bamed.org | chown -R bamed. ~/base
Programmers are people too…
I was doing some packet analysis today and saw the following in an HTTP header from Facebook: HTTP/1.0 200 OK Server: MochiWeb/1.0 (I’m not even supposed to be here today.) Nothing new, or ground breaking here, but gave me short lol in the midst of the daily static.
How Strong is Your Fu?
Offensive Security will be hosting a Hacking Tournament May 8-9th. Details can be found here. For those who don’t already know, Offensive Security provides top-notch, hand-on, IT security training. Last fall I took their Pentesting with BackTrack course and obtained my Offensive Security Certified Professional status. Oh, and don’t forget that Offensive Security also happens [...]
Updated Resume
In case anyone out there is interested, I’ve updated my resume to include recently obtained degrees and certifications. Specifically, a couple of months ago I managed to obtain OSCP status, and today I graduated with my Associate of Science in Information Technology. I’m continuing on to achieve my Bachelor’s by next summer and I hope to obtain [...]
x86 Assembly
I’ve been asked for some good links to help learn x86 Assembly. The main source I have been using is “Programming from the Ground Up” by Jonathan Bartlett. The target audience for this book is people who don’t already have any programming experience. It begins by explaining the basics of how a computer works, how [...]
Goals for 2010: Part 3 – Attend two Security cons and compete in their Hacking competitions.
One of the things I regret about living in Joplin, is that there isn’t a thriving IT community. There are plenty of IT people, as there are in any decent size town, but all attempts that I am aware of to form a community out of these people have failed. There is currently a group [...]
Goals for 2010: Part 2 – Setup a hack lab and improve pentesting skills
In case you haven’t already caught on, I’m working on fine-tuning my skills and planning for a future career in IT Security. One of the skills I need to continue to improve is penetration testing. For those laymen out there, you would probably use the term “hacking.” Of course, I intend only to use my [...]
If you use DD-WRT update it NOW!
A practically emberassing bug in dd-wrt was released today. It would allow anyone to get root access to your router if you have remote Web GUI turned on, which is always a bad idea. If you don’t, anyone on your internal network could get root access pretty easily. Details on the bug are on milw0rm [...]
Keep your blogs updated!
This past week was a particular nasty week for WordPress users who do not keep their software up-to-date. If you’re Worpress installation is before 2.8.4 and you haven’t been hit by the worm circuling the globe, please update ASAP! You can get the latest version at http://wordpress.org/download/. This worm used a known and patched SQL [...]
Louisville InfoSec
Looks like I’m going to Louisville in Octover for the 2009 Louisville Metro Infosec Conferece. Thanks to IronGeek who provided me with a free ticket just for agreeing to participate in the CTF. I’ve got family close to Louisville so I’m going to try to make a vacation of it, but I’ve still got to work out [...]
Pen-Test Labs and HoneyNets
There were two presentations at PhreakNIC that I got a lot out of, and plan to follow up more. The first was “Analyzing Intrusions and Intruders” by Sean Bodmer of savidtechnolgies. It was basically about HoneyNets, and about using centuries old criminal science to prevent/track attacks. What is a HoneyNet you ask… A HoneyNet is [...]
