IT Trenches:

Security


January 26, 2010  1:28 PM

Nmap 5.20 released – 150+ improvements



Posted by: Troy Tate
fingerprinting, information security, information security administration, network administration, network scanning, network toolkit, nmap, os fingerprinting, os identification, penetration testing, Security

In July 2009, Fyodor released Nmap 5.0 with over 600 changes.This was the first major release since 1997. On January 20, 2010, Nmap 5.20 was released with an additional

January 22, 2010  7:34 PM

Sure you can use my security context – exploit me!



Posted by: Troy Tate
exploit, group policy, information security, least user authority, lua, Microsoft, principle of least privilege, security bulletin, vulnerability

I recently blogged about the fact that the initial reports of the Google Aurora attack focused on Internet Explorer version 6. Some...


January 21, 2010  9:57 PM

Google Aurora attack focused on IE6 – does anybody do autoupdates anymore?



Posted by: Troy Tate
attack, Aurora, fixes, Internet Explorer, malicious software, malware, Microsoft, patch, patch management, threat, update, vulnerability

Maybe you have heard about the recent


January 21, 2010  7:23 PM

How small is your netbook? How about a PC on a stick?



Posted by: Troy Tate
information security, machine emulation, portable application, remote access, remote user, secure computing, Security, USB, virtual machine

I know that there are ways to run ISO's from a USB memory stick using the QEMU processor emulator open source software. It's pretty cool if you haven't tried it. Now, according to


January 15, 2010  7:33 PM

Recipe for malware infection – 10 steps



Posted by: Troy Tate
antivirus, attack, firewall, information security, information security awareness, malware, patching, security awareness, social engineering, updates, zero day

For certain malware infection follow these steps: 1. Do not apply operating system patches. 2. Do not apply application patches. 3. Do open emails from unknown sources. 4. Do open attachments on emails from unknown sources. 5. Do open unexpected attachments appearing to be from known...


December 18, 2009  7:58 PM

Search engine for telnet, ftp, ssh and http brings hackers closer to your doorstep



Posted by: Troy Tate
ftp, http, information security, infosec, malware, network, network protection, reconnaisance, scanning, search, search engine, ssh, telnet, web

Google is obviously a great tool for everyone including hackers. If you have never heard of Google Hacking, then I highly recommend you take a look at what might be exposed and found through a Google search. This

Bookmark and Share     0 Comments     RSS Feed     Email a friend


December 18, 2009  7:28 PM

Using PsExec to fight malware



Posted by: Troy Tate
antivirus, malicious software, malware, Microsoft, Microsoft Sysinternals, psexec, remote administration, Sysinternals

The excellent Sysinternals Windows tools have been around for many years (since 1996!). Microsoft now has these tools available and they are all FREE! They are also available in a "live" way such that you do...


December 4, 2009  1:22 PM

Generating and tracking passwords: Put javascript to work for you



Posted by: Troy Tate
complex password, information security, Password, password security, password tool, strong password, tool, utility

I recently came across this interesting website that uses javascript and SHA-1 hashes to generate passwords. The thing to remember about this tool is that the generated passwords are just numbers and letters. There are no...


December 3, 2009  7:02 PM

CERT ALERT:H1N1 Malware Campaign Circulating



Posted by: Troy Tate
alert, botnet, bulletin, CERT, cert alert, education, government, information security, information security awareness, malicious software, malware, us-cert, user education, warning

The US-CERT released an alert yesterday about a currently circulating malware threat with the H1N1 virus as the subject matter.

...


December 2, 2009  9:33 PM

10 Tips: Holiday greeting cards, holiday shopping and computer security awareness



Posted by: Troy Tate
antispyware, antivirus, hoaxes, information security, internet security, phishing, Security, security awareness, shopping

It is that time of year again when folks send electronic holiday greeting cards to one another. Some of the greetings may also be games that bear holiday messages. It is also a time when malicious software spreads using these same types of messages and software. You should also...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: