Free Webinar: Full Failover and Failback in the Cloud

I am not a fan of backing up to the cloud at all. To me, it just makes more sense to create your own offsite disaster recovery program that YOU control and secure. But I am willing to be convinced that backing up to the cloud makes sense.

We received this add from Redmond Channel Partner for an upcoming webinar and thought we would pass it on:

Event Date: Wednesday, October 12, 2011 at 11:00 AM PDT

Jack Taugher, VP and Owner at AIR Technology Services, recently had a client experience a disaster scenario. Fortunately Jack had planned for the worst and the server was being backed up to the Doyenz cloud nightly, enabling him to perform a full failover and failback in the cloud.

Here, unfiltered, are Jack’s words:

“If it wasn’t for Doyenz, they would have been s**t-outta-luck. Their local external backup drive that Doyenz monitors and sends up and off-site, failed too. You were the ONLY copy of backup they had.”

Jack will discuss recovering his client’s production environment in the cloud with Doyenz and why it is a core offering for his business. Jack will be joined by Eric Webster, Chief Revenue Officer at Doyenz, who will discuss how Doyenz partners are profiting from this unique offering. Register today!

Book Review: BackTrack 5 Wireless Penetration Testing Beginner’s Guide

If you want an easy to follow, step by step guide to analyzing and testing Wi-Fi security, look no further than Vivek Ramachandran’s “Backtrack 5 Wireless Penetration Testing Beginner’s Guide”.

The author masterfully guides you on a path from the basic principles of Wi-Fi to advanced monitoring and attacks.

Vivek starts you out by preparing your wireless lab, installing Backtrack 5, configuring your wireless cards and access point.

Then after a brief overview of wireless frames, you get to work right away by sniffing traffic with Wireshark so you can see what these frames actually look like.

But that is just the beginning.

The author then takes you on a step by step journey of the most common attacks used against WLANs. This includes everything from bypassing authentication & cracking encryption, to advanced techniques like man-in-the-middle attacks and attacking WPA-Enterprise. He then finishes the book with discussing Wireless penetration methodology, testing and reporting.

It has been a while since I have seen a book like this. You will learn step by step, command by command, using the ever popular penetration testing platform Backtrack 5. Each chapter builds on what you have learned in the previous. The text is very clear to follow and the pictures perfectly display and clarify the techniques you are learning.

For best results, you should have at least a basic knowledge of Linux or Backtrack 5 and Wi-Fi.

If you are interested in computer security, and want to learn how Wireless networks are attacked and how to defend against it, then look no further. I highly recommend this book.

* I had the absolute honor of working on this project as a technical editor for Packt Publishing. Vivek is an exceptional person with a deep passion for sharing his knowledge of IT security.

He was one of the winners of Microsoft’s Security Shootout contest in India, worked at Cisco as an Engineer, founded SecurityTube.net, discovered the wireless “Caffe Latte Attack” and presented at numerous security conferences including Blackhat, Defcon and Toorcon.

File Forensics: Unziping Word Documents to see XML Source

Have you ever tried to open a Word Docx file in notepad? If so, then you know that you get a screen full of random mess that looks something like this:

If the document is written in XML, then you should see formatted, readable text. So why don’t you? The key is the first two readable characters that show up in the picture above – “PK”.

The answer is that the Word data files are zipped! Since DOS days, all zip files when viewed as text start with the characters PK. All you need to do is run the Docx file through an unzip program and you can see several files and folders full of XML data:

The files can now be opened in notepad, but if you just double click on them, they will open in your web browser and be a bit more readable. Browsing through the newly created folders and you will find a ton of formatting information and the complete text of the document.

But you will also find information that could be very useful for forensics. Including file revision, creation and modify dates, document creator and who was the last one to modify the document:

Apparently, this type of forensics was used to catch the guy that put a collar bomb on a high school student in Australia. Forensics examiners found the bombers name hidden in documents on a USB drive draped around the victims neck.

For more information, including a forensics recreation, check out “Forensic Examinations 5 – File Signatures, Metadata And The Collar Bomber – Part 2“.