BackTrack 3 (2007-12-14) is a penetration testing live Linux distribution. It is packed with plethora of tools organized by categories.
With this large amount of utilities, it is sometimes hard to pick the correct one for the job. At Shmoocon 2008, a BackTrack representative gave a talk which was good, but focused on exploiting a Windows binary using Olly, not on showing off the features of the distribution. So I took it upon myself to click on every single link and find the awesome and the less awesome tools among the bunch. Note that the work that I did was for a presentation. There are videos which are self-explanatory but at times need commentary. I will provide some explanation in writing.
Continue reading ‘BackTrack 3: Demos of selected tools’
Information security is about reducing risk. Therefore, risk management activities must be conducted to identify potential problems and prepare for them. Different security management tools exist to help us determine the risk of these systems. These tools can take data from various security tools such as Nessus and Snort, perform some form of analysis (trend analysis, risk calculations, etc) and generate reports. However, to full take advantage of these systems, they must be configured with the criticality values of the various systems.
Unfortunately, there does not seem to be any foolproof methods for calculating asset values.
My presentation provides a possible guideline to measure relative asset values. This will aid in prioritizing remediation.
Prioritizing Vulnerabilities for Remediation
Upon finding out that I study information security, a question people often ask me is:
“Alright dude, so like, if all these terrorists go around posting stuff on the Internet, why can’t we just use their Internet posts to track them down?”
What annoys me is that I can think of several answers to this question but I do not know which one is in actuality most of the times true.
Continue reading ‘Terrorists on the Internet … Dude’
Given that we are a group of students that want to be actively engaged in “security research”, I often ponder: What does the term “security research” mean to you? Some of us are into reverse engineering, some of us are into language-level security, some of us are into network-level detection and prevention. When I speak to anyone working in any of these fields, they will usually light up and go off on how the problem they are working on is a major component in solving problem X and problem X is one of the top reasons why the state of security is as poor as it is. Success is no longer protecting C, I, and A, but making executables with randomized address spaces, but creating IPS that block anything suspicious, or virtual machines that sandbox as much as possible.
I guess what I am trying to say is people sometimes lose track of the larger picture while working on specific problems. While specifics are arguably most important in correcting problems, people should not loose track of the larger picture.
Comments?
Loading ...
Recent Comments