Thursday, October 22, 2009

Security Pen-testers

Okay, so it's been almost then one year since I've been working as a security pen-tester consultant for one of the biggest IT.Sec company in Malaysia. Well it didn't take a genius to see how/why the level of security awareness maturity among the local is still well you can say "not that aware as we expected"

Even when engaging the party to do the pen-test , there's several rubbish question that must be knock off ..


Q: What qualifies you as a pen-tester?

Answer:


There is no definite answer for this. Trust me nobody in the industries actually dare to setup a "qualification" that 100% qualified you as a good pentester. True they can have certificates from Training X,Y,Z. but one should realize that the truth is good pen-tester do pen-test for the love of it !!!

Q: What tools do you use during pentest? Is it safe?

Answer

These kind of stuff make people think security pen testing is easy. Sure just run all the tools and bam bam you have results :) .. The most important thing one should realize is not the tools that helps most pen-tester find the vulnerabilities but the skills/mindset/technique of the pen-tester that reveal the flaw of an application or system itself.

Tools are just what we called some sort of aid to help pen-tester do their job faster. it can be opensource software or close source (and why should we go close sourced anyway?) ....


Q: Why don`t you create your own tools then?

Answer

There's no point in reinventing the wheel. Our focus is on finding bugs and vulns and fix it as soon as possible. If let say there's a cool proxy software from Company A, Company B also making a proxy Software and so does Company D and Company E. So the point is why waste our time inventing something that is already available ? Besides a bloody good pen-tester just create their tools on the fly so don`t worry much bout it.

Q: Figures are important less is better myth!!!

Answer


Suppose a web application have one vulnerabilities, that is a "SQL injection". the way upper people see it,

"Owh only one , dat 's okay"

No it's not okay

The way we should see it

"Since there is an SQL injection, it's possible drop/update elements inside the database, perform malicious query , if xp_cmdshell is enable , attacker can execute system command, perform a reverse
connection
backdoor which results in total server compromisation which can be used as an entry point to penetrate the internal network of a system ".

Q: I don't understand what you are doing?

Answer

You don`t , and I also don`t understand why you are here.




Sunday, October 18, 2009

Packin the K

So the big guy from Kaspersky decides to make himself warm here in Lowyat. Thought i'm not a big fan of Antivirus software i figure out we must have some sort of simple celebration for em. I should ask those Deejay at lowyat to play this song earlier.






I have nothing against them , just i don`t feel like trusting any product(except Fedora but maybe not again due to a case in the past).

Saturday, October 10, 2009

I love terminator

Thanks to Kagesenshi for this lovely awesome gnome tool. It really helps a lot when u need to do serious multitasking job / or being plain lazy. Split V or H , nested tab , custom profile , blax3. It`s the greatest thing for me right now.