Category: Application, Data, & Host Security

Educate yourself on how to harden your own systems

The Sony Pictures Entertainment Hack: A Look at the Evidence We Have

Note: Much of this information comes from an official affidavit, The United States of America vs. Park Jin Hyok, also known as ("aka") "Jin Hyok Park," aka "Pak Jin Hek," (United States District Court for the Central District of Caliornia June 8, 2018). If you want to review the entire 179-page document, it's available at https://www.justice.gov/opa/press-release/file/1092091/download. The ...

VLAN Configurations, Trunk Links, and 802.1q Encapsulation

A "VLAN" is short for a "Virtual Local Area Network." You can think of them just like an ordinary LAN where each LAN is its own subnet and broadcast domain; however, a VLAN is a virtual LAN. Take a look at the network design below. This is a 10.0.0.0/24 network, which gives us 1 subnet ...

PenTest Edition: Using Shodan to Locate Internet-Connected Devices (Webcams, Servers, Routers, and More)

With Shodan, there's no hiding on the Internet. Shodan is a search engine that allows users to locate devices that are connected to the Internet, such as webcams, routers, servers, traffic lights, baby monitors, SCADA systems, Internet of Things (IoT) devices, and so forth. Shodan began back in 2009 as a small project created by ...

The Recent 4G LTE Network Vulnerabilities and Attacks

In this blog post, I'll discuss the design and operation of a 4G LTE network. In hindsight, I realize topics such as these can get extremely lengthy. For that reason, I'll limit this discussion down to only the necessary technical details required to understand these new LTE attacks, while excluding any complicating, non-essentials. These new ...