Wednesday, December 17, 2008

xss filtering

http://directwebremoting.org/blog/joe/2008/12/04/xss_filtering.html

blackberry security

http://www.networkworld.com/news/2008/121708-5-ways-to-secure-your.html?page=1

gifar

http://xs-sniper.com/blog/2008/12/17/sun-fixes-gifars/

Tuesday, December 16, 2008

Afterglow and TShark

Fun with tshark (wireshark) command line


Submitted by daryl on Mon, 11/24/2008 - 23:33



* sniffer


* tshark


* visualization


* wireshark



Get csv output of source and destination IP addresses from a pcap (wireshark or tcpdump) capture file.



tshark -r file.pcap -T fields -E separator=, -e ip.src -e ip.dst



Creates a file similar to:




192.168.1.105,192.168.1.120


192.168.1.105,192.168.1.120


192.168.1.120,192.168.1.105


192.168.1.120,192.168.1.105


72.14.247.83,192.168.1.105


192.168.1.105,72.14.247.83


72.14.247.19,192.168.1.105


192.168.1.105,72.14.247.19


192.168.1.105,74.53.76.3


74.53.76.3,192.168.1.105


192.168.1.105,72.14.247.83


72.14.247.83,192.168.1.105



Then if you have afterglow installed you can create a visualization of the source and destination information by doing the following:



(from the $HOME/afterglow/src/perl/graph directory)



tshark -r file.pcap -T fields -E separator=, -e ip.src -e ip.dst | perl afterglow.pl -c color.properties > file.dot



This creates a filter of the data for drawing a direct graph using neato.



Now using neato create a gif file to display a visualization of the data.




neato -Tgif -o test.gif ./file.dot

Security thoughts

1. Good end point security assumes the network is hostile.



2. Good network security assumes the end point is hostile.



3. Good data security assumes the user is hostile.



Thursday, December 11, 2008

Creating a Patch and Vulnerability Management Program

http://csrc.nist.gov/publications/nistpubs/800-40-Ver2/SP800-40v2.pdf

Wednesday, December 10, 2008

secure switch

http://secureswitch.com/SecureSwitch.htm

pass thru authentication

windows trust model
online password generator

password generator

Sunday, December 7, 2008

How to correct "disable Autorun registry key" enforcement in Windows

http://support.microsoft.com/kb/953252

router forensics

http://sansforensics.wordpress.com/2008/11/24/cisco-router-forensics/

pen test tool site

http://www.toolcrypt.org/index.html

Saturday, December 6, 2008

excel port scanner

http://www.cqure.net/wp/hedgehog/

secure os separation

http://www.ghs.com/products/rtos/integritypc.html

Friday, December 5, 2008

tcp tools

http://www.comlab.uni-rostock.de/research/tools.html

Wednesday, December 3, 2008

another enterprise password manager

http://www.passlogix.com/products/v-GO_sharedaccountsmanager/benefits/

enterprise password tool

http://www.liebsoft.com/index.cfm/products?id=360

wireshark network traffic filters article

how to write wireshark filter

security visualisation articles

secviz

rsa tutorial

http://scienceblogs.com/goodmath/2008/12/public_key_cryptography_using.php

backup cartoon

http://raistlin.soup.io/post/8405140/Image

incident handling cheat sheets

http://www.zeltser.com/network-os-security/security-incident-survey-cheat-sheet.html



http://www.darkreading.com/blog/archives/2008/12/cheat_sheets_fo.html



http://www.zeltser.com/network-os-security/security-incident-questionnaire-cheat-sheet.html

network separation solution

http://www.networkworld.com/news/2008/120208-unisys-stealth-encryption.html?fsrc=rss-security

 
Copyright 2009 Security Monkey. Powered by Blogger Blogger Templates create by Deluxe Templates. Sponsored by: Website Templates | Premium Themes. Distributed by: blog template