Thursday, January 12, 2006

Vulnerability assessment - get permission first

Before assessing systems that are not 100% your own (ownership, accountability, etc) you should get permission to do vulnerability scanning. At least is you are an ethical hacker. While doing research I stumbled across this permission memo, courtesy of Ed Skoudis, I highly recommend that readers use this, or some other means, to get permission before starting any assessments on computers that you do not own. Even your employer's computers.

The Future Trends of Malware

Here is a link to a very interesting article:

I definitely see a "market" for cryptoviral extortion. Unfortunately, as the author mentions, the economics speak for themselves. Supply and demand.

Tuesday, January 03, 2006

IT Security Certifications

During the last 2 weeks I have been doing some research into the available IT Security Certifications, to summarize - the prominent ones seem to be:

CISSP (from - The CISSP seems to be most renowned and sought-after security certification available today.
SSCP (from - Can be seen as an intermediate certification for professionals not meeting the full requirements for CISSP yet.
Security+ (from - Security+ is seen in general as a very good entry-level course. It can serve as a good stepping stone on the road towards CISSP.
GIAC (from - Certifications from the SANS institute. Focuses more on hands-on technical experience, as opposed to a more theoretical approach taken by

I personally will start with the Security+ certification from CompTIA. Although one can jump into the "deep end" and pursue some of the more advanced certifications I like the idea of establishing the basic concepts and then re-enforcing them step-by-step, certification-by-certification. Some people will want to approach this differently - pursuing the certification more than the skills associated with it. I personally want to firmly embed the basics as I build a full set of skills.

Along the road, and coming soon to this blog, I am going to investigate a whole plethora of technical skills related to IT security. Expect to see some Assembler code as I investigate software vulnerabilities and develop the skills to write the exploits myself. I'll report on the tools I discover and my impressions on them as well as some short tutorials or step-by-step guides.

Hello 2006!

New year, new challenges and new opportunities.

Hello everybody and welcome to this periodical. My name is Stephan Buys, an ICT Security Engineer from South Africa. Professionally involved in IT since 1996 I have accrued experience as an IT Technician for, gasp, almost ten years now. The bulk of my experience is in email, Open Source (contributed heavily to Kolab) with my current thrust being into IT security.

In this blog, apart from the odd personal titbit, you will find information relating to my foray into IT security. I plan to publish links to interesting articles, impressions and more. I want to make this blog relevant, interesting and engaging - to that extent I welcome any feedback - so please dont hesitate to raise your voice.

So lets get to it shall we?