Securing the Waterfox browser and enjoy safer Internet browsing.

My Waterfox Classic installation is becoming increasingly broken because of not updating it in a very long time, and since I’m pretty much forced to upgrade I decided to take some time to analyze what the new version is doing since everything that’s happened with it has made me a bit uncomfortable. I thought I’d … Read more

Browser security in 2022 is still not perfect.

My Waterfox Classic installation is becoming increasingly broken because of not updating it in a very long time, and since I’m pretty much forced to upgrade I decided to take some time to analyze what the new version is doing since everything that’s happened with it has made me a bit uncomfortable. I thought I’d … Read more

Taking information security seriously in a modern age.

The world of information security has always been beset by various threats that have ranged from the simple viruses that were distributed on floppy disks, to the complex computer viruses that are distributed as E-mail borne attachments that can be opened by careless users. The need for better training for any staff that are in … Read more

Twitch website database contents and software leaked by a malicious agent.

The databases and internal software of the Twitch video streaming platform have been leaked on the Internet. Twitch is an American video live streaming service that focuses on video game live streaming, including broadcasts of esports competitions, operated by Twitch Interactive, a subsidiary of Amazon.com, Inc. This leak includes the following. Entirety of twitch.tv, with … Read more

How to best enforce security in a local network situation.

Windows security on a local area network Windows security on a local area networkStrong passwordsSecuring the Windows systemsPhysical securityEducating usersOnline security Strong passwords Enforcing strong passwords with Active Directory is another way to keep the network safe. Users may be tempted to use something like passwordme1 or mypasswordisStrong1 but those passwords are not secure enough … Read more

Password security levels for different use cases.

Rules concerning passwords can be different depending upon the use case. A normal home user can get away with a standard 8 – 12 character password as long as it has some upper-case characters and numbers in it. A business would require more security, physical security of the actual hardware and a stronger password, like … Read more

Different types of networking attacks and techniques.

Footprinting Footprinting is defined as the process of gathering information on computer systems and networks. This is the first step in information gathering and provides a useful insight into the network you are planning to attack. Zero-day exploits These are exploits that are found before there are patches for these problems. These can cause many … Read more

How to install wpscan on Ubuntu and then scan a WordPress website for vulnerabilities.

Installing the wpscan utility on Ubuntu allows non-invasive scanning of a website running WordPress to find any vulnerabilities. This is very useful to run on your own website, then you may fix any problems presented after the scanning is complete. This helps ensure that your WordPress blog is as secure as you can make it. … Read more

IT security is very important in this modern age.

Information Security is very important these days, I have made a listing below of a few penetration testing tools that are very useful for finding weaknesses in the security of your business. This is good when you have a network connected to the Internet, you must ensure that only necessary ports are open to the … Read more

The workings of the Linux OS are very interesting.

The many Linux distributions out there are very interesting in how they work. The passwords for the users are stored in a file in /etc/shadow. This is only readable by the system administrator account and are encrypted with different levels of encryption. This example is using the outdated MD5 encryption scheme, which should never be … Read more

Scanning a Linux system for vulnerabilities can be a lot of fun.

Scanning a Linux system for vulnerabilities can be a lot of fun. I have used Nessus to find SSH vulnerabilities like Heartbleed. I was doing penetration testing on a Linux machine and I found a Heartbleed bug. Vulnerability Explanation: The installation of OpenSSL on the Linux webserver was found to be vulnerable to the Heartbleed … Read more

Keeping your wireless network safe from attack is important

Windows security on a local area networkStrong passwordsSecuring the Windows systemsPhysical securityEducating usersOnline securityDo not use WEP at allUse RADIUS servers for greater securityClient isolation settingWhat not to do when deploying WIFI What you should and should not do when deploying a WIFI network for your business. Do not use WEP at all The WEP … Read more

Unsecured websites are still a thing in November 2019.

It is still possible to find anything on the Internet. Backups of websites containing passwords and information. It is all out there, and not everyone is getting the message that this is a bad idea. This could be used to harvest e-mail addresses and decrypt passwords. Do not store website backups in publically accessible directories. … Read more