THE INTERNET IS FOR EVERYONE
Database Update #2
Please take note that online voting for 2013-2014 Executive Council of ISOC MY will take place on the 29th of May 2013.
We will be using the database on portal.isoc.org to send out instructions for online voting on the morning of the 29th of May.
Kindly ensure that your email address is current and updated at portal.isoc.org -> under Malaysia Chapter.
We will be using the list of addresses registered at portal.isoc.org as of 27th of May 2013,…
ContinueAdded by Admin on May 21, 2013 at 3:05pm — No Comments
Database Update
Please take note that online voting for 2013-2014 Executive Council of ISOC MY will take place on the 29th of May 2013.
We will be using the database on www.isoc.org to send out instructions for online voting on the morning of the 29th of May.
Kindly ensure that your email address is current and updated at www.isoc.org -> under Malaysia Chapter.
We will be using the list of…
ContinueAdded by Admin on May 20, 2013 at 10:59am — No Comments
Some Perspectives on Cybersecurity: 2012
As a catchword, cybersecurity is frighteningly inexact and can stand for an almost endless list of different security concerns, technical challenges, and “solutions” ranging from the technical to the legislative. While buzzwords like cybersecurity may make for good headlines, serious discussions of security and the Internet require a shared understanding of what is meant by cybersecurity.
The landscape covered by the term cybersecurity includes many types of problems and an even…
ContinueAdded by Julian Vincent on May 20, 2013 at 8:24am — No Comments
OWASP Top 10 2010 vs. 2013
Hey There,
This is just the list about the differences in the OWASP Top 10 for 2010 and 2013. The OWASP Top 10 2010 was:
A1: Injection
A2: XSS
A3: Broken Auth and Session Mgmt
A4: Insecure Data Object References
A5: CSRF
A6: Security Misconfiguration
A7: Failure to restrict URL Access
A8: Insecure Cryptographic Storage
A9: Insufficient Transport Layer Storage
A10: Unvalidated Redirects and…
ContinueAdded by Kiran Karnad yTiruceS on May 19, 2013 at 12:50am — No Comments
Isn't a Vulnerability Scanner enough to ensure security?
Hey there,
I was presenting at a local conference about the basics of penetration testing. Someone in the audience asked me the question that's been there in many minds for a really long time, and I am sure, has also been answered a zillion times!
The question was: Isn't a Vulnerability Scanner enough to ensure security? Why do we need to perform manual penetration testing?
Yes, many companies buy a scanner or use an open source one, and run it a…
ContinueAdded by Kiran Karnad yTiruceS on May 18, 2013 at 1:07pm — No Comments
UPDATE::NOMINEES FOR EXECUTIVE COUNCIL 2013-2014
We have 14 nominees todate !
Reminder that nominations closes at 6pm on the 24th of May 2013
Details available at http://www.isoc.my/profiles/blogs/nominations-to-serve-on-the-executive-council-of-isoc-my
Added by Admin on May 17, 2013 at 8:12am — No Comments
Nominations to Serve on the Executive Council of ISOC MY
The Malaysia Chapter of the Internet Society's (ISOC-MY) Executive Council (EC) is accepting nominations and applications from candidates interested in serving on the ISOC-MY’s EC.
The complete list of nominees will be published to the list after confirmation of their willingness to serve. The newly seated EC members are to serve a term of one year beginning June 1, 2013.
After the elections, the new ISOC-MY EC will then vote to determine the seats of Chair,…
Added by Admin on May 10, 2013 at 7:40pm — No Comments
Wireshark in LAN and Wireless modes
If you are in ICT or Security, you'll most probably have used wireshark... or might have at-least heard about it, and looking for an opportunity to use it. It's a remarkably capable tool which can be used for sniffing almost every kind of protocol. You can download wireshark from http://www.wireshark.org and give it a try.
In the case of wired networks, you will be default in the promiscuous mode (sniff…
ContinueAdded by Kiran Karnad yTiruceS on May 6, 2013 at 8:45pm — No Comments
The Magic of SQLMap
Whether you appreciate the underlying concepts of SQL Injection or not, one tool which you cant afford to not appreciate is SQLMAP. This is THE tool for hackers who use any variant of sql injection as an attack vector. (I might be a little biased here, but for most part of it, correct!)
So let's look at what's improved in the latest and greatest... The latest version of the tool is 0.9 as of this scribe. It can be downloaded for Win, Lin and Mac at …
ContinueAdded by Kiran Karnad yTiruceS on May 6, 2013 at 10:06am — 1 Comment
Success with installing and configuring DVWA and Mutillidae on Backtrack!
Hey there,
I dont think there is any blog which talks about the intricacies involved in installing both DVWA and Mutillidae on the same Backtrack machine (VM or otherwise). I have been laboring on this for almost the whole of labor day (May 1 ;O), but thankfully, with success.
So let's go in for the steps:
AMP comes default with Backtrack (Apache, MySQL and PHP) since many tools need them. This can itself be used for DVWA. But for Mutillidae, it seems to…
ContinueAdded by Kiran Karnad yTiruceS on May 1, 2013 at 3:44pm — 1 Comment
Up for Grabs - Two Conference Passes for DCD KL 2013 @ Kuala Lumpur on 21 May 2013
DCD KL 2013 event is happening on the 21st May 2013 at Intercontinental Hotel.
2 FREE conference passes are up for grabs to all ISOC-MY members,all you need to do is state in 100 words or less why you should be selected to attend this conference.
Conference details available at …
ContinueAdded by Julian Vincent on April 26, 2013 at 8:11am — 1 Comment
ISIF Awards 2013: Nominations closing soon
Nominations for the ISIF Asia Awards close in less than 30 days!
Nominations close on 15 May 2013 and must be submitted before this deadline to be considered for an Award.
The ISIF Asia Awards recognize five innovative projects that used the Internet as a social development tool to promote access, openness, inclusion, and human rights.
Winners will be awarded AUD 3,000 to support continuation of their project plus a travel grant to attend the awards ceremony at the 8th…
ContinueAdded by Julian Vincent on April 24, 2013 at 7:28am — No Comments
Call for Workshops & Themes for APrIGF Seoul 2013
Added by Julian Vincent on April 24, 2013 at 7:23am — 1 Comment
Easy way to remember the OSI model
The OSI model (Open Systems Interconnection) is a theoretical model with seven layers which can help better understand how networks work. But for college purposes, you need to by-heart this and so many people are looking for ways in which to get hold of it... (it helps in interviews as well, especially if you are a fresher).
So I searched on the net, checked out Wiki etc, and here's the best of what I could find... not all of this is my work, but has been consolidated from…
ContinueAdded by Kiran Karnad yTiruceS on April 19, 2013 at 3:01pm — No Comments
msfupdate with bundler on Metasploit and how to solve this issue
'msfupdate' issue after the git migration...
Who doesn't love Metasploit... Now there's the new Metasploit Pro which has tons of web exploits integrated within, and so its much much more powerful. Also it caters to testing the OWASP Top 10 2013!!
But I think while doing this integration and also due to the Metasploit update moving to git from the earlier update method, there has been a…
ContinueAdded by Kiran Karnad yTiruceS on April 12, 2013 at 6:00pm — No Comments
Quick Tips and Tricks - Linux
Hey Guys,
Feels great to be back, I was down with fever for the last week, and was really missing blogging :o(
So here are a few tips for using Linux more effectively:
1. Extracting audio from video: Why would you want to do this? - So that you can move your audio files to listen on your smart phone or ipod etc... or bluetooth it to the car
Simple command to do this: ffmpeg -i my_video_file.avi extracted_audio.mp3
2. Task Manager for Linux:…
ContinueAdded by Kiran Karnad yTiruceS on April 6, 2013 at 11:28am — No Comments
URI, URL and URN - let's define them
Hi There,
There’s always a confusion regarding what the terms Uniform Resource Identifier (URI), Uniform Resource Locator (URL) and Uniform Resource Name (URN) mean… here’s (hopefully) a simple way to remember this, once and for all ☺
· URI: This is the complete address along with the protocol – this is the one Google Indexes or the DNS server maintains - …
Added by Kiran Karnad yTiruceS on March 26, 2013 at 7:09pm — No Comments
Google Sets is back... in a different form!
Hey,
Have you used Google Sets? Google Sets was one of the very first Google Labs experiments. However, this got closed a couple of years ago. (Then why the hell are we talking about it?... Patience please!)
How it used to work:
1. You would need to go to …
ContinueAdded by Kiran Karnad yTiruceS on March 25, 2013 at 10:10pm — No Comments
How to detect a USB device id on *NIX systems
I am really thrilled to be upgrading my system to Kali Linux! For noobs, this is the latest and the greatest that Backtrack has to offer!
For starters though, I want to install it on a USB drive as a live USB and also want it as a persistent image (so that I can save files etc on this image). How to do this is told amazingly at the Kali…
ContinueAdded by Kiran Karnad yTiruceS on March 20, 2013 at 9:51pm — No Comments
CI Infosec News & Tips for You (#03-2013)
Added by David Low Swee Nyen on March 19, 2013 at 2:23pm — No Comments
Julian Vincent - Chair
A. Razif Ramli - Vice-Chair
Dr Suhaidi Hassan - Vice-Chair
Jagdish Singh - Secretary
Tan Tze Meng - Treasurer
Adil Hidayat - EC member
Amir Haris Ahmad - EC member
Selvakumar Manickam - EC member
Julian Vincent - Chair
A. Razif Ramli - Vice-Chair
Yong Yoon Kit - Vice-Chair
Jagdish Singh - Secretary
Zaharin Mohd Nadzri - Treasurer
Lai Heng Choong - EC member
Sharina Puteh - EC member
© 2013 Created by Julian Vincent.