Blog Spam Analysis Series: CISSP Spam surprise

Update 08/08/2011: Added link to further evidence of Shon Harris spamming via blog comments from ittraining blog at the bottom of the post. I have maintained this blog for some time. I appreciate comments but sometimes there is spam that unfortunately gets in: In particular, I was interested in the CISSP spam: The CISSP post …

Testing for SSL-TLS (OWASP-CM-001)

A nice tool for SSL cipher testing is this Perl script: ssl-cipher-check.pl, however, in Backtrack and also on other distros you may get this error the first time you run it: ssl-cipher-check.pl -vw my.exampledomain.com 443 … ERROR: Unable to find /usr/bin/gnutls-cli-debug. Please install the gnutls-devel package To avoid that simply install the missing package as …

Registering and using Nessus in Backtrack 5

Unlike previous Backtrack versions Nessus now comes installed by default on Backtrack 5. This is very cool because all that is left for you is to activate Nessus! If that was not enough, when you upgrade Backtrack the instructions to register are just shown to you: …. root@bt:~# apt-get upgrade … – Please run /opt/nessus/sbin/nessus-adduser …

Security Weekly News 22 June 2011 – Summary

In case you missed it, I put together a blog post last week on the OWASP AppSec EU Security Conference in Trinity College, Dublin, Ireland with slides, pictures and experience Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “I would recommend to store at least half a …