Scope: This article demonstrates logging techniques in MySQL to uncover and analyze any mischief attempts done by (outside or inside) user focusing on specific areas in database. Getting Started: Following are the types of logs available in MySQL[1]. Log Type Information Written to Log Error log Problems encountered starting, running, or stopping mysqld General query […]
Hi all, This month’s reading list. Make sure to check out the tools sections. Traditional Pen-testing is Dead: A frank look at the state of affairs of our daily job http://www.secmaniac.com/october-2010/traditional-penetration-testing-is-dead-bsides-atlanta/
Hi all, We are starting with a monthly reading-list for people who are unable to keep up with the latest in the field of IT Security. A few articles (like the ones below) may be informational to the non-technical readers as well to improve their tech know-how and security posture 🙂
A recent dive into challenges faced from privacy compliance requirements unearthed an interesting patent. The unearthing of this new patent on the block came from the need of anonymizing data for several reasons including compliance (PCI DSS, German Data Privacy Law [BDSG], UK Data Privacy Act).
From forensics point of view, investigating “which user did what on the application/server that lead to its compromise” is of the most importance. Similar scenario applies to Email investigation. It’s quite simple now to find out the IP Address of the person who is sending out fishy or threatening emails to the victim(s).
by Nikhil Wagholikar, NII Consulting 1. Need Many a time during Forensics investigation or during Reverse Engineering, we come across the need where we have to check or extract the contents of an executable file. If the executable file is in human readable format (ex : a UNIX file having permissions –rwx-r-x-r-x) then the life […]
by Chetan Gupta, NII Consulting Many a times as an investigator, I have to deal with the issue of carving data from unallocated spaces in a partition. There are many commercial data carving tools such as Encase, Winhex, Accessdata FTK, DataLifter, ILookInvestigator. Well, I have tried most of these and must say most of them […]
By Chetan Gupta, NII Consulting In accordance with NII’s mantra of innovation and research, we have developed our own tool to conduct initial response on compromised Linux systems. This tool is appropriately titled LINReS which stand for “Linux INcident Response Script”. LINReS is a Live Response script designed to run on suspect/compromised Linux systems. LINReS […]
By Bhushan Shah, NII Consulting Windows passwords are stored in the registry (encrypted) in the form of a hash. LMHash was the first hash function used by Microsoft to secure their passwords. Eventually when the security issues popped up (as LMHash is quite insecure) they had to come up with NLTM and the most recent […]
Penetration Testing Fyodor’s back with his top 100 security tools for 2006. One of the most significant, but not surprising, entries is that of Metasploit Framework at #5 on the list. Since the launch of the 2.0 series, Metasploit has become one of the most popular security tools out there. The 3.0 series is a […]
