Why you should listen to me: you probably shouldn't, but I am an Information Security professional who specializes in vulnerability assessment and penetration testing. I will be using this blog as an outlet for my observations on Information Security, techniques and tricks I have learned, and general ramblings abound.
Stay tuned for some of the following planned postings:
- TLC vs the Google Mini 2 - Cracking the Case and installing Debian on a Google Mini Search appliance.
- Lipstick on a Pig - Why I am not impressed by your "Web Vulnerability Scanner"
- A Tenable Position - Why Nessus could easily be enough
- I don't know why you say 403, I say 200 - How always returning a 200 OK server response for login requests can defeat skiddie bruteforcers
- Knocking over the LAMP Part I (LFI) - Part I of a look at web vulnerabilities specifically dealing with Linux Apache,MySql, and PHP servers. Part I looks at how Local File inclusion can turn from data leakage to remote execute in just a few minutes.
- Get outta my Face...book - Why Social Networking Sites may be one of the worst things to ever happen to the Internet
I had one or two more I had already considered writing, but I unfortunately didn't write them down....< /irony>