SecureState » What We Do Series

Image may be NSFW.
Clik here to view.

What We Do Series: Find Egress in PCAP Files

June 12, 2014, 6:28 am

What We Do When Waiting for Windows to Boot… Welcome to the new series-based blog that provides our consultants something to do when powering up lab and analysis systems running *certain versions of...

View Article

Image may be NSFW.
Clik here to view.

What We Do Series: Organizing FTP Logs

June 19, 2014, 8:25 am

Begin Blog: 10:54am EST I cannot remember the last time I actually reviewed FTP logs…. The layout of the ISS FTP log format (W3C) is well documented, but that was not the issue today. We are reviewing...

View Article

What We Do Series: Decide How to Backup Our Data

June 26, 2014, 6:30 am

Begin Blog: 13:20 EST; Shutting down Windows 7 Professional Edition The reason for today’s restart is that I was attempting to backup data to one of our network drives when I discovered that I could...

View Article

Image may be NSFW.
Clik here to view.

What We Do Series: Data Classification & Response

July 3, 2014, 6:47 am

Begin Blog: 2:44pm EST, Shutting down Windows Server 2008, R2 I was asked today, “How can Data Classification help?”; hmm, this is such a broad question so I decided to approach how this program can...

View Article

What We Do Series: Build Our Alternative Linux Box

July 10, 2014, 6:10 am

Welcome to the new series-based blog that provides our consultants something to do when powering up lab and analysis systems running *certain versions of operating systems. These are quick-hitting...

View Article

Image may be NSFW.
Clik here to view.

What We Do Series: Identifying Malicious Processes

July 17, 2014, 7:20 am

Begin Blog: 1:44pm EST, Shutting down Windows 7 Professional Edition Step with me into Bizarro World for a moment, because we are going to pretend that for some reason you have a physical memory image...

View Article

Image may be NSFW.
Clik here to view.

What We Do Series: Getting Started with FTK Imager

July 24, 2014, 6:47 am

Begin blog: 16:10 EST, Restarting Windows Server 2012 For whatever reason, I used to always manage to click the wrong option when I was asked to do something in FTK Imager at my college internship....

View Article

Image may be NSFW.
Clik here to view.

It is Time to Stop Crossing the Line; A Risk Perspective

August 1, 2014, 11:46 am

Time after time users are getting bit by not implementing a simple, but elusive concept; egress filtering and segmentation. With all the recent news about new variants of the Backoff POS malware, what...

View Article