Well things are changing for the better in my life, I got a new job placing ads in search engines thru Yahoo Search Marketing and Google Adwords.Its a cool company too. I cannot beleive how much money is in the industry, and all the new stuff I'm learning about. The biggest issue? Click Fraud. There is alot but not as much as people think.
I'm currently learning about Google's API's and plan on taking PHP next semester. Everything is going webbased. This is cool and scary at the same time. Most of the stuff on the net is vulnerable on the net there are exploits posted daily. How much stuff of mine do I really want on the web? Besided this and a couple of other blogs not much.
Orange County Computer Consultant
- Orange County Computer Security Consultant
- Orange County Computer Consultant helps small businesses with networking, installations and small business software.
Tuesday, April 25, 2006
What Linux Live CD's are good for security?
I use Whoppix alot, it is a great CD, with alot of good tools, categories include penetration testing, wireless testing, it has compilers being that is Linux, it has a ton of usefuill perl scirpts and a vulnerability DB.
You can find it here:
You can find it here:
Wednesday, April 05, 2006
Apple and Dual Boot
This is great, but why not triple boot? I know its possible, what if I want to run Windows 2000 Mac OS X.. and BSD or any flavor of Linux? I like many operating systems for many different reasons. Im looking at VMware so I can run virtual machines to test code in a controlled enviroment. I want to analyze malware and peek beneath the hood to see what functions and system calls it might be trying to access.
Microsoft now offers a virtual server, for free :) I like free stuff Go open source. I have not tested it yet. Im curious to see how stable it is lol.
Microsoft now offers a virtual server, for free :) I like free stuff Go open source. I have not tested it yet. Im curious to see how stable it is lol.
Pay Per Click Management
I have created another blog for my day to day activities at a PPC management firm I work for check it outby clicking on the title Pay Per CLick Management.
DRM- Digital rights management
The word for the day is Digital Rights Management
Is it ok to burn and copy music or to use servies for Limewire? I know it's illegal. I cant think of someone nowadays that does not burn music, I personally notce everything that I read I can find online and it usually more up to date.
The copyright protection schemes will continue to be cracked. Is it of any use?
DRM is used on DVD's, product activation, and digital water marketing.
Is it ok to burn and copy music or to use servies for Limewire? I know it's illegal. I cant think of someone nowadays that does not burn music, I personally notce everything that I read I can find online and it usually more up to date.
The copyright protection schemes will continue to be cracked. Is it of any use?
DRM is used on DVD's, product activation, and digital water marketing.
Monday, January 30, 2006
Saturday, January 28, 2006
Krav Maga
Today I woke up and went to my first Krav Maga class.It was fun and a great workout. They also played really cool music which was a plus. I have been blogging alot I have three blogs up currently and one website. I have decided to blog my classes online, not only for a learning experience, but to rehash my studies and to give back to the online community. My classes this semester are HTML and Ecommerce.
Thursday, January 26, 2006
Southern California Linux Expo
Well SCALE is around the corner. Im excited, I think I'll drag my girlfriend along with me to introduce her to Linux. She uses MS Windows which I do as well at work and at home. I use Linux as well. I prefer Linux for the reason that so much good software is availiable and its free. I also have my choice of compliers ready at my disposal.
What is SCALE? Click on the link above to check it out.
This is my plan:
These are the talks I will be attending.
Day 1
A Look at the Current and Future Face of PHP
Lunch
Fighting Spam using Linux and Open Source Tools
phpWebSite Open Source CMS
Linux Network Security
Day 2
Performance Tuning Linux Applications With DTrace
So you want to be a consultant
Exhibiton
New Features in MySQL 5.0, 5.1, and beyond
What is SCALE? Click on the link above to check it out.
This is my plan:
These are the talks I will be attending.
Day 1
A Look at the Current and Future Face of PHP
Lunch
Fighting Spam using Linux and Open Source Tools
phpWebSite Open Source CMS
Linux Network Security
Day 2
Performance Tuning Linux Applications With DTrace
So you want to be a consultant
Exhibiton
New Features in MySQL 5.0, 5.1, and beyond
Tuesday, January 24, 2006
Department of Justice VS. Google
The Department of Justice wanted access to search queries on Google. The DOJ asked Google to release search records for a particular week. Then they asked for a list of all URL's indexed in Google. This is insane thats like over a billion URL's.
Google said no.
Yahoo did release search results. No personal information was released.
AOL did comply. No personal information released as well.
Google said no.
Yahoo did release search results. No personal information was released.
AOL did comply. No personal information released as well.
Sunday, January 22, 2006
Sunday
Its Sunday morning, I got up early lifted some weights and got my car washed. Then me and my girlfriends made a trip to Costco to return a DVD/VCR combo. We already have one. There was no problem with the return which was nice.
We are now watching Lord of War with Nicholas Cage. It 's about a gun runner, I like it. I will probably be going back to Blockbuster today to return the rest of the movies. I also rented Pirates of the Silicon Valley, its about the making of Apple and Microsoft. Its also good. It shows how crazy Steve Jobs actually was. I dont know if he still is :)
We are now watching Lord of War with Nicholas Cage. It 's about a gun runner, I like it. I will probably be going back to Blockbuster today to return the rest of the movies. I also rented Pirates of the Silicon Valley, its about the making of Apple and Microsoft. Its also good. It shows how crazy Steve Jobs actually was. I dont know if he still is :)
Friday, January 13, 2006
Back to School
I have enrolled back into school I'm taking HTML and Ecommerce, lets see how I can profit from this.
Thursday, December 29, 2005
Thursday Morning
I decided to take the rest of the week off for vacation. I will be bloging and gaming. I'm going to go see Narnia later today, which should be cool. I will be posting a review about it today.
Wednesday, December 28, 2005
Yet another blog I started
I have started a new blog to test out WordPress. Here is the link: http://phuture.wordpress.com. Why did I decide to try Wordpress? Why not. Its free currently for a lite version and the interface is clean and simple to use. This is very important to me. Dont get me wrond I feel comfortable in any *nix shell enviroment and can move around but I think about other people who are lacking the skills in the computer department.
Tuesday, December 27, 2005
Keep It Simple Stupid
KISS- I have been applying this to my life lately, throwing out alot of junk. Organizing and enjoying the things that I have not what I want. I can honestly say Im happy. How does this relate to computer security? It doesnt I just felt like ranting.
More papers on security.
Its back to work for me. I will be posting some more articles here shortly. I'm currently working on a physical security paper expalining about CCTV, Alarms and Biometrics. This should be a good paper. This weekend I studied ARP poisining and spoofing and ways to try to prevent it. It really is amazing how hackers change their MAC address to get free Internet access at your local starbucks on your dime.
Saturday, December 17, 2005
Cisco PIX 506E
Cisco Pix 506E Security Appliance
This firewall is a enterprise class security appliance. It could be used for small to medium sized businesses, sattelite offices and regional offices.It supports two 10/100 fast ethernet cards and also two 802.1q virtual interfaces.This alows your business to create a DMZ or demilitarized zone. This is a spot on your network that you put your webservers but not your backend servers like SQL or Exchange. Cisco took the approach of multilayered defense again with this product and it has alot of nice feautres to help protect your network and data.There are no moving parts making it more reliable.
The Cisco Pix 506E uses what Cisco calls Cisco Adaptive Security Algorithim.This provides statefull packet inspection it logs all authorized attempts to use the network as well as trying to block unauthorized access.The firewall is designed to look for common vulnerabilities, it looks for about 55 well known attacks.It inspects layers 4 through 7 os the OSI layers. The Cisco Pix 506E also looks at application data traversing the network and even protocol status.The designers of this firewall did a good job. The Cisco Adaptive Security Algorithim does protocol field checking and also URL length checking. It does not mention anything about if it can filter Unicode.It has over 100 applications already documented so you can allow or disallow them easily.
Cisco PIX Device manager allows administrators to manage their network remotely.Network or Firewall administratos can still create their own ACL's or access control lists and user and group based policies. Network administrators can decide which applications that are and are not allowed thru their network as well as protocols.Protocols that this device checks are HTTP, FTP,SMTP, DNS, SQl*Net,NFS,ILS, SCCP and many more.For instance I would not allow my employess to use Telnet, if they needed remote connectivity at all I would suggest SSH using a cool program called Putty for Windows based machines.
Since Im on the topic of remote management I will talk about some of the Cisco Pix 506E solutions.The are many different ways to mange this device. It can be troubleshooted and configured remotely.If you have a web browser which I hope all admins have, you can access this firewall through the Internet. It uses SNMP simple network management protocol for monitoring devices on the network.You can use Auto Update server, security monitor and management center for firewalls.
The firewall does auditing, has support for Dynamic devices on the network and can do software images.
The Cisco Pix 506E also has support for VPN's or virtual private networks.You can use either IKE Internet Key Exchange or IPsec.Cisco also offers VPN concentrators to speed up connections. I will be writing articles on those shorlty. The encryption standards it supports are DES data encryption standard, this is crackable. 3DES which is more secure and AES advanced encryption standard. I recommend the later. The VPN can work with NAT or network address translation which hides your internal IP address from the Internet. Support for up to 10 VPN uers.The firewall also supports TACAS+ and RADIUS.
VoIP- Voice over Internet protocol can also be ran thru this firewall. So that you can sleep well at night knowing that your multimedia and voice connections are secure.
This is probably my favorite about this device. Intrusion Prevention. This firewall has tools that protect it from many well-known attacks.
Dos or denial of service attacks are prevented from bringing down your network and firewall. I do question how much data this device can take before shutting down or how many packets it can drop quickly. There tools are called DNSGuard, FloodGuard, MailGuard, IPVerify and TCP intercept.
This firewall can also contact adminstrators real time thru a cell phone SMS or email thru a devich such as a RIM Blackberry.I have read of software that will allow you to SSH to your router, computer thru the Blackberry. Cisco's auditing software is called CiscoWorks Information management Solutions or SIMS.No not the game. It collects and anayzes data from across your network allowing you to prioritize threat levels.
Benjamin Hargis
Phuture Networks
http://www.phuturenetworks.com/
http://www.computersecurityadvice.com/
This firewall is a enterprise class security appliance. It could be used for small to medium sized businesses, sattelite offices and regional offices.It supports two 10/100 fast ethernet cards and also two 802.1q virtual interfaces.This alows your business to create a DMZ or demilitarized zone. This is a spot on your network that you put your webservers but not your backend servers like SQL or Exchange. Cisco took the approach of multilayered defense again with this product and it has alot of nice feautres to help protect your network and data.There are no moving parts making it more reliable.
The Cisco Pix 506E uses what Cisco calls Cisco Adaptive Security Algorithim.This provides statefull packet inspection it logs all authorized attempts to use the network as well as trying to block unauthorized access.The firewall is designed to look for common vulnerabilities, it looks for about 55 well known attacks.It inspects layers 4 through 7 os the OSI layers. The Cisco Pix 506E also looks at application data traversing the network and even protocol status.The designers of this firewall did a good job. The Cisco Adaptive Security Algorithim does protocol field checking and also URL length checking. It does not mention anything about if it can filter Unicode.It has over 100 applications already documented so you can allow or disallow them easily.
Cisco PIX Device manager allows administrators to manage their network remotely.Network or Firewall administratos can still create their own ACL's or access control lists and user and group based policies. Network administrators can decide which applications that are and are not allowed thru their network as well as protocols.Protocols that this device checks are HTTP, FTP,SMTP, DNS, SQl*Net,NFS,ILS, SCCP and many more.For instance I would not allow my employess to use Telnet, if they needed remote connectivity at all I would suggest SSH using a cool program called Putty for Windows based machines.
Since Im on the topic of remote management I will talk about some of the Cisco Pix 506E solutions.The are many different ways to mange this device. It can be troubleshooted and configured remotely.If you have a web browser which I hope all admins have, you can access this firewall through the Internet. It uses SNMP simple network management protocol for monitoring devices on the network.You can use Auto Update server, security monitor and management center for firewalls.
The firewall does auditing, has support for Dynamic devices on the network and can do software images.
The Cisco Pix 506E also has support for VPN's or virtual private networks.You can use either IKE Internet Key Exchange or IPsec.Cisco also offers VPN concentrators to speed up connections. I will be writing articles on those shorlty. The encryption standards it supports are DES data encryption standard, this is crackable. 3DES which is more secure and AES advanced encryption standard. I recommend the later. The VPN can work with NAT or network address translation which hides your internal IP address from the Internet. Support for up to 10 VPN uers.The firewall also supports TACAS+ and RADIUS.
VoIP- Voice over Internet protocol can also be ran thru this firewall. So that you can sleep well at night knowing that your multimedia and voice connections are secure.
This is probably my favorite about this device. Intrusion Prevention. This firewall has tools that protect it from many well-known attacks.
Dos or denial of service attacks are prevented from bringing down your network and firewall. I do question how much data this device can take before shutting down or how many packets it can drop quickly. There tools are called DNSGuard, FloodGuard, MailGuard, IPVerify and TCP intercept.
This firewall can also contact adminstrators real time thru a cell phone SMS or email thru a devich such as a RIM Blackberry.I have read of software that will allow you to SSH to your router, computer thru the Blackberry. Cisco's auditing software is called CiscoWorks Information management Solutions or SIMS.No not the game. It collects and anayzes data from across your network allowing you to prioritize threat levels.
Benjamin Hargis
Phuture Networks
http://www.phuturenetworks.com/
http://www.computersecurityadvice.com/
Friday, December 16, 2005
Voice over IP
I hear allot about VOIP what is it?
VOIP stands for voice over internet protocol. Basically it means making phones calls over your local area network (LAN) or even across the Internet.
VOIP is normally cheaper than your PSTN that’s public switched telephone network i.e. your local carrier.
VOIP is a good choice for businesses as well to save money on long distance calls if they have many satellite offices. VOIP service providers usually have lower fees because they are not a government regulated currently as the phone systems which at one time were a monopoly. VOIP can even be free if you connect directly to another VOIP client.
VOIP routers can send your incoming phone calls to you anywhere thus cutting down on the number of lines and you can be reached anywhere you have a Internet connection.
This and the combination of technologies like WiFi are going to make for one huge network. That voice, data and video will be sent everywhere and from anywhere. With this VOIP technology you have allot more features as well such as Caller ID, Call Forwarding and answering services all from your computer or PDA.
There are some issues to still be worked on.
Here are some:
The amount of band with required.
Security issues- what type of encryption should be used and how much is going to slow down the call and network?
This is a exciting and new technology which I will be writing more about.
Benjamin Hargis
VOIP stands for voice over internet protocol. Basically it means making phones calls over your local area network (LAN) or even across the Internet.
VOIP is normally cheaper than your PSTN that’s public switched telephone network i.e. your local carrier.
VOIP is a good choice for businesses as well to save money on long distance calls if they have many satellite offices. VOIP service providers usually have lower fees because they are not a government regulated currently as the phone systems which at one time were a monopoly. VOIP can even be free if you connect directly to another VOIP client.
VOIP routers can send your incoming phone calls to you anywhere thus cutting down on the number of lines and you can be reached anywhere you have a Internet connection.
This and the combination of technologies like WiFi are going to make for one huge network. That voice, data and video will be sent everywhere and from anywhere. With this VOIP technology you have allot more features as well such as Caller ID, Call Forwarding and answering services all from your computer or PDA.
There are some issues to still be worked on.
Here are some:
The amount of band with required.
Security issues- what type of encryption should be used and how much is going to slow down the call and network?
This is a exciting and new technology which I will be writing more about.
Benjamin Hargis
Wednesday, December 14, 2005
More info on Cisco PIX 501
Cisco Firewall PIX 501
This firewall is designed for homes and small businesses.This firewall can support up to ten users on a basic license from Cisco. It has a 133 MHz processor and comes with 16MB's of RAM. In addition it has 8MB of Flash RAM.
The Firewall also comes with 1 uplink port and a four port switch. It does not support Layer 2 transparent fire walling. It also does not support the routing protocol OSFP which stands for Open Shortest Path First. There is no VLAN-Virtual Local Area Network.
The PIX 501 allows you to setup a VPN-Virtual Private Network easily with the Cisco Easy VPN Server.
The firewall supports speeds up to 60Mbps bidirectional.
When you implement cryptography such as 3DES or DES it slows down the traffic.The PIX 501 can support anywhere from 50-unlimited users depending on your license
This firewall is designed for homes and small businesses.This firewall can support up to ten users on a basic license from Cisco. It has a 133 MHz processor and comes with 16MB's of RAM. In addition it has 8MB of Flash RAM.
The Firewall also comes with 1 uplink port and a four port switch. It does not support Layer 2 transparent fire walling. It also does not support the routing protocol OSFP which stands for Open Shortest Path First. There is no VLAN-Virtual Local Area Network.
The PIX 501 allows you to setup a VPN-Virtual Private Network easily with the Cisco Easy VPN Server.
The firewall supports speeds up to 60Mbps bidirectional.
When you implement cryptography such as 3DES or DES it slows down the traffic.The PIX 501 can support anywhere from 50-unlimited users depending on your license
Cisco PIX Technology
Cisco PIX Security Appliance.
Cisco PIX Security applications can enforce policies on users and applications.
Cisco PIX can protect you from many different network and Internet based attacks.
Cisco PIX offers secure connectivity, using methods such as SSHv2 Secure Shell Two and VPN virtual private networks.
This is fairly easy to setup.
Cisco PIX can provide you with secure VOIP voice over internet protocol.
IPSec or Internet Protocol Security IPSec can be setup for VPN's.
Cisco PIX Security appliances provide multiple layers of security.
This hardware/software based solutions is designed to look for anomolies aka weird traffic thats not normal on your network, which could be an indication of a attack.
There is over thirty different engines looking for different attack signatures.
The current version is Cisco PIX appliance version 7.0
Here are some of the feautures:
You can rollback previous configurations in IOS.
QOS- Quality of Service
You can update software on the fly with bringing down the hardware. No rebooting.
VPN client security
Layer 2 transparent firewall.
This is really interesting 3G mobile security services.
You can configure the firewall to block instant messaging, point to point networking P2P.
You have the ability to block applications trying to tunnel thru your network with encrypted
traffic.
Cisco PIX provide rich statefull packet inspection PIX can protect your voice, data, and video
traffic.
Version 7.0 also supports IKE or Internet Key Exchange.
Everything can be managed from Cisco Adaptive Device Manger which can be console and web based.
Benjamin Hargis CEO Phuture Networks
http://www.phuturenetworks.com
http://www.computersecurityadvice.com/
Here are some other sites for you viewing pleasure:http://www.checkmategame.blogspot.com
http://www.realestatelead.blogspot.com/
Cisco PIX Security applications can enforce policies on users and applications.
Cisco PIX can protect you from many different network and Internet based attacks.
Cisco PIX offers secure connectivity, using methods such as SSHv2 Secure Shell Two and VPN virtual private networks.
This is fairly easy to setup.
Cisco PIX can provide you with secure VOIP voice over internet protocol.
IPSec or Internet Protocol Security IPSec can be setup for VPN's.
Cisco PIX Security appliances provide multiple layers of security.
This hardware/software based solutions is designed to look for anomolies aka weird traffic thats not normal on your network, which could be an indication of a attack.
There is over thirty different engines looking for different attack signatures.
The current version is Cisco PIX appliance version 7.0
Here are some of the feautures:
You can rollback previous configurations in IOS.
QOS- Quality of Service
You can update software on the fly with bringing down the hardware. No rebooting.
VPN client security
Layer 2 transparent firewall.
This is really interesting 3G mobile security services.
You can configure the firewall to block instant messaging, point to point networking P2P.
You have the ability to block applications trying to tunnel thru your network with encrypted
traffic.
Cisco PIX provide rich statefull packet inspection PIX can protect your voice, data, and video
traffic.
Version 7.0 also supports IKE or Internet Key Exchange.
Everything can be managed from Cisco Adaptive Device Manger which can be console and web based.
Benjamin Hargis CEO Phuture Networks
http://www.phuturenetworks.com
http://www.computersecurityadvice.com/
Here are some other sites for you viewing pleasure:http://www.checkmategame.blogspot.com
http://www.realestatelead.blogspot.com/
Sales Tips
-Here are some tips for people in sales, hope this helps.
Anticipate objections and be ready with rebuttals.
Get down to the real objection.
Follow up with all leads.
Do it the best its ever been done.
Its all numbers, dial more.
Provide value for customers.
Control the conversation, listen even more.
Follow ethical practices.
Planning, goal setting, decision making, delegation and communication work on improving these areas.
Toss out ideas at meetings.
Keep abreast of the market
Look for multiple sources of income.
Assume responsibility for your actions.
Build relationships.
Network like crazy.
Be resourcefull, ready, remebered and relentless.
Help customers discover the best solutions.
Persist and dont give up!
I've been in sales for 15 years this can be valuable to new sales people and veterans.
Anticipate objections and be ready with rebuttals.
Get down to the real objection.
Follow up with all leads.
Do it the best its ever been done.
Its all numbers, dial more.
Provide value for customers.
Control the conversation, listen even more.
Follow ethical practices.
Planning, goal setting, decision making, delegation and communication work on improving these areas.
Toss out ideas at meetings.
Keep abreast of the market
Look for multiple sources of income.
Assume responsibility for your actions.
Build relationships.
Network like crazy.
Be resourcefull, ready, remebered and relentless.
Help customers discover the best solutions.
Persist and dont give up!
I've been in sales for 15 years this can be valuable to new sales people and veterans.