Have you ever been watching one of Vivek’s amazing tutorials on Security Tube (Very recommended by the way 🙂 ) and wondered how in the world he is accessing his Backtrack Linux system from a Windows box?
Welcome to the wonderful world of Putty and SSH (Secure Shell). SSH is a secure network protocol that you can use to connect to your Linux box remotely. Putty is a slick little Windows based client that lets you SSH into you Linux system and operate it just like you are sitting in front of it. Think of it as Remote Desktop for Linux.
All you need is Backtrack 5 – even works great in a Virtual Machine, your Windows system and Putty. This will give you the ability to use a remote Linux text terminal. If you want to use X (Graphical) programs, then you will need an x based server for Windows, “Xming” works great.
There is some minor setup on Backtrack’s side and some settings you need to set in Putty to make it all work right. 2Neon has created a great video (see above – set it to 720 HD for clarity) and an instructional write up on his blog. The video is nice, because it also shows how to install File Zilla to transfer files back and forth between your Windows and Backtrack system.
Check it out!
Great opportunity today from our friends over at Infosec Island. Win an ISO 27001 & BS 25999 Annual Membership for Online Trainings from IS&BCA!
Check this out:
Quantity: Two Drawing Winners
Value: (US)$975.00 each
Description: Annual Membership for live online trainings includes:
- Registration for 1 attendee for an unlimited number of trainings during a 1 year period
- Unlimited access to all webinar recordings
- Download of presentation decks for each training
- 1 year access to E-learning tutorials
- 30 minutes of private consultation with the trainer for each training
- Documentation templates for each training
- Each training contains workshops on how to fill in the documentation
- Certificate of Completion for each training
For a chance to win one of the prizes, all you need to do is sign up as a member of Infosec Island, complete an account profile, and upload a profile picture. It’s free, quick and pain-free.
And you will become part of a great community of fellow infosec comrades, including me!
Check out Infosec Island today for more information.
A couple interesting sounding computer security webinars are being presented today (Information from presenters sites):
Top Tips for Defending Against Database Threats in 2011
Please join us for our annual 2011 Database Security Top Threats and Tips webinar and learn more about the current threat climate and top tips for protecting sensitive information in the database.
2:00 pm – 3:00 pm EST By Application Security. Get the latest tips and trends to:
- Defend against the latest cyber espionage methods including both insider and outsider attacks
- Effectively manage separation of duties
- Patch documented vulnerabilities
- Protect against the latest SQL injections
- Defend against social engineering attacks
- Manage database security in the cloud
- Protect against database rootkits and infection kits
Windows 7 Migrations and PC Lockdown with Privilege Management
Date: Tuesday, January 25, 2011 at 2PM EST
Speaker: Greg Shields, MVP and Windows Platform Expert, Concentrated Technology
With the Windows XP sunset date fast approaching, plans for Windows 7 migrations are in full swing, prompting most organizations to also re-assess their approach to PC lockdown. With the advanced privilege management capabilities, enterprises have an alternative to the “all or nothing” approach to least privileges – because an “all or nothing” methodology prohibits organizations from meeting compliance, security and desktop operations goals. To ensure compliance enforcement, you’ll also need to consider compliance validation reporting and privileged account activity auditing.
Other Upcoming Security Seminars:
Data Security Simplified: Reducing Risk, Costs and PCI Scope with E3™ End-to-End Encryption
Upcoming SANS.org Webcasts:
January 27, 2011:
Analyst Webcast: A Real-Time Approach to Continuous Monitoring
Sponsored By: NetWitness, Splunk
January 28, 2011:
Ninja Developers: Penetration Testing and Your SDLC
January 31, 2011:
February 01, 2011:
Analyst Webcast: Remote Administration and Security Compliance
Sponsored By: Netop
February 02, 2011:
Tool Talk: Pre-flight Checklists & Seatbelts for Your Applications Trip to the Cloud
Sponsored By: Veracode
February 03, 2011:
Improve firewall security odds: Prevent misconfigurations and compliance concerns by automating firewall audits.
Sponsored By: Skybox Security, Inc.
February 09, 2011:
Internet Storm Center Threat UpdateISC Webcast
February 11, 2011:
Proactive Compliance for PCI-DSS
Sponsored By: NitroSecurity
From Exposure to Closure – The life and times of an exploitable Vulnerability An Industrial Control Systems View
February 24, 2011:
Continuous Monitoring: NOT Harder Than It Looks
Sponsored By: Tripwire, Inc.
If you ever wanted to know how cross-site scripting works, look no further. The video was created by Aleksander Gorkowienko, a database and application security expert with the company 7safe.
In “Cross-Site Scripting Explained”, Aleksander simulates an XSS attack against a fictitious online financial company. He demonstrates how a hacker could jump from one authenticated user (using a password and a PIN) to another using PHP Session cookies.
This demonstrates why it is important to test web applications for vulnerabilities like XSS. The video is definitely a must see!
For more information, check out Aleksander’s website IT Security Lab.