Wednesday, November 27, 2013

Hackit+ - Ethical Hacking training course

I'm excited to write about a little project I've been working on.  I've helped a team of very special and talented folks with creating Premier Course ware for Ethical Hacking.  It is a paid program for instructing on hacking from the very introductory levels.  If you've never worked on security before, or if you are thinking of trying to, but all the material you find out there is way too advanced, then try Hackit+.

With lessons that start with explanations of virtual machines and Linux all the way up to advanced exploitation techniques, this course will bring you from 0-60 in just 15 lessons.  The product has just launched, but the community plans are strong and engaging.  With user driven forums for members only along with access to download and try to hack example virtual machines.  Launching new ones all the time to test your lessons learned.  These virtual machines comprise "Hackville" which is what they call the collection of virtual machines which represent citizens and businesses inside a simulated town.  With resources and persons simulated with virtual machines, these test your learned material and challenge you to creative problem solving.

This courseware is not your traditional fare.  It is engaging and pushes the student to try and experiment and learn by doing.  This course is not for a passive student base.  But for people who are curious about the field of Penetration Testing, Security or just wanting to learn from the bottom up, this course is engaging and has the promise of a strong community structure to keep you engaged for months to come after your complete the course.

There is a certification exercise at the conclusion if you are so inclined, this process will earn you a certificate of completion that will be backed by the Hackit+ team.  This certification is included with the courseware at no extra charge.  Visit the website for the details and dive in if you too would like to learn how hacking works, even if you don't have any previous experience.

I do apologize, I normally don't endorse products on this blog, but as it is very much in line with my philosophy on these things and the Tin Foil Hat Show podcast, I thought it an interesting piece for anyone who normally follow what I'm writing about.

Happy Hacking.  And remember: If it hacks you, you should HACK IT BACK!
--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Sunday, October 20, 2013

Opensource pragmatism


I just wanted to revisit the discussion of software as dogma.  I think it is very important that the open source community get the preference when the software is equal to or better than the closed source version.  But when the closed source version is well ahead of any open source competition, there is a requirement as a professional that I am as effective and efficient as possible.

Yes, this is a declaration that I use closed source software.  Absolutely NEVER when I can avoid it, but always when it is a difference between doing my work/play well.  If I have to get something done and it means I have a binary blob in my Linux installation, then so be it.  Most of us make these compromises often with flash or java as a start, many more even with binary blobs for video drivers, skype and more.  So while I am an open source advocate and recommend transitions to linux and migration from corporate systems for infrastructure to open source servers and software.  But only where they are equal or greater than the closed source solution.

I don't want this to sound like I don't have respect for young software projects who are struggling to reverse engineer and create the replacement software.  I do have a vast respect for the persons who, scratching their own itch are looking to produce the open source alternative, and I've contributed to a couple of those projects in the past doing documentation and testing (I can't program).  I know how daunting and huge such an activity is.

I just wanted to write this post since I've heard, more than a few times, in the last months very derogatory statements against members of the community who participate and contribute just because they have a windows computer for playing video games.  And I have a strong sensation that most of the people to are very critical of that, probably have already binary blogs on thier own systems and that makes them hypocrites, even if the insults are being cast at the wider OS level of consumption, my argument is that a little closed source is just as bad as a lot.  So, unless you are running GNU Hurd linux on your system, then you probably need to silence any condescending remarks to any of the open source community who do use a Mac or Windows for specific tasks that fall outside the area of expertise and excellence by the closed source community.

--
CafeNinja
 Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Sunday, July 21, 2013

Debian vs. Ubuntu

Hello guys and gals,
It's been a while, and I want to assure everyone that I'm still out there and doing geeky things, but between recent family health issues and work being a bit in a mix-up after a merger, I've been otherwise engaged.

But here to talk about the latest of the grand activities and give a quick background on why I came to ask myself the question "Debian vs. Ubuntu".  To start off I'd like to confess that I've been a strong Ubuntu user and promoter over the last six years.  While I think it is still a solid distro for new or novice users, I was running into issues with library compatibility, intolerance for proper release cycles and some of the choices that Canonical are making in regards to the technology choices they are making.  While I would _never_ begrudge them the option to make those choices, I just want to say that I don't 100% agree.  I say this not to start a flame war, but to declare that I recognize their freedom to make those choices and my freedom to choose another distro.

So my distro hunt was on.  I've been very impressed with the performance of Arch on a few machines I've owned, but I've also found it very easy for me to not pay close attention to things and find myself with a broken system and not sure how to recover.  I looked for about 20 min at several RPM based distro's out there which have enjoyed recent popularity, namely Mageia.  While the system was fine and there was no remnants of the old "RPM Dependency Hell" it was just a little out of sorts for me now that I've got nearly 8 working years on Ubuntu and Debian based systems.

So I went back and looked at the key features I would enjoy.  A rolling distro for the first time on my production machine would bring me some satisfaction, based on the Debian package system puts me in my comfort zone and keeping more with community standard desktop environments and graphic server standards and I felt that those points leaned me back to a core, base Debian install.  With Debian 7.0 on a very recent release I thought to give it a go.

I had very good success with Debian 7 on one of my slightly older machines.  Then, as a minor derivative for my net-book I installed CrunchBang #! using the Openbox window manager vs. Gnome3. I was quite pleased and comfortable in both.

As a result, I'm backing up my production machine right now in order to install Debian 7 in a dual boot with the windows 7 needed for some work applications (not my choice).  I've been pleased with the system, the installer is a little lacking, but not difficult to follow.  I've been able to re-install even closed source software which was advertised for Ubuntu (Debian based right?) without issue and feel that I'm in a real happy place with not having to worry about a "upgrade" breaking things like the wireless security protocols to connect to the corporate wifi.  I learned long ago with Ubuntu that it was almost always a safer bet to format and reinstall the system when a new release came out, to avoid older libraries and program settings conflicting with new ones.  The recent update to 13.04 was no exception and while I thought I was going to save some time by doing the in-line update, there were a very few things which were not content with that choice.  Those broken things are what started my research.

So while I do have a fond place in my heart for Arch, I don't feel comfortable enough there to lean on it for production as I have a very high AUR dependency (personal issue, I'm in a 12 step program).  And I have no courage for slackware or gentoo.  I think that Debian will offer me the ease of use, with a solid system on a rolling-distro.

--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Wednesday, March 13, 2013

I'm not sure if this embed code works correctly, but if not, clicking the monument on the right hand side then makes available a link directly to the archive.


A backup of the aired TFH shows has been made and are available at http://archive.org/details/TinFoilHatShow_501

While I have officially podfaded (yes, this is my formal announcement) I do plan to return once real life isn't quite as time consuming with family medical stuff.  I wanted to make a backup of the Tin Foil Hat Shows made to date in a place where I knew they wouldn't disappear.  The files maintain their jpg stenography embed and the password remains the same as posted in the blog post for episode number 1.

Thanks to you all for your support during my run, I do hope to initiate again, and will post here on my blog again once TFH is relaunched with all the details at that time.

I hope to be making blog posts which aren't as time consuming (relatively speaking) and once back to a routine that supports it I will be looking to produce TFH again.

--
CafeNinja
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.