How secure is your network?

David Dodd

Subscribe to David Dodd: eMailAlertsEmail Alerts
Get David Dodd via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by David Dodd

Nessus is a vulnerability scanner program; it is free for personal use using the nessus for home. They also have a nessus for business which requires a fee. I will be discussing the nessus for home use and using it with the popular metasploit framework. Acquire the latest release of nessus homefeed Nessus-4.4.1-ubuntu1010_i386.deb and register for the activation code. Follow the instructions listed in the document ion for installing with Ubuntu and start to configure. Nessus daemon cant be started until nessus has been registered and the plugin download has occurred. $ sudo /opt/nessus/bin/nessus-fetch –register 'registration code from nessus' Add user $ sudo /opt/nessus/sbin/nessus-adduser Make cert $ sudo /opt/nessus/sbin/nessus-mkcert Start the nessus Daemon $ sudo /etc/init.d/nessusd start Open up web browser to https://localhost:8834, login and complete a policy ... (more)

Tutorial: OpenSSL Command

The OpenSSL is based on SSLeay library developed by Eric A. Young and Tim J. Hudson and licensed under an Apache-style license. OpenSSL has lots of features but I will cover encoding, checksums, encryption, passwords and pass phrases. Many Linux distributions have OpenSSL as part of the bundled packages and is most likely located in /usr/bin. To find it on your system type: $ which openssl /usr/bin/openssl $ openssl version OpenSSL 1.0.0a 1 Jun 2010 Versions may vary and currently openssl-1.0.0d Feb 8 is the current version. Most of the examples that are found in this document sh... (more)

Malware Analysis | Part 1

Having your network environment protected with the latest virus protection, control what software is installed and allowed to run, restrict ingress and egress network access, protect web browsing, limit user account access, update security patches, change management practices, etc. All these efforts are critical to follow in the corporate environment but all will fall short if you don't have the proper monitoring in place to detect badness on your network and to respond quickly and effectively when it happens. When your network has the proper monitoring in place and knowledgeable... (more)

Malware Analysis | Part 2

In a previous article [1], I described how to obtain a memory image from a Windows computer that would allow forensic analysis. I briefly discussed using F-Response TACTICAL [2] to get the memory image, and then Volatility [3] and Mandiant Redline [4] for further investigation. In this paper, I dive more deeply into Redline and Volatility. To begin, I review a raw memory dump of a known malware variant (see the "Malware Image" box) with Mandiant Redline. After firing up Redline, I chose By Analyzing a Saved Memory File under Analyze Data and browsed to the location of the memory... (more)

Gitrob on the Network | @ThingsExpo #BigData #IoT #M2M #Security

Gitrob on the Network Developers generally like to share their code, and many of them do so by open sourcing it on GitHub, a social code hosting and collaboration service. Many companies also use GitHub as a convenient place to host both private and public code repositories by creating GitHub organizations where employees can be joined.  Sometimes Employee might publish things that might be sensitive in nature and these things might lead to compromise of a system. Gitrob is a tool that Michael Henriksen developed that scans the github repositories and match filenames against a ra... (more)