Monthly Archives: March 2009

Want to hurt your page rank? Follow me :)

Since I started my new job I have been so much involved in discovering new technologies that I quite forgot to post any significant and regular update to this website. Google’s ranking algorithm did not pardon this move: my page rank fall from 7 to 4 !!!

With a page rank of 7 I had the feeling to be over ranked but with a page rank of 4 I really have the feeling to be under ranked 🙂

To avoid continuing this move down, I have decided to:
1. Create a Twitter account and publish my tweets here to make the page change more often.
2. Take more time to write on this blog or decide to let it down 😮
3. Refine the focus of this blog, obviously it was oriented web technologies now it is heading to software development and testing.

If you want to help me and share some of your insight, I am looking forward to read your advice below!

Ahmet

 
0 Kudos
Don't
move!

Introduction to security: the right tools for your needs.

A few weeks ago, I followed a presentation at Digicomp called “From Ethical Hacking to IT-Forensic” presented by Juerg Fischer. The most interesting part I kept from the presentation (that was in German so may explain the little I remember from it 🙂 ) was about the tools and resources useful for the differents phases of the penetration tests. Even of most of these tools and resources might be alredy know, I hope it will still make an usefull list to somone else than me 🙂

1. Information Gathering

In this early stage the goal is to gather information about people and architecture you might find during your security analysis.

Whois: Domain name lookup
Sam Spade: Integrated network query tool
SearchDNS: Information about an organisation servers
Archive.org: Access old pages from Internet 

2. Vulnerability Analysis

For this second phase, the goal is to gather information regarding vulnerability that correspond to the list you gathered (type of server, OS …) in the first phase.

Secunia: Vulnerability Database
SecurityFocus: Stay informed

3. Router

Getting ride of the router…

NSLOOKUP: Find the IP addresses of a particular computer
DIG: Investigate DNS
dsniff: Suite of tools to sniff network data

4. Firewall

NMAP: Security Scanner
HPING: TCP/IP packet assembler/analyzer
Firewalk: Determine what layer 4 protocols a  given IP forwarding device will pass

There are many more tools but with the previous links list you should have already enough to start digging into security related topics 🙂 

Ahmet

 

 
0 Kudos
Don't
move!