May | 2015 | Decentralized Intelligence

5 Minutes

The purpose of this document is to perform a penetration test using two different methodologies to exploit and gain unauthorized access to vulnerable computer systems using a set of penetration testing tools including, Nexpose, Kali Linux, and Metasploitable. These tools are designed to demonstrate common vulnerabilities and subsequently exploit them, which allows security administrators to formulate a plan in regards to remediation and prevention of an actual attack. The purpose of penetration testing is to attempt to access resources without knowing usernames, passwords, and/or any other means of authorized security authentication procedures that may exist for a particular organization or individual. An important thing to consider is the only thing differentiating a penetration tester (White Hat Hacker) from an attacker (Black Hat Hacker) is permission from the attacked to allow it to happen.

Continue reading →

20 Minutes

Computer networks are more advanced today than ever. More and more users are demanding greater access to these systems and as a result administrators are tasked with the dilemma of securing these highly complex networks. Many systems at one time had the luxury of relying on basic firewall implementations, which consisted of IP filtering and port blocking. In todays society this is no longer an option.

As today’s computer network systems advance, so do the intruder’s methods who wish to wreak havoc upon them. One such advancement in network security is the implementation of an IDS/IPS (Intrusion Detection System/Intrusion Prevention system). An IDS/IPS is a great addition to any unified threat management system, which can help thwart off an attacker’s advance or slow them down long enough to initiate alternative security measures. This paper will also explore the costs savings of outsourcing computing resources in conjunction with the security benefits and/or security vulnerabilities associated with doing so.

Continue reading →