Book Review: Counterhack Reloaded by by Ed Skoudis and Tom Liston
Shortly after having read Malware by Ed Skoudis, I decided I was willing to give any security book he wrote a reading. And, indeed, this was a good decision. Counterhack Reloaded, an expansion of the original Counterhack (Mr. Skoudis likes the Matrix movies it seems),proves to be a great introduction into the techniques used by both black hat hackers and their white hat opponents, pen testers. Ever wonder what a buffer overflow was? It’s covered. How an attacker uses such an exploit to get a foothold into your machine? Covered. War driving? Social engineering? Using Nmap? All covered. Of course,...
Multi-Factor Authentication Talk - ISC 1/10/13
The second presentation from UAH’s Information Security Club meeting of January 10, 2013. This talk dealt with multi-factor authenication, and was given by Eugene Davis. Slides (PDF) Audio (MP3) Video (MP4) Youtube </source>
Password Management Talk - ISC 1/10/13
The first presentation from UAH’s Information Security Club meeting of January 10, 2013. This talk dealt with password management, and was given by Eugene Davis. Slides (PDF) Audio (MP3) Video (MP4) Youtube </source>
Book Review: Malware - Fighting Malicious Code by Ed Skoudis with Lenny Zeltser
One of the great things about general purpose computers is their ability to automate large parts of our life, and remove many of the less interesting tasks from our to-do lists. Unfortunately, this is a double edged sword, as attackers can remove much of the drudgery of compromising systems, as has been happening since the creation of the first viruses in the 1980s. Malware aids all attackers, from those simply looking to have a bit of malicious fun (as seen in many of the early viruses), those who wish to show off their ability to attack and posses many machines,...
Book Review: Computer Security by Dieter Gollmann
Computer Security is, as you may have guessed, a book about computer security, specifically, it a textbook intended to be used along with a upper level undergrad course, or a graduate course. However, I found that it served well as a standalone book to educate yourself on basic computer security, since it is clearly written, and well organized, making it easy to follow the material. This book serves as a good introduction to information security, covering from the basic principles of information security (e.g. integrity vs. confidentiality), to mobile code (code like Java applets running in your browser), to security...