ARP Poisoning with Ettercap Demonstration
This demo is a follow-on to the ARP Poisoning Presentation. It uses the program ettercap to acheive an ARP poisoning attack.Skip straight to the videos To start with, here's a written description of...
View ArticleEugene's Law of Security
Categories: SecurityEugene's Law of Security: There's always someone smarter.Corollary: Beware of stupid, malicious people in groups.Eugene's Law of Security is my way of describing what the designer...
View ArticleSocial Engineering Presentation - ISC 3/21/13
The presentation from UAH's Information Security Club meeting of March 21, 2013. This talk dealt with Social Engineering, the art of manipulating and reading people put into a penetration testing...
View ArticlePhishing Presentation - ISC 4/11/13
The presentation from UAH's Information Security Club meeting of April 11, 2013. This talk dealt with Phishing, a social engineering technique, and was given by Eugene Davis.Slides (PDF)Audio...
View ArticleWhat's the Difference Between a Threat and a Vulnerability?
Categories: SecurityThreat ModelingRisk AssessmentNot long ago I was working on a threat modeling project, and found that I was rather confused by the distinction between a threat and a vulnerability....
View ArticleBook Review: Threat Modeling by Frank Swiderski and Window Snyder
Categories: Book ReviewSecurityThreat modeling is something that probably should be done whenever developing a complex system, especially software, but all too often isn't. In part this deficiency is...
View ArticleBook Review: Security Engineering by Ross Anderson
Categories: SecurityBook ReviewEducationSecurity Engineering is all about designing and building secure systems. Unlike many security books, this one attempts to cover the entire range of security...
View ArticleMaking a "Linux Foundation" for Cryptography Libraries
Categories: SecurityGNU/Linux One of the things that the recent Heartbleed bug really should alert us to is the fact that our crypto libraries need work. On the one hand, we know that trusting a crypto...
View ArticleIPFire on the Dreamplug - Major Version Upgrade
Categories: SecuritydreamplugipfireIPFire (http://www.ipfire.org/) is a Linux distribution targeted towards providing a security focused router/firewall that can provide a number of services beyond...
View ArticleHow to Get 1 Million Blog Comments in a Month - A.K.A. Cleaning My Spam...
Categories: SecuritySpamI'd like to tell a brief, cautionary tale about what can happen when you don't monitor your website's comments for spam for a little while. Please note – the events within...
View Article
More Pages to Explore .....