Ayoi's

http://www.scottweisbrod.com

OK, now that we’ve get our hands dirty with the systems, perhaps we should make these machines linked together. What? You only have one system installed? C’mon.. Did I mention that you should have at least 2 different systems installed? No? My bad.. Please forgive this old man though (Sometimes I think being older has its own advantages lol). Ok now carry on with your second or third operating systems installation and I’ll wait for you. When you’ve finish, I’ll show you how to link these machines via vmware using Host Based Network configuration. Carry on…

(more…)

Initially I want to post a series of i-Hack Defense Challenge packet capture analysis using NetWitness Investigator but in the middle of medling around with the Investigator’s features and functions, one of the Analysts came and ask me a series of questions regarding the required knowledge and skills. Besides he is the first ever analyst ever to come to me and ask those questions, the most interesting question that he asked is “Where to Start?” So as a good (hopefully) person, I ask him to join me for tea break so we can discuss more freely on this topic which in the end we end up discussing in heavy downpour. Not a good decision I guess..

(more…)

Ok, I did mention few times in my blog that CLI is the THING and GUI only for WIMP users . I seldom use wireshark compared to TShark, more on tcpdump.. You know the CLI thingy. But then I’ve read many times about this one tool. Some people said that it would replace wireshark later on but those guys behind this tool said it should never replace wireshark but should be used WITH wireshark instead. So what the heck, I just browse to this tool’s developer web site and decided to download it. Ok you need to register and activate this software as well but I think adding applications into my facebook interface is much more complicated ;P (yeah yeah, I have a facebook account. No big deal

Guys, this tool is impressive.. Even for CLI-is-the-best-zealot like me

(more…)

When I visit SANS Handler’s Diary today, there’s only one short entry by the Handler of the day; Jim Clausing. That post is regarding one website that provides cheatsheets on the network protocols and some challenge as well. So I browse into that website and heck, it is very informative and useful. If you’re into network thingy like protocols, design and others, I recommend that you bookmark it. The name? Packetlife.net.

p/s: Now I know that RJ45 is not the name of that connector actually .

~WARNING~

This might be a lame post. This post may insult the intelligence of the geeks and nerds out there. So be warned

Ok I know this is lil bit lame as perhaps most of you have known already… But what the heck, I just knew on the conversion method and I think I should post it as MAYBE in the future I might forgotten the method Anyway to my surprise, I did not lost the 8GB thumb drive that was given by wifey (reluctantly) but I just left it in my pants’ pocket AND my maid took that pants and wash it along with the thumb drive. To my surprise, the thumb drive is still in good condition

(more…)

The talk that I’ve presented during Infosec.my technical forum this year is Network Security: 3 Key Elements where the key elements are process, technology and Human. I have the idea to give presentation on that topic based on my observation and experience in this field (OK not that long though). Most of our competitor emphasis on how advance their technology is when managing their clients network security. Well I am from the old school in this field where I believe technology is only to assists human in performing their tasks. From the email that I received this morning, I know how right I am in this matter..

(more…)

Most of the time whenever I have meetings with clients, the topics will be based on penetration testing, system hardening and some about having monitoring services as well. OK, that because the purpose of having those meetings are to discuss on that topics anyway. But then they( the client of cause) somehow never mention about their response if there’s any incident occurrs. Yeah they did mention about the SLA or SLG but it concentrates more on the escalation process between MSSP and them. Most of the time, we have either little or no idea on how they perform any form of response or handling on the reported incidents detected.

(more…)

OK, maybe I should post something useful and perhaps exercise our brain lil bit. It seems that most of the time lately I just keep posting more about me and my family and less more on IT thingy. So as for this post, let me give you one example of how we can create a simple backdoor for windows based machines which I believe MAYBE will be ignored by your ordinary administrator (you’ll discover why later on). And even if he managed to notice the existence of the backdoor, he might have some difficulties on deleting that as well . So lets begin…

(more…)

Yeah, that’s me

One of the most overlooked thingy in system protection is warning banner. Do your system has warning banner? Anyway, it seems that one of our clients try to make fun of us..

***** Nagios *****

FTP OK – 0.050 second response time on port 21 [220 INI TEMPAT BERPUAKA. DILARANG MASUK KECUALI PUAKA !!!!!!]

How’s that for a warning banner?