CadillacGolfer

Forum Replies Created

Viewing 14 reply threads
  • Author
    Posts
    • #38635
      CadillacGolfer
      Participant

      If I understand you correctly, this may be a NATing issue.

    • #37200
      CadillacGolfer
      Participant

      I had a friend that got divorced last year.  One day, while they were still married but seperated and heading toward divorce, he brought a laptop over to my house.  They both used this laptop.  He asked me to find information about his wife’s affair in email or anywhere else on the laptop.  I politely declined his request.  No way I wanted to get involved in that.

    • #33243
      CadillacGolfer
      Participant

      I wonder if the quantum encryption termination point is protected with a password that is something really hard like “password”  ;D

    • #29611
      CadillacGolfer
      Participant

      I agree with ZeroFlaw, your orignal question was which computer this was coming from.  You now have an IP address and should be able to track it down.  Your audting should show when the file is deleted and which machines had logegd in using that username, then do process of elimination

    • #29565
      CadillacGolfer
      Participant

      wonder how the pentagon will feel after this

      http://thelede.blogs.nytimes.com/2010/03/03/israeli-raid-canceled-after-facebook-leak/

      Unfortuantely no manner of training will help people like this

    • #29603
      CadillacGolfer
      Participant
    • #26956
      CadillacGolfer
      Participant

      Nookie, one thing to remember is that pass the hash does not crack the password…you are passing the hash to avoid needing to crack the password

    • #26811
      CadillacGolfer
      Participant

      ““Credit unions are not authorized to create facsimile documents bearing NCUA logos or signatures, or to improperly represent communications from NCUA, even during the legitimate conduct of business, such as a computer security assessment,” the organization said.”

      yeah, I’m sure real bad guys will honor the logo copyright  😉

    • #22001
      CadillacGolfer
      Participant

      Was the solution and the winners ever posted for this?

    • #23664
      CadillacGolfer
      Participant

      Use fgdump which should export the cached credentials (note, you do need to run fgdump against the machine with admin privs), then use John The Ripper or your favorite password cracker.

    • #21877
      CadillacGolfer
      Participant

      Disabling SSID doesn’t gain you much.  When a client tries to connect it will pass the SSID in clear text to the AP.  However, that being said, at least it won’t show up for any nosey non techie neighbors to see.  MAC filtering, again from a strict security perspective gains you nothing.  If you can sniff the traffic between a client and the AP, the MAC addies are passed in clear text.  Though it will prevent someone from inadvertantly connecting to it.  Make sure your PSK is 20+ non dictionary word characters and you change the SSID name from its default to something unique.  If you leave the SSID the default linksys, or wlan, or netgear or simlar commonly used SSIDs and have a dictionary word for your PSK you would be susciptable to cowpatty table attack.  and use WPA2 instead of WPA if you can.  Some recent weaknesses have been discovered in WPA, but to be honest, I don’t know if the attack is practical yet or not or if there are any tools to do so. 

    • #17795
      CadillacGolfer
      Participant

      I think as far as compliance, whether it be SOX, PCI, or whatever it all depends on your/your comapny’s approach to it.  If all you want it to be is an excercise in checking off boxes, then that is all you will get out of it.  Failings of FISMA seem to ring a bell.

      If you use complaince to drive real beneficial security changes in an organization, you reap the rewards.  I’m not saying its easy to do, but it can be done.

    • #15230
      CadillacGolfer
      Participant

      Hi Davekoob,

        Cool, I’ll be taking the pen testing class as well, see you then 🙂

        As far as being able to gauge what the other students are thinking/feeling, it depends.  @home now uses a virtual classroom software program that will display the presentations and stream the audio.  It also has a chat feature which the students use to ask questions.  So if the students are willing to “speak up” in the chat, then you’ll get a sense of what they’re thinking/feeling, otherwise you obviously can’t see the expressions on the students faces.  The virtual classroom is a lot better than when I first took the incident handling course – back then questions to instructor were via AOL instant messenger – which Ed was good about reading the questions aloud, but you didn’t see the question yoruself.

      The hands on part – again, it depends – on how they set the pen testing course up.  When I took the incident handling class a few years ago, the weekly course work you had to do off-line on your own (testing on your own test network, etc) – however, the last two weeks of class, you actually got to VPN into a SANS test network and play a capture the flag game by trying to penetrate some of their servers.  So it depends on how this class is being set up – I’m not sure if we’ll have VPN access into SANS test network every week, or if again, it will be saved for the last few weeks – or – if the DVD they are setting up will have everything completely virtualized to allow for localized pen testing.

      So you might want to contact Ed via SANS as to how the hands on part will be handled if you have concerns.

      John

       

    • #15227
      CadillacGolfer
      Participant

      I’ve taken several SANS@home course and thought they were all great, especially the GCIH class with Ed Skoudis, he’s an amazing instrustor.

    • #16306
      CadillacGolfer
      Participant

      oh, and we obviously asked the third party to remove from their website and determine how it got exposed in the first place.

Viewing 14 reply threads

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?