ikawnoclastic thoughts

Introduction to Penetration Testing Using Metasploit

June 18th, 2016

After many months of effort, my first Pluralsight course, Introduction to Penetration Testing Using Metasploit is now available. Here is the official course description:

Metasploit is one of the most widely used tools for penetration testing, providing powerful attack simulations, security assessment management, and more. In this course, Introduction to Penetration Testing Using Metasploit, you’ll learn to use Metasploit to enumerate available services, identify potential weaknesses, test vulnerabilities through exploitation, and gather evidence for reporting. First, you’ll see how to install and configure the Metasploit Framework and several supporting tools on Kali Linux. Next, you’ll explore how exploits and payloads work together to gain access to systems. Finally, you’ll look at how Metasploit Framework releases are made available and how to maintain the latest version of the Framework. By the end of this course, you’ll have a better understanding of how to use Metasploit to quickly assess the security posture of systems and networks to reduce risk.

I received terrific support from the Pluralsight team in creating this course. They are very active in communicating, listening, and work with their authors. They have tools and a process for getting courses out the door. I was surprised by this attention to authors and to the details most of all.

(more…)
ikawnoclast.com, Now with Let’s Encrypt

January 31st, 2016

Let’s Encrypt Logo

I just switched my personal web site (this one) over to HTTPS using Let’s Encrypt. My long-time hosting provider, Dreamhost, added support for it recently (January 20, 2016). Both Let’s Encrypt and Dreamhost’s support for it are still considered Beta, but no issues here so far.

I have always wanted to have encrypted transmissions for my web site but did not want to spend the money to get the certificate and and possibly pay for the static IP. Thanks to Let’s Encrypt and Dreamhost’s support for it, it’s now possible.

(more…)
Network Warrior, Second Edition

January 31st, 2016

Network Warrior, Second Edition
Gary A. Donahue

O’Reilly Media

I am an information security guy with a computer science degree. A good portion of my knowledge lies in operating system security and the interactions between systems. In college I took a computer science course in networking in which we delved into network fundamentals (packets, headers, protocols, etc.). However, most of it was focused on building network-enabled applications at the system call library level in the C programming language. We did not get to play with routers and switches, even though we knew how they worked, at least in theory. We assumed those components were there, were properly configured, and worked perfectly.

In my information security work, I have worked with small firewalls, software VPNs, IPS/IDS devices, VLANs and switches, and some other network components. I was able to figure out and configure most of that stuff out based on my fundamental knowledge of networking. However, I still didn’t have any exposure to enterprise-level switching and routing. Now I am a security architect and that is essential knowledge.

I got a free copy of the second edition of Network Warrior by Gary A. Donahue in early January 2016 through my membership to several O’Reilly Media mailing lists. This was a great opportunity to grow my knowledge of an area that I needed. It’s just over 1000 pages and packed full of useful information. It’s mostly about Cisco gear, but there are many chapters that focus on concepts that apply no matter what the vendor.

Here is a mini-review of what I found to be most helpful from an information security perspective.

(more…)
Testing

December 31st, 2015

This is a test of the WordPress.org site for blog posts.
Exploring ZFS Properties

April 30th, 2015
We have options! (CC BY-ND 2.0 licensed image by Bill Ohl, haynseek on Flickr)

Properties are an important part of determining and setting the configuration of ZFS storage systems. They can also be used to review the performance and usage of storage resources. Properties can be set at a top-level and inherited by child components when created. Understanding how ZFS properties are utilized is important to operating an efficient storage system.

In this article, we will explore how to properties work and how to get and set properties.

Learning Objectives
1. Learn how properties and their inheritance are used in ZFS.
2. Learn how to set properties to change the configuration of a storage system.
3. Learn how to get information from properties.
This article is one of a series of articles on ZFS. You can start at the beginning by creating a ZFS playground on which you can play.

(more…)