Private Workspaces Increase Productivity

Dale Dauten, author of the Corporate Curmudgeon column, offers some empirical (real-world) proof of something I’ve known for a very long time: working alone substantially, measurably increases productivity. You can read a copy at the Arizona Daily Star (http://azstarnet.com/business/article_d636ff2d-b4b2-5ad7-93fb-c212397478a8.html). Here’s the Executive Summary: “The best employees” have always been aware that their own efficiency makes …

Cyberwar: It’s Here, It’s Now. What Do We Do?

“The internet is inherently unsafe and should be replaced with a safer, re-architected alternative, says former White House cybersecurity advisor Richard Clarke.” (http://www.computerweekly.com/Articles/2010/10/13/243326/RSA-Europe-2010-Replace-internet-with-something-safer-urges-former-White-House.htm) Consider that: totally replacing the Internet’s infrastructure as a cheaper alternative to our current hodge-podge of security. He’s talking about replacing every router (and the big daddies are very, very expensive), possibly …

“Stuxnet is going to be the best studied piece of malware in history”

“Stuxnet is going to be the best studied piece of malware in history” – Ralph Langner, at his Stuxnet Logbook,http://langner.com/en/index.htm The Stuxnet Event is like a hidden 9-11. The ramifications are huge, but we haven’t felt them yet. And it’s a hell of a read: infected Russian web sites, amateurish Iranian programmers and fantastically proficient …

HP Interview Questions

Here is a valuable summary submitted by Dennis H., who interviewed multiple times with HP in Albuquerque. I have to give him credit – he managed to recall most of these after the fact, which is probably much better than I could do. Wednesday, March 4, 2009                    Interview w/Ray Crawford Hardware …

Using Backtrack 4: Information Gathering: Route: tctrace

tctrace Discussion: From http://phenoelit-us.org/irpas/docu.html#tctrace: TCtrace is like itrace a traceroute(1) brother – but it uses TCP SYN packets to trace. This makes it possible for you to trace through firewalls if you know one TCP service that is allowed to pass from the outside. Notice that qualification: You have to know at least one TCP …

Using BackTrack 4: Information Gathering: Route: tcptraceroute

tcptraceroute Purpose: To perform a traceroute into a network when firewalls prevent using ICMP or UDP for normal traceroute probing. Discussion: From http://michael.toren.net/code/tcptraceroute/: tcptraceroute is a traceroute implementation using TCP packets. The more traditional traceroute(8) sends out either UDP or ICMP ECHO packets with a TTL of one, and increments the TTL until the destination …

Using Backtrack 4: Information Gathering: Route: protos

protos Purpose: From /phenoelit-us.org: Protos is a IP protocol scanner. It goes through all possible IP protocols and uses a negative scan to sort out unsupported protocols which should be reported by the target using ICMP protocol unreachable messages. More accurately, protos reports back on *supported* protocols for a particular host or router. This information …

Using Backtrack 4: Information Gathering: Searchengine: goorecon

goorecon Purpose: Using Google to do two things that increase your subject’s attack surface:Enumerating subdomains, andHarvesting email addresses. Discussion: In the “final” release of BackTrack 4, perhaps just my copy of goorecon was broken. I putzed around hacking the script, but eventually simply renaming goorecon.rb then running gem install goorecon solved the issue. Tutorial: http://www.question-defense.com/2010/05/29/backtrack-4-information-gathering-search-engine-goorecon-find-emails-and-subdomains-using-google#more-6122

Using BackTrack 4: Information Gathering: Route: netmask

netmask Opening Instructions: Usage: netmask spec [spec …] -h, –help                    Print a summary of the options -v, –version                 Print the version number -d, –debug                   Print status/progress information -s, –standard                Output address/netmask pairs -c, –cidr                    Output CIDR format address lists -i, –cisco                   Output Cisco style address lists -r, –range                   Output ip address ranges -x, –hex                     Output …