Groupon and food

By nikon March 4th, 2014, under Ramblings

I love my children but they have seriously dipped into my eating out fund.  A great way to cut my spending when I want to eat out is only eating at restaurants featured on Groupon and Living social. 

The Groupon cost $15 dollars doe $30 dollars worth of food. Which basically paid for my meal.  Only had to pay for the rest of the family.

The restaurant was awesome.  It wasn’t snooty at all.  The restaurant owner even came out and danced with the kids as they listened to live guitar music!  The food was awesome.  If you know me you know that I usually have something to complain about.

SSLv2 on Kali

By nikon November 2nd, 2013, under Ramblings

So for awhile now checking for SSLv2 on Kali has been a pain.  Openssl would crash so I assumed that it wasn’t there.  I would get TLS V1 SSLv3 when I just ran Openssl -connect to see if it is there. Apparently it was just broken and here is the fix.

 

http://blog.opensecurityresearch.com/2013/05/fixing-sslv2-support-in-kali-linux.html

Web Services explaination

By nikon October 5th, 2013, under Network Security, Security

When I find really good links to explain things I tend to want to keep them.  Here is a link that explains web services and how to pentest them.

http://resources.infosecinstitute.com/web-services-penetration-testing-part-1-2/

 

 

Derbycon 3.0 Saturday Night & Sunday

By nikon September 29th, 2013, under Cons, Security

Well,

I haven’t been to sleep yet.  Yesterday I sat down for a few talks.  One of which I thought was awesome was the talk on Browser Pivoting by Raphael Mudge.  Pretty cool watching what he was doing with the VM’s and I happen to have a copy :D.  So it will be great to get it into my lab and play with it.  The scary part is that he did some things with certs and SSL that is kinda scary!

Saturday night was pretty awesome.  Got to watch the sun rise at the pier!

Derbycon 3.0 Friday Night

By nikon September 28th, 2013, under Cons, Security

not every geek with a commador 64 can hack into nasa…

Got to watch Dual Core perform like rock stars!  It’s great to follow a group from the beginning and see how big they have gotten.  Nerdcore is music that touches home.  Probably the only kind that almost every song means something. So I will support these guys til the end of time!

On an even sweeter note got to hand out with them after the concert.  Just got back from hanging out with Dual Core, IllWill from 2600 and a few others.  Boy did I have a blast!  Everyone was mad cool.  No one was left behind and everyone had a good time!  Didn’t get home til 5:30am.  HEH.

If you are interested in nerdcore totally check out Dual Core.   Here is a link to the groups youtube channel.

Dual Core Youtube Channel

Derbycon

By nikon September 24th, 2013, under Security

Tomorrow,

I get to go to Derbycon for the first time.  I am extremely excited and can’t wait to get there.  I don’t get to many go to many new cons. So I can’t wait!

My first in person CTF!

By nikon August 14th, 2013, under Ramblings

This past weekend I was apart of a CTF in Annapolis Junction, Maryland.

https://www.altamiracorp.com/ctf

We didn’t win which kinda sucked but that wasn’t the reason why I joined the team.  I was there for the  experience.  I wish it was a better experience.  The rules weren’t very clear so by the time we figured out what we SHOULD have been doing it was way to late in the game.   I did get a challenge coin out of it which was cool.  I also got 3 cans of red bull.  I am going to be doing more of these CTF’s because they seem to be a lot of fun.  Especially with the right team.

Vulnerability Scanner can also have vulnerabilities

By nikon August 7th, 2013, under Ramblings

Products like nmap and Nessus are a Ethical hackers best friend.  We use them to narrow down potential vulnerabilities in websites and networks.  We are reminded eventually that those too  can have vulnerabilities in them.  Today we find that has them.

This is also a good reason to make sure that testing on these applications are done in a safe lab environment before introducing them to client environments.

http://seclists.org/fulldisclosure/2013/Aug/67

TLS BEAST and CRIME

By nikon August 6th, 2013, under Network Security, Security

If you  have been any type of security assessment/audit TLS BEAST and CRIME  has been seen.  Here is an article done by Omar Santos over on the cisco blogs.

This year at Black Hat USA, Angelo Prado, Neal Harris, and Yoel Gluck uncovered a new attack and a tool they called BREACH, which is based on some of the previous research by the folks behind CRIME.

 

http://blogs.cisco.com/security/breach-crime-and-blackhat/

Security tube – Courses

By nikon January 9th, 2013, under Network Security, Security

While looking at security tube I noticed that they had courses and certifications.  I knew they had them but never really paid too much attention to it.  There is a paid version and a community version.  The community version provides the same videos as the paid version for free!  Vivek has been kind enough to provide these to the security community in an effort “to provide quality yet free infosec education to one and all”  I highly recommend these courses if you are looking to learn more about security or learn a scripting language.

You can find the courses located here:

http://securitytube-training.com/online-courses/