRipper to Examine Website Content

    A skilled attacker usually begins an attack by performing detailed reconnaissance. Recon is critical to a comprehensive attack as it yields information about the target network, hosts, personnel, publicly accessible assets, and a host of other data. One of the easiest targets is a website. Websites are, by design, highly accessible and loaded with data. … Continue reading Using WebRipper to Examine Website Content

    Using SuperScan to Reconnoiter an Internal Network

    The importance of reconnaissance in vulnerability discovery and penetration testing is usually overlooked. Network security personnel with little training or experience will often begin their analysis by finding a few target systems and immediately attempt to compromise their security with user/password logins and vulnerability penetration tests. These premature attempts to compromise pseudo-random hosts are likely … Continue reading Using SuperScan to Reconnoiter an Internal Network

    A Malware Recovery Scenario – Hacktool

    A former student sent me an email requesting assistance with a computer issue. Microsoft Security Essentials continued to post the message “error warning: HACKTOOL:WIN32/Keygen”. Hacktool malware was quarantined. Other symptoms started to appear. Following appropriate guidance, the student looked into the event viewer. The most often repeated error that the student noticed was “The driver … Continue reading A Malware Recovery Scenario – Hacktool

    Using the Low Orbit Ion Cannon for Denial of Service Testing

    A very common attack technique in use today is the Denial of Service (DoS) attack. DoS attacks are effective in degrading the performance of targeted systems, effectively taking them offline and preventing legitimate system use. A typical DoS attack goes like this: The attacker identifies one or more computers on the Internet as targets The … Continue reading Using the Low Orbit Ion Cannon for Denial of Service Testing

    The Internet Explorer patch – Setting the record straight

    News, background, and alternatives regarding the recent Internet Explorer “Day Zero” attack are spread across the Internet.  Confusion continues, so we decided to help set the record straight for our customer/readers. Step one, be careful what you read and interpret, including within this blog. Despite our care and research, we continue to find additional information … Continue reading The Internet Explorer patch – Setting the record straight