Hacking Nagios: The Importance of System Hardening

Hacking Nagios: The Importance of System Hardening

System hardening is important. Keeping systems in a hardened state is equally important.  Good hardening should not only including keeping all the patches up-to-date, but also disabling all unnecessary services. The services that are necessary, must to be configured...

Preview of the PCI DSS v3.2

The Payment Card Industry (PCI) Security Standards Council (SSC) recently announced the forthcoming release of PCI DSS 3.2.  The release of PCI DSS version 3.2 will supersede the scheduled change for November 2016, and will be the only update to the DSS in 2016.  The...
Hacking Microsoft SQL Server Without a Password

Hacking Microsoft SQL Server Without a Password

During a recent penetration test, I was hacking away at some packet captures and noticed unencrypted Microsoft SQL Server (MSSQL) traffic. The syntax was unmistakable. At first, I thought this might be a way to capture some authentication credentials. However, MSSQL...