http://secauditor.wordpress.com "The soft and the pliable will defeat the hard and strong." Lao Tzu Thu, 16 Apr 2009 23:57:34 +0000 http://wordpress.com/ hourly 1 http://secauditor.wordpress.com/2008/02/26/the-tai-chi-of-active-directory-in-the-dmz/#comment-309 altonius Thu, 16 Apr 2009 23:57:34 +0000 http://secauditor.wordpress.com/2008/02/26/the-tai-chi-of-active-directory-in-the-dmz/#comment-309 Here's a question regarding this DMZ layout. What happens to a user from the Internal Domain when they logon to a DMZ domain computer? What is the traffic flow from the DMZ domain computer, does the traffic from the DMZ computer talk to the forest root and the forest root domain controller talk back to the Internal domain DMZ or is there any direct communication from the DMZ computer to the internal domains DC? Here’s a question regarding this DMZ layout. What happens to a user from the Internal Domain when they logon to a DMZ domain computer? What is the traffic flow from the DMZ domain computer, does the traffic from the DMZ computer talk to the forest root and the forest root domain controller talk back to the Internal domain DMZ or is there any direct communication from the DMZ computer to the internal domains DC?

]]> http://secauditor.wordpress.com/2008/10/20/to-catch-a-crook-pt-2-the-pigman/#comment-303 salma Thu, 19 Mar 2009 06:23:35 +0000 http://secauditor.wordpress.com/?p=165#comment-303 what do you recommend if you already have snort and other log files that need analyzing. how can you add or parse log file to add to mysql for ACID to create reports. any thoughts what do you recommend if you already have snort and other log files that need analyzing. how can you add or parse log file to add to mysql for ACID to create reports. any thoughts

]]> http://secauditor.wordpress.com/2008/11/11/paper-published-on-breaking-wpa-tkip/#comment-302 Thor Mon, 16 Mar 2009 05:31:58 +0000 http://secauditor.wordpress.com/?p=219#comment-302 Any new posts? :-) Any new posts?

]]> http://secauditor.wordpress.com/2008/08/21/sans-brings-cissp-training-to-anchorage-alaska/#comment-295 CISSPME Thu, 18 Dec 2008 22:14:26 +0000 http://secauditor.wordpress.com/?p=47#comment-295 Thanks for this post. My goal is to be certify CISSP. Here is a link to a page where security professionals work towards CISSP and other certs Thanks for this post. My goal is to be certify CISSP. Here is a link to a page where security professionals work towards CISSP and other certs

]]> http://secauditor.wordpress.com/2008/10/23/now-the-tools-pt3-hydra/#comment-214 » Now the Tools - Pt3. Hydra » Free Software Thu, 23 Oct 2008 17:32:50 +0000 http://secauditor.wordpress.com/?p=176#comment-214 [...] Software news by secauditor [...] [...] Software news by secauditor [...]

]]> http://secauditor.wordpress.com/2008/10/13/insiders-pose-biggest-threats/#comment-129 Rob Douglas - Editor, InsideIDTheft.info Wed, 15 Oct 2008 16:21:03 +0000 http://secauditor.wordpress.com/?p=131#comment-129 Study after study shows that most breaches are a result of insiders - either through negligence or criminality. Study after study shows that most breaches are a result of insiders – either through negligence or criminality.

]]> http://secauditor.wordpress.com/2008/10/11/port-knocking-and-using-fwknop/#comment-126 secauditor Tue, 14 Oct 2008 04:50:14 +0000 http://secauditor.wordpress.com/?p=125#comment-126 Thor your devious mind is always at work. I like it. Currently there is not a zero day for fwknop. Thor your devious mind is always at work. I like it. Currently there is not a zero day for fwknop.

]]> http://secauditor.wordpress.com/2008/10/11/port-knocking-and-using-fwknop/#comment-124 Thor Mon, 13 Oct 2008 06:48:48 +0000 http://secauditor.wordpress.com/?p=125#comment-124 Very nice... A great way to hide services, as long as there isn't a zero-day for fwknop. ;-) Very nice… A great way to hide services, as long as there isn’t a zero-day for fwknop.

]]> http://secauditor.wordpress.com/2008/09/30/nipper-network-device-configuration-security-auditing-tool-and-training/#comment-118 Nipper - Network Device Auditing Tool anf Training « Binary Insanity Wed, 01 Oct 2008 18:42:49 +0000 http://secauditor.wordpress.com/?p=93#comment-118 [...] read more | digg story [...] [...] read more | digg story [...]

]]> http://secauditor.wordpress.com/2008/02/15/utilizing-winexe-to-create-a-backdoor/#comment-117 secauditor Wed, 01 Oct 2008 00:49:01 +0000 http://secauditor.wordpress.com/?p=3#comment-117 Port 123424 ultimately though you are accessing the IPC$ share so access across the Internet is not an option. This is more valuable for Incident Handling or Forensics. Port 123424 ultimately though you are accessing the IPC$ share so access across the Internet is not an option. This is more valuable for Incident Handling or Forensics.

]]>