Welcome!

How secure is your network?

David Dodd

Subscribe to David Dodd: eMailAlertsEmail Alerts
Get David Dodd via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from David Dodd
Developers generally like to share their code, and many of them do so by open sourcing it on GitHub, a social code hosting and collaboration service. Many companies also use GitHub as a convenient place to host both private and public code repositories by creating GitHub organizations ...
We show you how to dig deep to find hidden and covert processes, clandestine communications, and signs of misconduct on your network. In a previous article [1], I described how to obtain a memory image from a Windows computer that would allow forensic analysis. I briefly discussed us...
Incident response involves addressing and managing the security events on a network and the execution of proper responses to those events. The end game is to limit the damage and reduce recovery time and costs. This is achieved with the implementation of an incident response plan tha...
Once you have successfully exploited a target machine you may be faced with a common dilemma that many penetration testers have, do I have shell access or terminal access? Both are not the same and careful knowledge must be used when interacting with a shell access vs. terminal access...
Wireshark doesn’t just work in real time. If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence. Intrusion detection tools that use the libpcap C/ C++ library [1] for network traffic capture...
The powerful Metasploit framework helps you see your network as an intruder would see it. You might discover it is all too easy to get past your own defenses. The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework incl...
A penetration tester simulates an attack on a customer’s network by trying to find a way inside. Many such attacks begin using a scanning tool, such as NeXpose, Nessus, or Nmap, to look for network vulnerabilities; however, several of the leading Intrusion Detection/Protection systems ...
Tcpdump is a widely used and powerful tool that captures, parses, and analyzes network traffic. Created by the Network Research Group at Lawrence Berkeley National Laboratory, Berkeley, California, tcpdump (http://www.tcpdump.org) is deployed with libpcap (a C/C++ library for network t...
The purpose of this article is to describe some tools and techniques in performing the planning, scoping, and recon portion of a penetration test. In covering these tools and techniques the reader will learn how to use them to find vulnerabilities in their organization and help improve...
The goal of the scanning phase is to learn more information about the target environment and discover openings by interacting with that target environment. This article will look at some of the most useful scanning tools freely available today and how to best use them. During this proc...
In a switched network environment packets are sent to their destination port by MAC address. This requires that hardware be able to create and maintain a table associating MAC addresses to ports. In a switched environment packets are only sent to devices that they are meant for. Eve...
The OpenSSL is based on SSLeay library developed by Eric A. Young and Tim J. Hudson and licensed under an Apache-style license. OpenSSL has lots of features but I will cover encoding, checksums, encryption, passwords and pass phrases. Many Linux distributions have OpenSSL as part of ...
I will demonstrate how to ARP poison a connection between a Windows 7 and Windows 2008 R2 Server using Cain. The Microsoft Remote Desktop Protocol (RDP) provides remote display and input capabilities over network connections for Windows-based applications running on a server. RDP is ...
Ever wondered how to use the autopwn feature in Metasploit on Unbuntu? Want to run nessus from within metasploit? What database should I use: sqlite3 or postgres? I will explain the benefits of both. Nessus is a vulnerability scanner program, it is free for personal use using the ness...
We are using the local port forwarding bound on a victim host so when we execute the route command and exploit internal hosts we can map them back to our initial victim, through the meterpreter connection and back to us. The Metasploit Framework is a penetration testing toolkit, explo...