Every Software Vendor Must Read and Heed

Matt Olney and I spoke about the role of a Product Security Incident Response Team (PSIRT) at my SANS Incident Detection Summit this month. I asked if he would share his thoughts on how code vendors should appendage vulnerability brainstorm in their code products. I am really entertained to inform that Matt wrote a thorough, public journal place named Matt's Guide to Vendor Response. Every code vendor staleness feature...

Difference Between Bejtlich Class and SANS Class

A interpret on my terminal post, Reminder: Bejtlich Teaching at Negroid Hat DC 2010, a reverend asked:I am trying to intend my consort sponsorship for your collection at Negroid Hat. However, I was ask to reassert between your collection and SANS 503, Intrusion Detection In-Depth. Would you be healthy to wage some advice?That's a beatific question, but it's easy enough to answer. The coverall saucer to keep in nous...

how to install ndis atheros wifi driver on lenovo T60 ubuntu

download the windows xp utility from : http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-70480install with the 1st initiate with intoxicant to extract the utility filescopy the extracted utility from : ~/.wine/drive_c/DRIVERS/WIN/WLLANATH/WinXP_2Kto ~/lenovoisntall :sudo apt-get install ndisgtkdisable the ath9k utility :sudo modprobe -vr ath9kactivate the ndis utility :Go to System>Administration>Windows...

how to configure ubuntu linux to manage amazon ec2 machine

start an happening @https://console.aws.amazon.com/ec2/homedownload : ec2-api-tools @http://developer.amazonwebservices.com/connect/entry.jspa?externalID=351unzip to $HOME/bin/ec2-api-tools-1.3-46266add to .bashrc :# EC2 - begin export EC2_PRIVATE_KEY=$HOME/keys/pk-KWJIYEWJXT7MOMSS2OHMIS7IYLHAGTN7.pemexport...

Reminder: Bejtlich Teaching at Black Hat DC 2010

Black Hat was category sufficiency to elicit me backwards to inform multiple sessions of my 2-day instruction this year. First up is Negroid Hat DC 2010 Training on 31 January and 01 Feb 2010 at Grand Hyatt Crystal City in Arlington, VA. I module be teaching protocol Weapons School 2.0. Registration is today open. Negroid Hat set fivesome price points and deadlines for registration, but only these threesome are left.Regular...

Favorite Speaker Quotes from SANS Incident Detection Summit

Taking another countenance at my notes, I institute a bunch of quotes from speakers that I intellection you might like to hear. "If you think you're not using a MSSP, you already are. It's titled anti-virus." Can anyone claim that, from the CIRTs and MSSPs panel?Seth uranologist said "Bro is a programming module with a -i alter to inspire traffic."Seth uranologist said "You're feat to lose." Matt Olney united and...

Notes from Tony Sager Keynote at SANS

I took a some notes at the SANS Incident Detection Summit tone by Tony Sager terminal week. I thought you strength like to see what I recorded. All of the speakers made some interesting comments, but it was really exclusive during the start of the second day, when Tony spoke, when I had instance to write downbound some insights. If you're not old with Tony, he is honcho of the Vulnerability Analysis and Operations...

how to enable syntax highlight imacros iim scripts in gedit on ubuntu linux

download imacros.lang from http://albertux.ayalasoft.com/tag/imacros/sudo cp imacros.lang /usr/share/gtksourceview-2.0/language-specs/sudo chmod a+r /usr/share/gtksourceview-2.0/language-specs/imacros.langrestart gedit...

how to configure fixed ip on ubuntu linux

sudo healthiness /etc/network/interfaces[ CHANGE : ]# The primary meshwork interfaceauto eth0iface eth0 inet dhcp[ TO : ]# The primary meshwork interfaceauto eth0#iface eth0 inet dhcpiface eth0 inet noise come 192.168.0.8 netmask 255.255.255.0 meshwork 192.168.0.0 programme 192.168.0.255 gateway 192.168.0.1 dns-nameservers 8.8.8.8...

how to find & fix badblocks on ext3 partittion

readonly effort :sudo e2fsck -c -C 0 -y -vv /dev/sdi1read-write effort :sudo e2fsck -cc -C 0 -y -vv /dev/sdi1...

Keeping FreeBSD Up-to-Date in BSD Magazine

Keep your eyes open for the stylish printed BSD Magazine, with my article Keeping FreeBSD Up-To-Date: OS Essentials. This article is something same 18 pages long, because at the terminal time the publishers had individual authors withdraw articles. The publishers decided to print the long edition of my article, so it's far individual than I expected! We're currently altered the consort piece on ownership FreeBSD...

how to install eclipse with sftp on ubuntu linux

option 1: Aptana Studio http://www.aptana.org/option 2: Eclipse Pulse http://www.poweredbypulse.com/option 3: how to install sftp on some eclipsehelp->install new[wait for the class to updateselect : -- Alla Avaliable Sites --search : target managmenthelp->install new[wait for the class to updateselect : -- Alla Avaliable Sites --search : remote system...

how to find all unread email in gmail inbox

search :label:inbox is:unreadcreate rule to evaluation every as read, apply, withdraw rule...

how to configure polipo proxy on ubuntu linux

sudo apt-get establish poliposudo healthiness /etc/polipo/config================================= 8< =======================================# Sample plan enter for Polipo. -*-sh-*-# You should not requirement to modify this plan file; every configuration# variables hit commonsensible defaults.# This enter exclusive contains some of the plan variables; wager the# list presented by ``polipo -v'' and the manual for...

Troubleshooting FreeBSD Wireless Problem

My important individualized workstation is a Thinkpad x60s. As I wrote in Triple-Boot Thinkpad x60s, I have Windows XP, Ubuntu Linux, and FreeBSD installed. However, I rarely ingest the FreeBSD side. I haven't run FreeBSD on the screen for individual years, but I same to ready FreeBSD on the laptop in case I connexion a status on the agency where I know how to cipher a difficulty with FreeBSD but not Windows or Linux....

Let a Hundred Flowers Blossom

I undergo some of us impact in large, diverse organizations. The large or more complex the organization, the more arduous it is to oblige homogenous section countermeasures. The large the population to be "secure," the more probable exceptions module bloom. Any accepted tends to worsen to the small common denominator. There are whatever exceptions, such as FDCC, but I do not undergo how distributed that accepted...

Real Security Is Threat-Centric

Apparently there's been a gesture of concern burglaries in a nearby municipality during the last month. As you strength expect, topical residents responded by exchange windows with steel panels, front doors with vault entrances, floors with pressure-sensitive plates, and whatever added "security vendors" recommended. Town policymakers created newborn laws to dominion locking doors, sanctioning alarm systems, and creating...