This past weekend at B-Sides Orlando, I gave my Physical Security Penetration Testing talk, Physical Security: From Locks to Dox. This talk is an introduction to Physical Security Penetration Testing, touching on the pen-testing methodology, and mostly focused on attacks that can be executed against locking mechanisms.
Huge thanks to everyone who gave me feedback, and additional feedback is welcomed.
Questions or comments? Write them in the comments below, or send me a message!
I was recently trying to come up with the best way to sort my photos, which typically get dumped on a hard-drive in a nondescript folder like "Photos" or "Pictures". What I came up with is actually pretty simple, and uses the Exif data of the image to determine when it was taken.
Exif is a standard for tagging media, which can store useful information such as the date created, the camera model, ISO mode, shutter speed and aperture, geo-location, etc.. While primarily used for image files, Exif data can also exist in audio files.
I'm using "extra/perl-image-exiftool" from the Arch repositories to accomplish this, and this package should be available on most distributions.
Later this year, Jacksonville will have its first Security B-Sides conference, B-Sides JAX. Our tentative date is November 15, 2014, we're planning on just a 1-day conference, and we have a ton of work to do before then. If you'd like to help with the conference, please contact me.
For those who saw my JaxLUG presentation yesterday, here are the slides. This presentation was based on the guide I published today, also called Hardening a VPS.
Download the slides here: Hardening a VPS
Not every VPS is created equally. Make sure yours is secure before trusting it on the internet.
This guide is for CentOS 6 x86_64, but can be used for many other Linux systems with minor alteration. All commands in this guide will need to be done as root, or using sudo.
Here’s a quick list of everything we’re covering in this guide.
Creating new users
YubiKey 2-factor authentication