Information security articles related to Backtrack Linux, information gathering, Windows, exploitation tools, OSX, reverse engineering, Ubuntu, maintaining access, CentOS, vulnerability assessments, etc.
Cisco devices running the Cisco IOS have three types of ways to display passwords in the device configuration which include Type 0, Type 5, and Type 7. Below we describe all three methods of storing passwords in the Cisco IOS device configuration and how to obtain the password from each method either by simply reading…
While working on a server farm for a client I kept running into some issues with one of the servers. The issue appeared to be a single CentOS Linux server in a cluster of ten CentOS Linux servers configured exactly the same as the other nine CentOS Linux servers was having issues writing to a…
If you performed a default install of ModSecurity but never modified the configuration or completed any other steps the chances are that you are not logging any ModSecurity items. Typically you just need to add a directory structure with the proper permissions and then ModSecurity will do the rest as far as generating the files…
Earlier I wanted to see if any PPTP clients were connected to an internal network through a pfSense firewall but wasn’t sure best way to do it. Turns out that outside of the pfSense command line I am not sure there is a best way so below I describe how to check for PPTP connected…
I recently installed Oracle on a Windows 7 computer to test some tools that are available in Backtrack. I am very new to Oracle so it has been a bit of a learning process including the fact that I had no idea you can install Oracle without having to pay any money to download it…
Earlier today while working with a friend at our offices we were playing around with a large NMAP scan of the anoNet network. His computer would not open the network topology in Zenmap because of a lack of RAM so we were looking at it on another laptop with much more RAM. After discussing it…
I don’t know why I have never configured Trillian to block ICQ authorization requests before considering I get a couple every single day however I decided today was the day. ICQ authorization requests pop up when someone has requested to add you to their contact list which for me never happens unless I send someone…
Earlier today a client called and said he had a virus or some spyware on his computer that could not be removed. The client was remote so I had to login to his computer to investigate. I used the typical tools such as Malwarebytes and Microsoft Security Essentials but the issue still existed. It seemed…
Late last night I realized that the traffic for Question-Defense.com was way down for the day and thought it was related to some recent updates I had performed on the site. I spent probably an hour or so last night verifying that nothing was out of the ordinary with the site and wasn’t able to…