Ayoi’s

Yup, not only everyone can fly with AirAsia but now everyone can perform Monkey in The Middle attacks. I just read an article at one of my favourite sites, darkreading.com that basically about a tool called Middler which automatically generates MiTM attacks on any sites that not fully ensure that the communication channel will be done on SSL besides during the login or authentication process. In the article it does mention some of this sites like Linkedln where for the login process, it will be done on SSL but after the authentication process, the communication will be done on plain HTTP channel. And yes, even our own gmail practice the same method.

(more…)

Taken from lessonlearnedrocks.com

That’s what I can sum up my day today. Early in the morning just before I have my first sip of my latte, I received a phone call from a prospect client which make my latte feel so bitter. I guess I’ve spent more than 20 minutes on the line with him where most of the time I just simply can’t answer his questions and queries. I am totally dumbstruct and lil bit embarras after that conversation. So embarras that I even contemplate of withdrawing from giving my scheduled talk during the coming Infosec.my technical forum organized by CyberSecurity Malaysia.

(more…)

Well, it seems that this year I’ve seen many of my colleagues moved on with their careers. Some of them moved to different field and getting better pay (most of them actually) and they’ve made some progress with their career as well. Some of them still within the security field and yeah, they’ve moved on to our competitors as well. For me, profesionally, we are competitors but as security practitioner, they are still my peers

(more…)

Yeah, unfortunately due to unforseen circumstances, I have to break fast by myself at the office today. As I need to complete the POC machine to be deployed tomorrow at our potential client site. I just get myself a pack of nasi with ayam madu for my meal. And I will have plain water for drinking (I can hear wifey cheering and clapping her hands).

I do wonder what my family have for today?

Hehehe. This is what I’ve discovered when I attended an intra department meeting last week. One of our representative in marketing said that one of the clients did mention that one of the main reasons why we loose this particular client because our competitor’s tool is impressive and “attractive” compared to the ones that we have. Kewl eh?. I thought :

a). Tools are just to assist analyst in executing or making their judgement on identifying any possible security incidents or security policy breached.

b). It is important for the analysts to be able interpreting or understand on the information presented to them by the tool. Also they need to know the decision making logics and the working mechanism of the tool. Yes, it also means that you need to know all the features offered by the tools in order to find all the necessary information needed to assist your analysis. A good tool perhaps that can function as aggregation and also for investigation as well.

Perhaps this could be a good topic for my tentative talk during the infosec.my Technical Forum later next month. Network Security: The 3 key elements.

I DO Believe that I am as cute as that kitten

It’s not because we are in Ramadhan. Nothing different actually. The only thing that make me so lazy (with intention of being lazy) because of the current condition of my work and status. Hmm not that bad eh by doing nothing (actually I read SANS whitepaper produced by the GCIA and GCIH graduates.)

Is a new laptop. Yeah. I want a new laptop. Currently my ‘ol workhorse lappy Compaq V3000 showing some tendency of sloppiness and sometimes I need to restart my lappy (sometimes when I try to do some demo with my VMwares in my training) which is embarrasing.

(more…)

I am heavily reconsider the current position that I held (acting actually) which I yet to receive the offer/promotion letter that I roughly know the term and conditions based on the amount credited to my bank statement recently that I could say jolt my senses. I do feel honored and grateful for being appointed and promoted to this position but then I must not think only about myself or my career but I also must think about my family especially my children.

For time being I might say thanks but no thanks.

picture from www.alexpanait.com

I just came back from Bangi after completing the 1st day Introduction to ICT Security training and yeah, the training schedule will consume 4 of my working days this week. Lil time for bloggin but I’ll try my best to post something useful and beneficial

Ahh.. I also will post about my trip to Jakarta and Bandung next time. So it will take some time as I need to select suitable pictures for uploading purpose later on.

For you guys who downloaded the i-Hack Defense Challenge questions, I want to say thank you for having the interest on taking part of the analysis fun.. OK perhaps my friend geek00l have shown the way how to retrieve the passphrase and yeah, Hex must be included as one of the required tools for analysts and perhaps Incident Handlers as well. For the answer, sorry to disappoint you guys, I will upload the answer soon but be prepared for another set of fun on retrieving the correct answer

For time being, my hands are full, so please please bear with me Okay?

Thanks for visiting and reading my posts.

OKay, let me share with you the UiTM i-Hack 2008 Defense Challenge question. The download link will be at the bottom of this post and before you start downloading the questions, please read the condition first.

The Condition

You should be able to download the compressed file that contains:

a). Question.rar

b). password.pcap

This file should be able to be uncompressed into your system without any problem. However the Question.rar file is protected with a pass phrase. Meaning the the required “password” will have more than one word (so that’s why I use pass phrase term) and also includes the white spaces as well. The pass phrase can be found in the password.pcap file.

It is not that difficult and I think most of you perhaps can answer all the questions within few hours top. Perhaps you guys have any new ideas on how to create this type of challenge in the future.

Thanks and good luck

You can retrieve the question from this link : http://hazrulnz.net/files/