-
putosusio replied to the topic Firesheep Details?? in the forum Network Pen Testing 10 years, 5 months ago
The more secure sites stay in https, for example banking and e commerce sites. Usually social networking, some email sites, and forums don’t because security isn’t a concern. A good way to protect yourself is to use different passwords for different sites, even if they’re off by just a character or two.
-
putosusio replied to the topic Steps to be taken during an outbreak in the forum Incident Response 10 years, 5 months ago
Whatever you do, don’t act too quickly. There may be an APT in your organization. A blog post on Mandiant’s website explains it better: http://blog.mandiant.com/archives/1525
-
putosusio replied to the topic My father is hacking me?! in the forum Incident Response 10 years, 5 months ago
reformat and be done with it.
simple and effective.
p.s. if your dad was a NSA cracker, you’re screwed.
-
putosusio replied to the topic VoIP Hacking in the forum Incident Response 10 years, 5 months ago
Is this a home VOIP solution or an enterprise VOIP?
-
putosusio replied to the topic Hacking DOJO in the forum Network Pen Testing 10 years, 5 months ago
@Grendel wrote:
I hate programming as well. Over time I have found that (unfortunately) understanding programming becomes more important in more advanced skills, especially reverse engineering. It’s just one of the essentials that cannot be avoided. >:-/ I wish it could be – I started out as a perl jockey since that was the most that was…
-
putosusio replied to the topic Firesheep Details?? in the forum Network Pen Testing 10 years, 5 months ago
See if this helps answer your questions, http://www.schneier.com/blog/archives/2010/10/firesheep.html
If not, how about you do a write up about it for the EH community answering the questions you posted. I know I’d be interested to know more.
-
putosusio replied to the topic Understanding Man-In-The-Middle Attacks in the forum Network Pen Testing 10 years, 5 months ago
@infoseci wrote:
Coming soon we will demonstrate how to perform a MitM attack against SSL encrypted sessions.
… do I smell SSLStrip?
-
putosusio replied to the topic Registration Suggestions in the forum News Items and General Discussion About EH-Net 10 years, 5 months ago
If you’re going to get into security, you might as well learn now; Security (the 8 mix character requirement) is not easy. If it was, everybody would be doing it and we would be out of a job.
-
putosusio replied to the topic [Article]-October 2010 Free Giveaway Sponsor – McGraw-Hill in the forum News Items and General Discussion About EH-Net 10 years, 5 months ago
Getting past the interview will be the issue. The CISSP or any other cert will do you no good if you can’t do what it says your suppose to be able to do. There is no substitute for experience.
-
putosusio replied to the topic HI! New guy Here in the forum News Items and General Discussion About EH-Net 10 years, 5 months ago
facsimil3 are you just starting your computer education or are you already taking classes?
-
putosusio replied to the topic The True Power a Hacker Possesses in the forum News Items and General Discussion About EH-Net 10 years, 5 months ago
Another good way to learn is to build yourself a computer lab. One machine with VMs will do just fine.
-
putosusio replied to the topic Have I been hacked by the chinese? in the forum Forensics 10 years, 5 months ago
kaizen:
I didn’t mean to suggest that the Chinese government are responsible. I mentioned the chinese because most of the domains that were resolved were .cn domains.
The webistes I visited were from well know companies, i.e. Microsoft, VMware, Citrix, etc. If I was infected by malware it had to have come from such a website. I would just…[Read more]
-
putosusio replied to the topic Have I been hacked by the chinese? in the forum Forensics 10 years, 5 months ago
MaXe:
I do have wireshark and know how to follow the tcp stream. That’s what I was thinking about doing. I haven’t used Snort before, but do know about it. Learning a new tool is always a good thing anyway. I’m planning on disconnecting my modem and seeing where the malware is trying to call home to.
However, that won’t tell me where this t…[Read more]
-
putosusio replied to the topic Is it possible to have a keylogger and Avast running at same time? in the forum Malware 10 years, 5 months ago
make it easy, create and account for your roomate with no privledges.
-
putosusio replied to the topic REMnux: A Linux Distribution for Reverse-Engineering Malware in the forum Malware 10 years, 5 months ago
Unfortunately, I may need to this soon.
Curse you chinese hackers … well thank you in a sort of twisted way. At least the malware is on a test system.
-
putosusio replied to the topic Security+ Before CEH in the forum General Certification 10 years, 5 months ago
I plan on taking the CISSP in Dec this year. Get a one year credit for having the Sec+ cert is definitely a plus.
One word on the topic of this thread, Certs only mean you passed a test, it doesn’t mean you can apply the material in the “real world”. Focus should be placed equally on gaining experience. After all, if you don’t get hired in the…[Read more]
-
putosusio replied to the topic Windows 7 Password Retrieval in the forum Forensics 10 years, 5 months ago
Konboot and Cain and Abel are both great tools. I’ve used them with plenty of success many of times.
Cain and Abel will need admin access when used over the network to access the admin$ share. Since he doesn’t have it, it will not help.
Another way to go about getting the current admin password is to use metasploit to exploit a vulnerability…[Read more]
-
putosusio replied to the topic Mikrotik server blocking Nmap ?? in the forum Network Pen Testing 11 years, 8 months ago
check the nmap forums. there are ways to bypass firewalls. also, the nmap book is a great resource.
-
putosusio replied to the topic Need Some Advice on Exploits!! in the forum Network Pen Testing 11 years, 8 months ago
get metasploit, best of all its free.
-
putosusio replied to the topic Programming for Network Security analyst? in the forum Programming 11 years, 8 months ago
Try what awesec has suggested. A google search will get you all the info you need.
I like webgoat because its more than just a book that teaches you theory, it actually has hands on labs that will reinforce the lessons.
- Load More