I just read Bruce Schneier’s Beyond Fear.  It was classic Schneier and by classic Schneier I mean very good and thought provoking.  He sets forth a methology to analyze and evaluate security systems, technologies and practices.  Below are the five questions that he set forth in the book which are the bassis for this methology.  [...]

I enjoyed Kingpin. It gives real insight to credit card fraud and government “cyber” investigations. This case (the conviction of Max Vision) really symbolizes the movement of hacking prosecutions into a new realm. This new realm is really just plain old crime by other means.

Mark Russinovich is a windows Ninja and he has been for a long time.  He is bona fide.   This does not mean that he is necessarily able to write a good novel, develop characters, or articulate convincing scenarios about cyber-terrorism. Fortunately, he is able to do all three. Zero Day was fun to read, [...]

When I saw that The Cuckoo’s Egg was on Richard Bejtich’s top ten Infosec books for 2010, I decided to give it a re-read.  I had fond memories of the book and I was not disappointed.  There are still some good security lessons to be learned from the book.  It is a well presented story [...]

All devices need to be sanitized of information before disposed of.    I recently acquired a 2950 switch for small project off of ebay..  As expected, the configs were still intact with a treasure trove of information.  Yes a treasure trove.  The switch was previously at a major corporation, there were two snmp RW strings [...]

The latest entry to the Software Vault is a nice little windows program to compute and compare MD5 hashes.  I have found myself in the past not checking the md5 hash on a file when I was on a windows box and I would have checked the hash if I was on a Linux box.  [...]

IPv6 is not enabled by default in Windows XP.  To enable see below.  no reboot required. From the command prompt: ipv6 install netsh int ipv6 uninstall IPv6 is installed by default on most new operating systems.  See Below.  This creates a significant security issue which I will post about at a later date. Vista, Windows [...]

The default interface command erases all commands on the particular interface places the interface in a default state which includes no shutting the interface.  Below is the configuration of an interface before and after running the default interface command. Sales2#show run interface fastEthernet 1/0 Building configuration… Current configuration : 128 bytes ! interface FastEthernet1/0 description [...]

Google has been rolling out this feature over the past few weeks and i got it a couple of days ago.  This is another prime example of Google’s low key approach to enhancing their free or low cost cloud based services.  I can now do all the things that I was doing with Dropbox in [...]

I have been exploring different methods of storing non work related docs, files and information in the cloud for easy access.  I want to access from multiple locations and from a variety of devices.  The best solution so far is google aps, toodledo and drop box.   The new iphone app for Drop Box is great.  [...]