now browsing by tag
556 Forensics, LLC. is now proud to offer notary public services for customers located in Colorado.
Call (702) 518-7467 now to schedule notary services now!
If you’re not sure what a notary is, feel free to follow this link, to the Colorado Secretary of State’s office, where they can give you additional information about when/why a notary may be useful! Colorado Secretary of State Notary Page
Source: ISC Sans
When the corporate network becomes target, auditing for security policy compliance can be challenging if you don’t have a software controlling irregular usage of administrator privilege granted and being used to install unauthorized software or to change configuration by installing services that could cause an interruption in network service. Examples of this possible issues are additional DHCP Servers (IPv4 and IPv6), Dropbox, Spotify or ARP scanning devices.
We can use nmap to detect all protocols that sends broadcast packets and are supported by packetdecoders.lua:
- ARP requests (IPv4)
- CDP – Cisco Discovery Protocol
- EIGRP – Cisco Enhanced Interior Gateway Routing Protocol
- OSPF – Open Shortest Path First
- Logitech SqueezeBox Discovery
- Multicast DNS/Bonjour/ZeroConf
The following example shows how to use nmap with the broadcast listener script and we can see the result of a device with dropbox installed, a device sending ARP request (a router in this case) and a device sending DHCPv6 requests:
You can run this program periodically to track common security issues in your network, just in case your IPS could be missing something 😉