Tag Archives: social engineering

Throw Password Rules Under the Bus?

I ran across Tom Olzak’s post where he quotes from an SANS article by Daniel Wesemann, Password rules: Change them every 25 years. I disagree with both of them on a few points.

First, Olzak notes in his introductory paragraph that

Continue reading

Advertisements

2 Comments

Filed under Security

What Needs to be on a GOOJ Card?

If you probe networks, systems, and applications, you need a GOOJ card to protect yourself and your job.

In How to Stay Out of Jail, I recommended that anyone who scans, probes, or pokes networks, systems, or devices should always carry a get-out-of-jail (GOOJ) card. I also provided some reasons why such a card is critical.

Continue reading

9 Comments

Filed under Audit, How to..., Security, Technology

Fun CPEs for CISSPs

Don Donzal, who created www.ethicalhacker.net and ChicagoCon (link now appears defunct), lists 10 ways for CISSPs to earn CPEs (Continuing Professional Education credits) and having fun doing it. Check out his entire article here. He wrote it in 2005, but it hasn’t aged much.

NOTE: I crossed through some of the links to now-defunct sites….remember, this was written in 2009….

Continue reading

1 Comment

Filed under Free, Security