0P3N Blog

The Metasploitable virtual machine is an intentionally vulnerable version of Ubuntu Linux designed for testing security tools. After the virtual machine boots, login to console with username msfadmin and password msfadmin. From the shell, run the ifconfig command to identify the IP address. To get your IP address you must configure VM on Bridge adapter mode.eth0 ...

** Cisco Certified Networking Associate (CCNA) is an entry point for a future networking professional. It gives us an overview of the networking world and provides us with a solid foundational knowledge in the area.CCNA consists of two exams: ICND1 and ICND2. Upon successful completion of ICND1 you become a Cisco Certified Entry-level Networking Technician (CCENT). CCENT combined with ...

"Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) used to discover hosts and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses. The software provides a number of ...

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-009-brianenglerciscinformationsharing.mp3[/embed]We've reached peak "Br[i|y]an" this week when we invited our friend Brian Engle on to discuss what his organization does. Brian is the Executive Director of the Retail Cyber Intelligence Sharing Center - R-CISC."Created by retailers in response to the increased number and sophistication of attacks against the industry, the R-CISC provides another tool in retailers’ arsenal against cyber criminals ...

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-010-DNS_Reconnaissance.mp3[/embed] DNS... we take it for granted... it's just there. And we only know it's broken when your boss can't get to Facebook.This week, we discuss the Domain Naming System (DNS). We start with a bit of history, talking about the origins of DNS, some of the RFCs involved in it's creation, how it's hierarchical structure functions to allow resolution to ...

Let's begin! 1 - Make sure the server time is correct. 2 - Configure NTP: apt-get install ntp service ntp reload ntpq -p  3 - Install the package that enables two-factor authentication. You can find the project here: https://github.com/google/google-authenticator 4 -Configure two-factor authentication: apt-get install libpam-google-authenticator vi /etc/pam.d/sshd Add the following line on top: ...

“The Era of False Secure IT Advertising and The Consumers At Large” – by jim white, Cybrary librarian student.) One of my favorite passions is the study of law in a hobby sort of way. Maybe because I am a certified veterans paraprofessional, a kind of paralegal for Veterans laws, tasked to protect the veterans, widows and orphans. ...

In this article, I'll show you how easily you can exploit a system running Windows XP using the Netapi exploit.Before we start, you might be wondering why you'd exploit an old version of Windows. My answer is: you gotta take baby steps before you can run. Lab Setup:-> A Windows XP virtual machine with SP2/SP3 (I used SP2)->A Kali Virtual ...

Observing and taking note of a cybercrime method doesn't always equate to taking proactive actions against it. While this might sound like companies and organizations simply aren’t paying attention, it has more to do with their belief that their existing protection against cybercrime is enough to avoid a breach. There ...

Diving a little deeper Previously, I've written about the value of cyber security degrees and wanted to dive a little deeper into this topic. Lately, I have had a series of conversations on this topic. The opinion I've formed on the subject seems to represent a large consensus.Many jobs in cyber security require people to have a certification. ...