• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

War Room

Shells from above

RSM logo

  • Home
  • About
  • Blog
  • Talks/Whitepapers
  • Tools
  • Recreation

Defense

Saurus’ Guide to Security+

June 5, 2019 By Saurus

Hello fellow security professionals and those aspiring to be! Saurus here and excited to write to you on a new blog post. Being a consultant keeps me fairly busy. In addition to managing my workload I recently obtained my COMPTIA Security+ certification.  While the experience of taking the exam is still fresh in mind, I wanted to draft up a blog post about some of the ... READ MORE

Email Controls: Implementing DKIM with Postfix

February 14, 2019 By silburfuchs

Previously on the War Room, we discussed some basic mail control implementations. Specifically, we looked at simple text records that can be posted to determine what is allowed to send on behalf on the domain. SPF records and DMARC records, when properly configured, can help reduce the chances of someone being able to spoof the domain in a phishing attack. So the next thing we ... READ MORE

The Basics: SPF and DMARC Records

November 26, 2018 By silburfuchs

It is no secret that one of the major attack vectors is phishing. While some of the success of this is due to a lack of user education and awareness, the other side of the coin are missing basic controls. There is no shortage of enterprise level phishing controls out there, Mimecast and Proofpoint for example. However, these are not silver bullets when it comes to protecting ... READ MORE

Prevent GPO from applying to your attack VM

July 28, 2017 By Corey Gilks

You’re on an engagement and just obtained your first set of credentials. Score! You attempt to join your Windows VM to the domain and you are greeted with a warm message: “Welcome to the __ domain”. You’re excited to have your initial foothold in the network but you quickly realize these credentials don’t provide much access. We need to go deeper! You start looking for ways ... READ MORE

Interior Routing Protocols: The Basics

July 21, 2017 By Saurus

Being part of the blue team it is helpful to have familiarity with routing protocols as they help you move traffic throughout the network and if you don’t well, then you have come to a good place to start. Routing protocols can be classified into two different categories: exterior and interior. Exterior routing protocols focus on routing from a network to the internet while ... READ MORE

Segmenting, Subnetting and You

April 24, 2017 By Saurus

I  completed a week of Cisco Certified Network Associate (CCNA) training and passed the exam.  I learned an interesting bit about how to quickly subnet. I would like to focus on how to subnet quickly without a calculator. For blue teamers, this skill is useful for implementing and evaluating segmentation. For red teamers, it can be useful for determining the number of potential ... READ MORE

Block Cipher Modes of Operation: A Primer

March 28, 2017 By tzs

poorly encrypted lambda

Block ciphers, as the name suggests, encrypt a cleartext by splitting it into individual blocks. Therefore, a key property of a block cipher is its block size which describes how much data that cipher encrypts at a time. For example, the Advanced Encryption Standard (AES) has a block size of 128 bits regardless of key size. AES128, AES192, and AES256 all describe the key size ... READ MORE

Flash….Thunder!

February 24, 2017 By T3phanis

So another year has passed and what an active year it was, chocked full of security events, breaches, and account dumps! Accounts that have been breached continue to pop up on multiple sale sites and we continue to see a trend that has plagued the industry for years and years... password reuse. I know what you're thinking, oh boy another blog about password reuse and why ... READ MORE

Defending Web Apps: WAFs versus RASPs

June 23, 2016 By tzs

Edsger Dijkstra once famously stated, "Testing shows the presence, not the absence of bugs." Accordingly, even well-tested web applications written by the most security conscious developers are still likely to contain security flaws. In light of this reality, defense-in-depth is a wise strategy. A common means of defending web applications in production is through the use of a ... READ MORE

Encryption Basics: HMAC

December 28, 2015 By malarkey

We have covered a method for key exchange, and we have covered a way to implement public key encryption and message signing. Our topic today is hash-based message authentication codes or HMAC (a subset of message authentication codes). An HMAC provides us with most of the features of message signing, but it is quicker. There are times when you will use one over the other, and ... READ MORE

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to Next Page »

Primary Sidebar

Categories

  • Defense
  • Forensics
  • Offense
  • Physical
  • R&D

Most Viewed Posts

  • Sophos UTM Home Edition – 3 – The Setup 10,703 views
  • DLL Injection Part 1: SetWindowsHookEx 10,427 views
  • Leveraging MS16-032 with PowerShell Empire 9,898 views
  • Bypassing Gmail's Malicious Macro Signatures 9,782 views
  • How to Bypass SEP with Admin Access 8,411 views

Footer

  • RSS
  • Twitter
  • Tools
  • About
  • RSM US LLP

+1 800 903 6264

1 S Wacker Dr Suite 800
Chicago, IL 60606

Copyright © 2019 RSM US LLP. All rights reserved. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit for more information regarding RSM US LLP and RSM International.