On vactaion for a week, no journal next week big journal!

This so made me laugh.... Antenna on the Cheap [link]








P H O T O G R A P H Y

+First Place
by *julium

+Second Place
by *staticoparanoico

+Third Place
by *madilar

S I N G L E A S P E C T
+Best Emotive
by *rob-meinel

+Best Conceptual
by *martybell

B E S T M A N I P U L A T I O N
by ~eurekastreet


Shortlist & Shortlisters can be found at this [link]
All entries & Participants can be found at this [link]

I have been super busy with my other websites! :busy: And I am in fact being promoted! From Ghoul to Hell-raiser, it was just a few weeks ago I was a lowley Minion.

To counter last weeks great info I am baloning it with this...

Computer Forensics

Computer forensics, still a rather new discipline in computer security, focuses on finding digital evidence after a computer security incident has occured.

The goal of computer forensics is to do a structured investigation and find out exactly what happened on a digital system, and who was responsible for it.

There are essentially three phases for recovering evidence from a computer system or storage medium. Those phases are: (1) acquire, (2) analyze, and (3) report. Often, the results of a forensic investigation are used in criminal proceedings.

Computer criminals always leave tracks, it's "just" a matter of finding these tracks. But this part is not always easy. The evolution in computer technology goes on, computers and other communication systems become very complicated and better connected through all kinds of networks. At the same time, computer crime techniques become more sophisticated and better coordinated.

If evidence collection is done correctly, it is much more useful in apprehending the attacker, and stands a much greater chance of being admissible in the event of a prosecution.

Start by reading some of the excellent Forensic Whitepapers [link] or Forensic Presentations [link] . And if you're ready for it, try out some of of the Forensic Toolkits currently [link] available.

Cybercrime, Computer Crime

Broadly defined, computer crime is any criminal offense, activity or issue that involves computers.

There are two categories of computer crime. Criminal activity that involves using a computer to commit a crime, and criminal activity that has a computer as a target.

On this website you will learn how to fight back and investigate computer crime. The number of skilled forensic investigators and Forensic Toolkits is growing very rapidly.

Ideally, digital forensic analysis should be an integral part of your organization's Incident Handling process.

So for all you wondering how bad or what they can expect [link]

This so made me laugh.... Antenna on the Cheap [link]







by by
by by
by by
by by
by by
by by



P H O T O G R A P H Y

+First Place
by *julium

+Second Place
by *staticoparanoico

+Third Place
by *madilar

S I N G L E A S P E C T
+Best Emotive
by *rob-meinel

+Best Conceptual
by *martybell

B E S T M A N I P U L A T I O N
by ~eurekastreet


Shortlist & Shortlisters can be found at this [link]
All entries & Participants can be found at this [link]

Been reading up on a neat little app called "Cain & Abel" and here is what it does..
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy
recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users.

Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program. Be warned that there is the possibility that you will cause damages and/or loss of data using this software and that in no events shall the author be liable for such damages or loss of data. Please carefully read the License Agreement included in the program before using it.

The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.

And here is where you can get it.. [link] Of course I am only using this for informational purposes...

I also have been working on building a Linux server, sounds neat!?!
I will be using the old dell for this project... It's going to be a dual boot puter. Its either going to be a Honeypot:

Honeypots are closely monitored network decoys serving several purposes: they can distract adversaries from more valuable machines on a network, they can provide early warning about new attack and exploitation trends and they allow in-depth examination of adversaries during and after exploitation of a honeypot.

Honeypots are a highly flexible security tool with different applications for security. They don't fix a single problem. Instead they have multiple uses, such as prevention, detection, or information gathering.

Honeypots all share the same concept: a security resource that should not have any production or authorized activity. In other words, deployment of honeypots in a network should not affect critical network services and applications. A honeypot is a security resource who's value lies in being probed, attacked, or compromised.

There are two general types of honeypots:

* Production honeypots are easy to use, capture only limited information, and are used primarily by companies or corporations;
* Research honeypots are complex to deploy and maintain, capture extensive information, and are used primarily by research, military, or government organizations.

You will learn all about the different types of Honeypots in our Honeypot links library.

An example of a honeypot is a system used to simulate one or more network services that you designate on your computer's ports. An attacker assumes you're running vulnerable services that can be used to break into the machine. This kind of honeypot can be used to log access attempts to those ports including the attacker's keystrokes. This could give you advanced warning of a more concerted attack.

Link: [link]

Or a Intrusion Detection System:

Intrusion Detection is the art of detecting inappropriate, incorrect, or anomalous activity. Among other tools, an Intrusion Detection System (IDS) can be used to determine if a computer network or server has experienced an unauthorized intrusion.

An Intrusion Detection System provides much the same purpose as a burglar alarm system installed in a house. In case of a (possible) intrusion, the IDS system will issue some type of warning or alert. An operator will then tag events of interest for further investigation by the Incident Handling team.

After the initial response the events need to be handled, looking at issues such as investigation, Computer Forensics and prosecution. You will learn all about this process on our companion website about Computer Forensics and Digital Evidence.

Traditionally, there are two general types of Intrusion Detection Systems:

* Host Based Intrusion Detection Systems (HIDS): IDS systems that operate on a host to detect malicious activity on that host;
* Network Based Intrusion Detection Systems (NIDS): IDS systems that operate on network data flows.

A new type of Intrusion Detection system is becoming more and more popular: the Intrusion Prevention System, or IPS. This is a system that actively monitors a network or host for attacks and prevents those attacks from occurring.

Link:
[link]

One very cool book I am reading up on is:
Advances in Elliptic Curve Cryptography (revised edition. By Ian F. Blake, Gadiel Seroussi, Nigel P. Smart Contributors: Nigel P. Smart, Dan Brown, Alex W. Dent, Elisabeth Oswald, Marc Joye, Frederik Vercauteren, Pierrick Gaudry, Florian Hess, Steven Galbraith, Kenneth G. Paterson
ISBN-13: 978-0-521-60415-4 paperback
Its only 298 pages but a solid read none the less..
Publisher: Cambridge University Press
Pub Date: May 31, 2005

Ubuntu is a very very cool distro! [link]

This so made me laugh.... Antenna on the Cheap (er, Chip) [link]







by by
by by
by by
by by
by by
by by
by by
by by
by by
by by




P H O T O G R A P H Y

+First Place
by *julium

+Second Place
by *staticoparanoico

+Third Place
by *madilar

S I N G L E A S P E C T
+Best Emotive
by *rob-meinel

+Best Conceptual
by *martybell

B E S T M A N I P U L A T I O N
by ~eurekastreet


Shortlist & Shortlisters can be found at this [link]
All entries & Participants can be found at this [link]

I have been on a bit of a hiatus, for those of you who do not know. I am sick in the head, not to worry you can not catch it. I have been having a lot of bad days, and very few nights of sleep, I really have not been getting out much. Hence the lack of photos...

However I am hell bent on get at least 10 more works up, before the end of the year. I am nearing 20K PV's not to bad... I got my DSLR in Jan. of 2007, I really feel like I have grow so much in photographic skills sense. Of course this is simply not enough for me, I always believe that I can do better and bigger...

I have been doing a shot load of reading about IT and wifi! These are just a sample of some if the topics that I have been going over: Apache Security, Cisco Security, Computer Forensics, Computer Viruses, Cryptography / Encryption, Crypto Conference Proceedings, Database Security, Digital Watermarking
Exploiting Software, Firewalls & Packet Filtering, General Security Books, Honeypots & Deception, Incident Response & DDoS, Intrusion Detection, Microsoft Windows Security, Network Authentication, Outsourcing IT Security, PKI & X.509, Privacy & Digital Rights, RFID Security, Root-kits, Secure Coding / Programming, Security Policy / Management ,Spam Fighting, Stenography & Data Hiding, Unix & Linux Security, VoIP Security, VPN and IPSEC, Web / Web Application Security, Wireless LAN Security..

I am such a info hound.. what can i say.. Oh yeah Ubuntu is a very very cool distro! [link]

This so made me laugh.... Antenna on the Cheap (er, Chip) [link]



I can only hope to be one day this good at photography...



by by
by by
by by
by by
by by
by by
by by
by by
by by





Feature in 43 Different Galleries.

The Short List
Photography:

1. *staticoparanoico
2. ~nooriskandar
3. *JobobArikan
4. ~eurekastreet
5. =Asinine-Arsenic
6. =spiralmanipulation
7. *julium
8 *Doublecrash
9. *rob-meinel
10. *martybell
11. *madilar
12. ~SWCameraEyes
13. =Behindmyblueeyes

Best Manipulation:

1. *tragic-saturn
2. ~eurekastreet
3. ~NimfabebeRetouch
4. *dehouse42
5. =TheRevolutionX
6. =Alegion