charlottebandit

@scucci wrote:

We’re currently a small shop and we’ve been running a large external Intrusion Prevention system by ISS. We’re currently a small to medium sized company and we’ve run into issues with the IPS before. Due to it being external we’ve had an issue with the way our firewalls are setup running traffic through it. I’m also looking to…

[Read more]

Does the A/V equipment need access to the Internet?  What about the internal network?  Just wondering about that.  Also, are you just running AP’s autonomously, or is it in a Controller environment?

I would make sure access to the network is done within a DMZ off the firewall.  From there, they won’t have access to the internal network wit…[Read more]

@sh4d0wman wrote:

You could try some of the following attacks:
– Arp spoofing
– Vlan hopping
– Double tag vlan hopping
– Mac overflow attack
– Spanning Tree attack

Look at the Allied Telesys website for attack info.
From the main page choose, “Solutions”, and then “Lan Security”. In the drop down menu you will find a summary of above listed…

[Read more]

Data leakage is a huge concern in various vertical markets such as finance, healthcare, and public companies.  To combat that while teaching users on the importance of it is found in solutions that focus on Endpoint Security. 

There are several EPS vendors out there although I’m mostly familiar with Cisco Security Agent.  Apart from focusing on…[Read more]

@cleanwithit0607 wrote:

Hello all. I’m writing an article about securing wireless in a HIPA enviroment. I have a few topics that I’m going to talk about, let me know if I need to add anything.

-Types of attacks, and why you should secure it in a Hipa enviroment.
-Roaming Security.
-Types of…

[Read more]

@RoleReversal wrote:

When (if) my funds improve I’d also like to expand outside of the virtual lab with some cisco switching/routing hardware and some wireless to try some of the blended attack scenarios outlined in the pentest perfect storm series.

That would be a good thing because there’s so many security countermeasures you could do JUST…[Read more]

THat’s a sweet deal then.  If you could find another with a little more RAM, you would be set because you’ll want to allocate more than 1GB per image for functionality.

Not only that, but this could also be a platform for you to either get your RHCE or MCSE if you want which is why I suggested more RAM.  Either way, it’s a sweet deal.

Just w…[Read more]

Cisco just had ACS 5.0 come out which is a complete overhaul for AAA services.  What used to look like Windows 3.1 now looks sheek and slick.  Much more functionality too. 

Also waiting to get my hands on their new Spam & Virus Blocker product which was designed by Ironport for ALL Cisco partners.  It’s supposed to have a 99% accuracy catch rat…[Read more]

The thing with pentesting, is that you need SOMETHING to assess whether it’s a service or network.  What I mean for service is whether it’s a web server, database server, data center, web services, or even an IP voice solution.  By assessing the network, I mean attempting to assess targets through a real switch, real router, and multiple other s…[Read more]

What kind of images are you planning to run on it?  Sounds like fun. 

Excellent post Simon!  You’re right that most web app f/w’s work off blacklists which doesn’t allow much room for proactive thinking.  Although you can enter in your custom scripts, most wouldn’t know how to do that nor have the time to look into that.

Pretty cool vid.  The NERV truck was high-speed as hell! 

GCIH is primarily focused on Incident Handling which is a solid subject to focus on, although you may be better off focusing on GPEN (Network pentesting) and GWAPT (Web Application Pentesting) which is more of what you’re looking for.

Now of course most of these tracks assume little to no security to pull these off so I would also suggest strong…[Read more]

Silxp gave a great response.  You said that you have 24 months to learn?  Wow!  You should be able to knock out the RHCE, RHCSS, CCSP, and either CEPT or LPT for a position into the security realm.  Once there, then go forth and conquer!

As for the possible bankruptcy, that will kill your clearance even though they “say” it’s a case-by-case dea…[Read more]

There is a lot of liability for pentesting positions which is why it usually requires tons of experience not only on the pentesting side, but also excellent knowledge in several of these areas:  systems, networks, databases, web apps/services, secure programming, security hardware, and forensics.  So in order to get the experience with the above c…[Read more]

@scottr wrote:

How secure is 802.1x? Is it as easy to bypass as port security using mac addresses? Can you spoof the SID of a computer and join to the network or is there further verification that is done through the RADIUS server outside of just the machine or user SID? I am about to dig in and research this further but I figured this would be a…

[Read more]

@dynamik wrote:

Nice to see you too! I’m a little intimidated by the level of technical proficiency here, so I’m probably just going to lurk for the most part 😉

Don’t be intimidated dynamik.  Nobody knows everything and all of us had to start somewhere too.  Not only that but we’re able to share ideas and techniques here.

🙂

Somebody’s tail is being reamed bigtime right about now. 

A little here and there but mostly stuff from work since we work lots with Cisco stuff. 

Not to say that wlan pen-testing is a dead subject however the enterprise-class wireless manufacturers have already migrated to 802.11n (draft-n) over G-networks.  For the most part, b-band is rarely seen because of the security implications.

Having said that, more 802.11n enterprise-class APs are integrating security features to provide an…[Read more]