Welcome!

How secure is your network?

David Dodd

Subscribe to David Dodd: eMailAlertsEmail Alerts
Get David Dodd via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by David Dodd

Having your network environment protected with the latest virus protection, control what software is installed and allowed to run, restrict ingress and egress network access, protect web browsing, limit user account access, update security patches, change management practices, etc. All these efforts are critical to follow in the corporate environment but all will fall short if you don't have the proper monitoring in place to detect badness on your network and to respond quickly and effectively when it happens. When your network has the proper monitoring in place and knowledgeable engineers to monitor for outbreaks you will begin to have better visibility of how network traffic flows in your environment. When you understand how traffic flows on your network you can respond better when badness happens. I will demonstrate how to use a number of tools to analyze a memory... (more)

Capture File Filtering with Wireshark

Intrusion detection tools that use the libpcap C/ C++ library [1] for network traffic capture (such as Snort [2] and Tcpdump [1]) can output packet capture information to a file for later reference. The format of this capture file is known as pcap. By capturing packet data to a file, an investigator can return later to study the history of an intrusion attempt – or to turn up other important clues about clandestine activity on the network. Of course, the traffic history data stored in a pcap file is much too vast to study by just viewing the file manually. Security experts use spe... (more)

Performing a Penetration Test on a Customer’s Network

When performing a penetration test on a customer’s network by simulating an attack and trying to find a way inside many forget there is an easier way. Many networks have well established security protection through firewalls, Intrusion Detections/ Protections Systems that will alert to your presents. Performing a vulnerability scan using tools such as NeXpose, Nessus, nmap, etc will alert many systems. By performing some research on the target and learn what the company does you can narrow your attack. By using some social engineering you can email your payload to an inspecting v... (more)

Post Exploitation Using Metasploit Pivot and Port Forward

The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task. A very nice feature in Metasploit is the ability to pivot through a Meterpreter session to the network on the other side. This tutorial walks you through how this is done once you have a Meterpreter session on a foreign box. We begin right after a client sid... (more)

Pen Testing with Netcat

Shell access on a Unix-type server is access to send commands to a target as a user of the system and get a response back (standard input to a shell and standard output from that shell). This shell service is limited and some commands will work and other will not. Window shell access has a similar limited command structure and this article will explore how to navigate and give some interesting tips hopefully as well. A tool that can demonstrate this is netcat as I will illustrate below using netcat for shell access on a windows target. On a windows machine open up a command prom... (more)