-
Linux or Windows for Radius server
Hello, I'm planning to implement two (Main and Backup) Radius servers for Cisco (Nexus, ASR and ISR and maybe IOS) devices. Now i'm thinking which platform would be more suitable to use: Windows or linux (free radius) for it. The main requirements that it'd support a synchronization of databases between each other. Also…
-
Nice list of Digital Forensics and Incident Response infographics
Ran across this the other day so I thought I would share. Infographics
-
Incident Response
This might be a misunderstanding on my part, but it looks to me that security incident response can't make up it's mind if it's a 4, 5, 6 or 7 step process? I noticed during my practice exams that one exam said it was 4 steps, the other test platform says its 5. Then I went and googled it and it only got more confusing…
-
Digital Forensics Tools/Distros
I was researching digital forensics distros/platforms and came across several. Which ones are the best to use? most recognized? I know there are many tools for different forensics analysis but I am talking about the overall distros. Digital Forensics Framework Sleuth kit +Autopsy SANS SIFT (this is distro is based on SANS…
-
How do I learn windows inside and out?
Hi! You know, I want to learn how to completely master the latest Windows operating systems. I don't want to get certified but I do want to learn how to eventually repair and solve complex issues related to Windows. Problem is when I googled on how to go about this there wasn't a lot of information on that. I want to give…
-
Windows Firewall?!
Does Windows firewall actually used in production environment? Currently studying for MCSA 2012 and there are plenty of stuffs related to windows firewall. But in all three places I worked so far, they just turn off the OS firewall (Both Windows and Linux) after the installation. The hardware firewalls are actually being…
-
BASH is coming to Windows
Microsoft is bringing the Bash shell to Windows 10 | TechCrunch MS SQL on Linux was announced a couple months ago now BASH on Windows... what is the world coming to?
-
How to break into SCADA?
I hear a bit about SCADA but haven't seen any resources to get to know them better. Anybody have some recommendations?
-
HDP Data Science Course
Found out on Friday that my work has approved my and my boss attending the HDP Data Science course! I got our cluster up and running along with getting ready to begin to import the data. I had to make the argument that training was needed because while we have some idea about how to get the information we are seeking this…
-
Data Science - Suggested Reading
I was hoping to get some suggestions on reading material related to Data Science. In particular, I'm looking for material that relates to figuring out how to form questions so you know what data to get? Along with, now I have this data, what questions should I be asking? Thanks in advance!
-
Free good quality OWASP Top 10 Free CBT
Hi all. I thought I'd share this free resource with you. It's useful for CISSP and SSCP alike. The company sent me an email to my work address, advertising their free course. They do have a paid version where you get some cert for doing it, offline resources, and no ads, but to be honest, I found the free course great…
-
Digital Forensics books recommendation - beginner
So I decided that I want to learn about the world of Digital forensics. I'm a complete n00b in this area, and I want to start by reading introductory books on the subject. A good start for me would be something 1) Non-technical: How the investigation is done for Computer crimes, chain of custody, evidence,...etc. 2)…
-
Big Data - Hadoop
Anyone working in the Big Data realm? Seems I'll be heading down this path with work and hoping to avoid any common pitfalls along the way. Also (not that I think I am leaving, but always best to think ahead) would be nice to get some perspective on the job market. How often is one administrating the cluster along with…
-
Public Key Infrastructure
Hey everyone! :D Can anyone please give me a simple definition of WHAT PKI is? Not only as what it does, but what it IS. I mean from what I gathered here is that PKI is a group of protocols, policies, software and even people who are needed for creation and management of certificates right? And it involves Certificate…
-
OWASP Top 10 Testing and Tools for 2013
What do you all think? Its kind of a broad list. OWASP Top Ten Testing and Tools for 2013
-
OWASP Top10 3012 RC1
Here is a look at the OWASP top10 2013. This is just a RC, as stated in the pdf the final will be out sometime around April. Link to PDF: http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013%20-%20RC1.pdf
-
SCADA Infosec
I might have an opportunity to start going down the SCADA (Process Control Networks) security path at my current job. I'm wondering if this is a growing need out there that anyone is aware of? I don't ever want to pigeon hole my self and not be marketable. Anyone out there deal with infosec on PCNs?
-
PKI vs CA?
Maybe there is a simple answer and i'm just not grasping it. I'm studying for the cert and i test in 9 days. I have most of the concepts but due to my lack of experience in the IT career field i'm not very familiar with certificates and while reading and researching i can't find any defining lines between a CA or PKI. is…
-
Interesting introduction to PKI, basic concepts...
https://www.youtube.com/watch?v=56fa8Jz-FQQ I'm glad I watched it, it helped me out a lot.
-
Cyber Security for Energy Delivery Systems
For anyone interested in the "cyber security" of energy production/transmission/storage systems, SmartGrid, SCADA, and all that, the US Department of Energy just release this extensive overview of the system and situations: http://energy.gov/sites/prod/files/Energy Delivery Systems Cybersecurity Roadmap_finalweb.pdf
-
Industrial Networks
Hello to all. I have some experience in instrumentation and control. I want to move to security for industrial networks (SCADA, DCS, PLC). What path should i follow? I already have CCNA and MCITP. I am planning to study a Security+ and OCA (as i think databases is also important to know). Are there certifications…
-
OWASP AppSec
Has anyone ever submitted a paper for CFP for either this conference or any other? I'm considering doing it, but I feel that I don't have enough experience for what they are looking for. Just curious if anyone has feedback or experience with writing a presentation/paper for a conference before.
-
PKI concept trouble.
I've got the theory down pat, I don't question the veracity of the material, but I still don't quite grasp how it works. PKI - User JohnDoe Public Key: A10 Private Key: A1010 User SmithySmith Public Key: A20 Private Key: A2020 According to most PKI conceptual material I've read, user JohnDoe would encrypt a message going…
-
OWASP Live CD Project
Category:OWASP Live CD Project - OWASP One of my security friends turned me onto this, which is part of OWASP. OWASP Quote from the website Enjoy
-
Need Advice on PKI and PKI research materials
Our organization has been skirting around implementation of PKI, we are a microsoft shop so it is not a huge deal to follow microsoft best practices and build a internal PKI infrustructure. As far as advice, we are in the process or multiple projects over the next few years, with the possiblilities of alot of Certificate…
-
Which encryption methods for the protocols do I need to know?
The only thing that i find not really covered in depth in my study guides is what encryption methods are used for a particular protocol? I see a lot of people saying this is needed for the exam. for example my books cover that PGP uses its own decentralized type of digital certificates using an RSA based PKI method with…
-
The Role of CAs in PKI
Hi, This question concerns the role of certificate authorities. How I understand PKI thusfar is that it's simply the use of asymmetric cryptography to protect data. I hope that much I have right. Next, I've been looking for info on what exactly CAs do. What is their role in all of this? In other words, would it be possible…
-
Encryption and Hashing?
Hey security gurus I have worked with encryption and hashing but need to get a grip on it better. where do i look (books sites?) and what certs? Tunneling protocols like PPTP and L2TP are vpn encryption protocols right and then the data is hashed with SHA1, SHA2 and or MD5 respectively? seems to me data is tunneled and the…