Nicholas T. Nguyen
Department of Homeland Security looking for vendors to handle Cyber Security Operations Center.
In the news
Cyber warriors are allowed to have long hair. (UK, not satire)
Virginia schools sponsor summer cyber camps to encourage students towards cyber security job fields.
In my past use of WireShark, you can use the tool as a passive sniffing tool to detect packets coming in and out of your network. You can also tailor your syntax to search for specific ip addresses, ports, and packets. An alternative to WireShark are other sniffers such as tcpdump. It is recommended to not use WireShark while running root privileges, since WireShark may have a buffer overflow vulnerability. Anyone who exploits your WireShark while you are sniffing if you run with root privs will gain root privs. Sniffing usually does not require one to run as root, but it is needed to be in promiscuous mode.
Article: Pentagon hosts a Hack the Pentagon Challenge to help find vulnerabilities.
The reading focused on the functionality of the msf console. The console allows one to look thru plenty of payload options, exploits, and auxiliary scanners. Scanners can act as port scanners, vulnerability scanners, and more. Programs like mimikatz or the updated kiwi can dump passwords in clear text on Windows machines. The hashdump or run hashdump command can dump LM:NT hashes from memory from Windows machines. One can perform pass the hash attacks through a variety of exploits available. Programs such as karametapsloit is Karma within the metasploit framework which allows attackers to create fake access points, capture passwords, collect data, and perform browser attacks. Also within msf console, one can pivot to other machines that the first compromised machine has access to. Activating the database allows Metasploit to record all information that is collected about target machines in the recon phase of the pen test.
In the News:
Cloud, cyber policy documents trickle out of DoD