ComputerDefenseComputerDefenseComputerDefense.org is an IT Security website, with a mix of python,hardware,reviews and anything else I feel like talking about... previously it hosted a daily link list.. (which may make a comeback)... Articles
LinkedIn App for BlackBerry?
2008-01-25 03:43:00 It doesn’t exist…. the title is nothing more than wishful thinking… but think about it… it makes perfect sense. There’s a Facebook for BlackBerry app… this is to get the “younger crowd” using the BlackBerry Pearl ( and potentially the curve) but the BlackBerry was initially designed with business in mind, so why does a LinkedIn ... More About: Blackberry , Linkedin
LinkedIn App for BlackBerry?
2008-01-25 03:43:00 It doesn't exist.... the title is nothing more than wishful thinking... but think about it... it makes perfect sense. There's a Facebook for BlackBerry app... this is to get the "younger crowd" using the BlackBerry Pearl ( and potentially the curve) but the BlackBerry was initially designed with business in mind, so why does a LinkedIn ... More About: Blackberry , Linkedin
Port Scanner Challenge: And the Winner is?
2008-01-15 05:33:00 The other day I posted raw data comparing nmap, Port Bunny and Unicornscan… I thought today I’d provide some of my thoughts on what the data shows us. In the end I scanned 5 hosts running a variety of operating systems and I think I gave a fairly decent small scale spread and one initial comment I’d ... More About: Software , Security , Tools , Reviews
Port Scanner Challenge: And the Winner is?
2008-01-15 05:33:00 The other day I posted raw data comparing nmap, Port Bunny and Unicornscan... I thought today I'd provide some of my thoughts on what the data shows us. In the end I scanned 5 hosts running a variety of operating systems and I think I gave a fairly decent small scale spread and one initial comment I'd ... More About: Software , Security , Tools , Reviews
Port Scanner Challenge: nmap, Unicornscan, PortBunny
2008-01-14 05:33:00 There’s been quite a bit of mention lately of Port Bunny, the new port scanner from Recurity Labs. The scanner is Linux kernel-based and provides a TCP SYN Scan. I figured that I’d put the scanner to the test against nmap and Unicornscan. Here’s the rundown of the setup used: Software + Version: Unicornscan 0.4.7-2 nmap 4.53 PortBunny 1.0 Scanning Host: OS: Ubuntu ... More About: Security , Tools , Reviews
MS08-001 Disassembly Flash
2008-01-10 18:51:00 By now many people will have seen this, it appeared on Slashdot and Halvar posted it to his blog, but for those that haven’t… this is a pretty cool flash to watch. MS08-001 Disassembly. More About: Security , Flash , Vulnerabilities
MS08-001 Disassembly Flash
2008-01-10 18:51:00 By now many people will have seen this, it appeared on Slashdot and Halvar posted it to his blog, but for those that haven’t… this is a pretty cool flash to watch. MS08-001 Disassembly. More About: Security , Flash , Vulnerabilities
rIP - Reverse IP Tool
2008-01-10 18:40:00 This is actually pretty cool… It’s a new tool (Web-based) that came across the Web Application Security Consortium mailing list. Let’s take a look at the tool in action first, example with ComputerDefense.org. Showing records 1 - 13 out of 13 for www.computerdefense.org (82.165.158.149). capri-beauty.com computerdefense.org hometownssm.com hometowntoronto.com htregz.com korahgrads.com numerophobe.com pythongod.com reguly.org securitybloggers.net spammailbag.com themoviegeeks.net topsykrett.com Those are indeed the domains I own, that reside on the same IP ... More About: Tools , Tool
rIP - Reverse IP Tool
2008-01-10 18:40:00 This is actually pretty cool… It’s a new tool (Web-based) that came across the Web Application Security Consortium mailing list. Let’s take a look at the tool in action first, example with ComputerDefense.org. Showing records 1 - 13 out of 13 for www.computerdefense.org (82.165.158.149). capri-beauty.com computerdefense.org hometownssm.com hometowntoronto.com htregz.com korahgrads.com numerophobe.com pythongod.com reguly.org securitybloggers.net spammailbag.com themoviegeeks.net topsykrett.com Those are indeed the domains I own, that reside on the same IP ... More About: Tools , Tool
eEye and malware?
2008-01-07 06:25:00 First off… I wasn’t dead… I took some holidays around Christmas and went up north to visit the family… Two weeks and I spent less than an hour in total touching a computer… it was great. Anyways, I’m back and I looked at my bloglines, well over 2000 articles to read… I skimmed a few but ... More About: Security , Malware
eEye and malware?
2008-01-07 06:25:00 First off… I wasn’t dead… I took some holidays around Christmas and went up north to visit the family… Two weeks and I spent less than an hour in total touching a computer… it was great. Anyways, I’m back and I looked at my bloglines, well over 2000 articles to read… I skimmed a few but ... More About: Security , Malware
My New Phone - Blackberry Pearl 8130
2007-12-16 07:37:00 Your first thought might be, he just got a new phone in March… and you’d be right.. (See this post). I’ve been having battery issues with the UTStarcom and even after having the battery replaced under warranty, it just wasn’t doing it for me.. On top of that I got an amazing deal. My setup was ... More About: Personal , Phone , Blackberry , Pearl
My New Phone - Blackberry Pearl 8130
2007-12-16 07:37:00 Your first thought might be, he just got a new phone in March… and you’d be right.. (See this post). I’ve been having battery issues with the UTStarcom and even after having the battery replaced under warranty, it just wasn’t doing it for me.. On top of that I got an amazing deal. My setup was ... More About: Personal , Phone , Blackberry , Pearl
Daily Link List
2007-12-14 23:58:00 Just a few short things that I thought I should mention: The first has probably been seen by most at this point, it involves Rich Mogull and Chris Hoff… it’s a rather funny interaction but requires that you read the following articles in order: Predicting Peril — Dark Reading Room Off Topic: Argh! Smart House Went Stupid Breaking News: ... More About: Daily , Link , List
Daily Link List
2007-12-14 23:58:00 Just a few short things that I thought I should mention: The first has probably been seen by most at this point, it involves Rich Mogull and Chris Hoff… it’s a rather funny interaction but requires that you read the following articles in order: Predicting Peril — Dark Reading Room Off Topic: Argh! Smart House Went Stupid Breaking News: ... More About: Daily , Link , List
Hackers for Charity: Interview with Johnny Long
2007-12-10 17:51:00 In a previous post, I had reviewed a SecTor presentation done by Johnny Long. I had also mentioned on Hackers for Charity , a charity started by Johnny to link up hackers with charities that require IT/IS assistance. I see this as an incredible contribution and was looking forward to getting involved myself, but at ... More About: News , Security , Interview
Hackers for Charity: Interview with Johnny Long
2007-12-10 17:51:00 In a previous post, I had reviewed a SecTor presentation done by Johnny Long. I had also mentioned on Hackers for Charity , a charity started by Johnny to link up hackers with charities that require IT/IS assistance. I see this as an incredible contribution and was looking forward to getting involved myself, but at ... More About: News , Security , Interview
Random Links
2007-12-08 17:15:00 I haven’t done a Daily Link List in a while, but there are a few things I wanted to share. Via Thoughts of a Technocrat, we’ve got the best Microsoft KB Article every, Computer Random ly Plays Classical Music. From the Secunia Blog, we’ve got an interesting chain of letters between Secunia and Autonomy in which Autonomy repeatedly ... More About: Links
Random Links
2007-12-08 17:15:00 I haven’t done a Daily Link List in a while, but there are a few things I wanted to share. Via Thoughts of a Technocrat, we’ve got the best Microsoft KB Article every, Computer Random ly Plays Classical Music. From the Secunia Blog, we’ve got an interesting chain of letters between Secunia and Autonomy in which Autonomy repeatedly ... More About: Links
Has SANS Top 20 Lost All Meaning?
2007-11-28 22:14:00 I’m not going to give an answer to that… but I want everyone to think about it. As most people have read by now, the SANS Top-20 2007 list has been published. The list this year contains the following: C1. Web Browsers C2. Office Software C3. Email Clients C4. Media Players S1. Web Applications S2. Windows ... More About: Security , Lost , Vulnerabilities , Meaning
Has SANS Top 20 Lost All Meaning?
2007-11-28 22:14:00 I’m not going to give an answer to that… but I want everyone to think about it. As most people have read by now, the SANS Top-20 2007 list has been published. The list this year contains the following: C1. Web Browsers C2. Office Software C3. Email Clients C4. Media Players S1. Web Applications S2. Windows ... More About: Security , Lost , Vulnerabilities , Meaning
Quicktime RSTP Response Vulnerability
2007-11-27 23:13:00 Yet another one of these exploits… I find this one to be somewhat humourous… if for no reason other than I see it as a massive Apple failing… Apple has failed miserably. How did they fail? In two ways. 1. Quicktime was not compiled to take advantage of ASLR on Vista. This is simple enough, you pass ... More About: Security , Vulnerabilities , Vulnerability , Response
Quicktime RSTP Response Vulnerability
2007-11-27 23:13:00 Yet another one of these exploits… I find this one to be somewhat humourous… if for no reason other than I see it as a massive Apple failing… Apple has failed miserably. How did they fail? In two ways. 1. Quicktime was not compiled to take advantage of ASLR on Vista. This is simple enough, you pass ... More About: Security , Vulnerabilities , Vulnerability , Response
Google + Tor
2007-11-27 17:11:00 It seems to me that Google isn’t the biggest fan of Tor… Do a search for ‘what’s my IP’ and you get a number of results, whatsmyip.org being the first one. Now do that same search with Tor running… I got a 403 page from Google: We’re sorry… … but your query looks similar to automated requests from ...
Google + Tor
2007-11-27 17:11:00 It seems to me that Google isn’t the biggest fan of Tor… Do a search for ‘what’s my IP’ and you get a number of results, whatsmyip.org being the first one. Now do that same search with Tor running… I got a 403 page from Google: We’re sorry… … but your query looks similar to automated requests from ...
CSRF Hacking Database
2007-11-25 21:23:00 I’m not sure how I didn’t stumble across this before but at least I did eventually find it. From the about page: In the style of Johnny Longs googledorks, I bring you the CSRF Hacking Database . This database will contain urls that exploit CSRF vulnerabilities in websites. This is not intended to assist malicious hacking, rather it is ... More About: Security
CSRF Hacking Database
2007-11-25 21:23:00 I’m not sure how I didn’t stumble across this before but at least I did eventually find it. From the about page: In the style of Johnny Longs googledorks, I bring you the CSRF Hacking Database . This database will contain urls that exploit CSRF vulnerabilities in websites. This is not intended to assist malicious hacking, rather it is ... More About: Security
Lax Web Application Security
2007-11-25 02:10:00 I know it shouldn’t surprise me anymore… but it still does. Every time I visit a site and see a massive, gapping hole in their webapp security. I can get missing an XSS or some other input validation… it’s not good, but it happens… what I don’t get is shopping cart apps that allow the ... More About: Security , Application Security , Vulnerabilities , Application , Web Application
Lax Web Application Security
2007-11-25 02:10:00 I know it shouldn’t surprise me anymore… but it still does. Every time I visit a site and see a massive, gapping hole in their webapp security. I can get missing an XSS or some other input validation… it’s not good, but it happens… what I don’t get is shopping cart apps that allow the ... More About: Security , Application Security , Vulnerabilities , Application , Web Application
[SecTor Review] Modern Trends in Network Fingerprinting
More articles from this author:2007-11-24 05:27:00 SecTor Day #2 Speakers: Ryan Poppa and Jay Graver Presentation (pdf) Download Audio (with Slide Deck) (wmv) This was the final talk that I attended prior to the wrap up. I already knew what to expect for the most part, since Ryan and Jay are colleagues at nCircle. The hour long presentation started with 30 minutes of background presented by ... More About: Reviews , Trends , Review , Network , Modern 1, 2, 3, 4, 5, 6, 7 |
 |
|
 |
