Security – Page 2 – What Justin's Thinking

Python Script for Searching ExploitDB

June 30, 2016December 26, 2014 by jra

So I was looking to cleanup my Twitter favorites list and starting with the oldest one that was dated from 2011, it was from an article for using a Python script for searching the local ExploitDB instance on Backtrack.So of course it peaked my interest and click on the source link directed me to a … Read more

Kali Linux Backtrack Reborn

September 13, 2013 by jra

Nice talk around the history of Backtrack and how it morphed into Kali Linux.

2013 Security Reading List

June 30, 2016December 27, 2012 by jra

During the second week of December I realized that our group had not used their 2012 training budget. Realizing that there was not enough time to get a formal security class under way before the end of the year, I suggested to my manager that our group use the funds to order security-related books. He gave us the green light and behold the list below. Goal is to finish them by December 31, 2013. We’ll see what happens.

Whole Disk Encryption Principles

June 30, 2016December 18, 2012 by jra

All of the components associated with managing the Whole Disk Encryption (WDE) infrastructure should be classified as a High Value Asset (HVA). The backend assets contain the components involved for protecting the encryption and decryption keys that are used to encrypt hard drives. Treating the backend components of the Disk encryption environment as HVA, will ensure that the cryptographic keys are protected through a layered approach to securing the environment. This of course assumes you are architecting your security environment around various layers and are classifying certain assets as HVA’s and others at lower classifications.

A Security Perspective on the Conneticut Shootings

March 9, 2013December 15, 2012 by jra

Given the horrible tragedy that took place yesterday in our nation, I have been given a lot of thought to how to mitigate these shooting incidents. Given the fact that my career has been centered around protecting company resources and putting plans, processes, and procedures in place to respond to security incidents, I thought I would provide a similiar approach for dealing with school shootings.

It’s important to note when I’m referencing “assets” I”m referring to the victims involved in the given incident. Please do not take this as an insensitive term to those victims, it’s just easier as a point of reference. I would also point out that I have two boys (12 & 8) that have just as easily been victimized as those from yesterday’s incident. When I use the term “threat vector” I’m speaking mainly of the perpetrators involved in the shootings.

UNIX Core Event Logging

March 9, 2013October 30, 2012 by jra

There are a minimum set of events that should be logged on UNIX-like operating systems. Typically you would need to define requirements for your specific needs and add and modify them per requirements that you define.

Keys to Data Loss Prevention (DLP) Success

October 20, 2012 by jra

Being a Information Security geek for sometime I have had a significant exposure to DLP over the years and being exposed to two major vendor distributions along with processes and procedures I have found some high-level principles that should be followed. 1. Know Thy Risk – This often seems to be taken for granted, but … Read more

Backtrack 5 & Scapy Python Dependecies

October 13, 2012 by jra

Have not blogged on any security-related topics in a while so I thought it was time. Scapy is a Python-driven program for generating TCP/IP packets on the fly and programtically. If you fire up Scapy on a fresh Backtrack 5 system you will be welcomed with two dependency errors; one complaining about the GNUPlot Python … Read more

Linux PAM Resources

June 30, 2016March 28, 2012 by jra

Pluggable authentication modules (PAM) are a mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface (API). It allows programs that rely on authentication to be written independent of the underlying authentication scheme. PAM was first proposed by Sun Microsystems in an Open Software Foundation Request for Comments (RFC) 86.0 dated October … Read more

How to Install Firewall Builder 5 In Ubuntu

September 24, 2011 by jra

Firewall Builder is a GUI application that allows you to create sophisticated firewall rules. Currently only version 4 is available in the Ubuntu repositories, so here is how to install version 5 in Ubuntu: 1. From a Terminal window type: wget http://www.fwbuilder.org/PACKAGE-GPG-KEY-fwbuilder.asc -0- | sudo apt-key add – 2. Add the line deb http://packages.fwbuilder.org/deb/stable/ VersionName … Read more