Tuesday 23 February 2010

Oh no, another Security Blog!

Yes, it's true. I have created another security blog, to add my voice to the screaming masses of wannabe-pontiffs in the Web 2.0 Universe. Will anyone read this, probably not, but I hope that perhaps somebody will stumble across this and take an interest in the things I have to say.

Why you should listen to me: you probably shouldn't, but I am an Information Security professional who specializes in vulnerability assessment and penetration testing. I will be using this blog as an outlet for my observations on Information Security, techniques and tricks I have learned, and general ramblings abound.

Stay tuned for some of the following planned postings:
  1. TLC vs the Google Mini 2 - Cracking the Case and installing Debian on a Google Mini Search appliance.
  2. Lipstick on a Pig - Why I am not impressed by your "Web Vulnerability Scanner"
  3. A Tenable Position - Why Nessus could easily be enough
  4. I don't know why you say 403, I say 200 - How always returning a 200 OK server response for login requests can defeat skiddie bruteforcers
  5. Knocking over the LAMP Part I (LFI) - Part I of a look at web vulnerabilities specifically dealing with Linux Apache,MySql, and PHP servers. Part I looks at how Local File inclusion can turn from data leakage to remote execute in just a few minutes.
  6. Get outta my Face...book - Why Social Networking Sites may be one of the worst things to ever happen to the Internet
I had one or two more I had already considered writing, but I unfortunately didn't write them down....< /irony>

No comments:

Post a Comment