Author Archives: Seth

Validating Credentialed Nessus Scans (Part 2)

Posted on April 13, 2012 by Seth

Authenticated Nessus scans are good. For many reasons. That said, when they fail, it can be difficult to figure out WHY they fail. This will be the second in a 3 part series of troubleshooting credentialed scans (Part 1). Today’s … Continue reading →

Posted in Nessus, Vulnerabilities | Comments Off

Validating Credentialed Nessus Scans (Part 1)

Posted on April 4, 2012 by Seth

Authenticated Nessus scans are good. For many reasons. That said, when they fail, it can be difficult to figure out WHY they fail. This will be the first in a 3 part series of troubleshooting credentialed scans (Part 2). Today’s … Continue reading →

Posted in Nessus, Vulnerabilities | Comments Off

Antivirus policies for specific types of hosts

Posted on February 17, 2011 by Seth

This was also posted on Pauldotcom here. ~ Seth In many enterprise environments business needs for performance often trump security (Ok, more often then not). A good example of this is Exchange Administrators getting grumpy about your AV client causing … Continue reading →

Posted in Malware, Policy, Real World, Windows | Comments Off

SNMP for fun and profit!

Posted on September 3, 2010 by Seth

Because you never turn off SNMP.. right? This is a pretty good article over here on Attack Vector about basics of using SNMP to further your pentest and/or using your manager’s personal networked printer against them. Most network infrastructure devices have snmp … Continue reading →

Posted in Real World | 1 Comment

Cyber Security Awareness Month Ideas?

Posted on August 11, 2010 by Seth

So I saw the recent post on ISC about the upcoming Cyber Security Awareness Month in October. It’s already prompted some discussion at work that looks like it’ll have a productive end, and I’ve also got a SANS class starting … Continue reading →

Posted in Mac, News, Real World, SANS | 1 Comment

Application whitelisting, good or bad?

Posted on August 4, 2010 by Seth

(This was a draft that’s been hiding for a few months, but it’s still relevant, even if the initial post it references is 3 months old.) So whitelisting has been brought up again. Those of you familiar with Marcus Ranum … Continue reading →

Posted in Mac, Malware, Real World, Uncategorized | 3 Comments

GSEC Mentor Session in Sept – Germantown, MD

Posted on July 28, 2010 by Seth

Found a fun email in my mailbox this morning. Starting September 21st, SANS will be running Security Essentials in Germantown, MD. This course will be taught by SANS Mentor Seth Matheson. For complete event details visit http://www.sans.org/info/60983. Security Essentials teaches … Continue reading →

Posted in Real World, SANS | Comments Off

About the BOF at #SANSFIRE: Mac Security

Posted on June 8, 2010 by Seth

So I’ve gotten a few questions about what the Mac Security BOF (Birds of a Feather – SANS event that’s essentially a discussion on a given talk by SANS attendees for SANS attendees) is about on Thursday night. So I’ll give … Continue reading →

Posted in Mac, Real World, SANS | 1 Comment

Day 1 – GWAPT

Posted on June 7, 2010 by Seth

So aside from the multitude of updates today (Safari, iTunes, iPhone, etc etc), and fun releases (Josh Wright and WiMAX hacking), my brain is a little melted. Just spent a day with Kevin Johnson and SEC542. Good material, great teaching … Continue reading →

Posted in SANS, Web Attacks | Tagged SANS | Comments Off

SANSFIRE 2010!

Posted on June 6, 2010 by Seth

Well that time of year is upon us again. No, I’m not talking about summer, your local DC heat wave of wetness, or my angry time of the month. SANSFIRE. It’s a yearly IT Security conference held in Baltimore each … Continue reading →

Posted in Real World | Comments Off

Author Archives: Seth

Archives

Meta