Information Security Blog

F-Secure animation on the evolution of online security. Tweet This Post

I have to blog my CEH experience otherwise I will not do it in the future. I promised myself that I will blog about CCNA exam and gave some tips about it and I wouldn’t. This time I will keep my promise to myself: time to write about CEH. I passed CEH exam this Monday. [...]

Netstat is a great utility to check network connections. It gives local and remote addresses (with the port numbers and protocol name if it was a well know protocol) and state of the connections. Sometimes we need to have more information than netstat provide us.  For example, what if we need the actual process name [...]

The popular microblogging site Twitter was hacked briefly by a group calling itself the Iranian Cyber Army, but the site was quickly restored after the incident early Friday.

Introduction The first step for penetration testers is getting information about the system. Traceroute is a great tool for this purpose. Traceroute shows the route between you and the target machine.  Linux has a command line utility called traceroute. traceroute uses UDP. Windows has a tool called tracert. tracert uses ICMP. It is quite common [...]

It has been two weeks since I have not made a new blog post. There are some reasons behind this. I am busy with the work. However, I don’t ignore my blog and actually was writing 2 new blog posts; one for the e-mail security with GPG and another one  for my third Nessus blog [...]

There is no excerpt because this is a protected post.

In my last blog post, I mentioned about Nessus licenses and installation processes. Today, I would like to write about usage of Nessus. Updating Plug-ins After you register and activate the nessus server, it will start to download and then update the plugins. Plug-ins are kind of virus signatures.  Plug-ins test the common vulnerabilities on [...]

I will have some blog posts about Nessus. In this first one, I will mention general issues about it. What is Nessus? Nessus is a proprietary comprehensive vulnerability scanning software. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. You can [...]

I attended SIUIS4 on this Saturday. The organizer was Southern Illinois University Innovative Systems group, a student-run interdisciplinary effort aimed at helping students at SIUC and around the area. The event, titled “SIUIS4,” included a premier professional networking event featuring more than 20 speakers as well as technical presentations, panel discussions, paper symposiums, competitions and [...]