Mafia Security Information Security Articles & Resources

Justin Amash CISPA “On Thursday, April 18, I voted no on H.R. 624, the Cyber Intelligence Sharing and Protection Act (CISPA). This year’s version includes marginal improvements over last year’s bill, which I also opposed, but these changes don’t go far enough to protect people’s private data, and many of the bill’s most significant problems remain unaddressed. Like last year, the bill overrides federal ... Read More »

SharePoint is the common name for a group of five Microsoft SharePoint products and technologies.  SharePoint began as a data and document management solution, with new iterations acquiring aspects of a web server, wiki, blog creation/management and social networking -  the last feature coming from features offered by Yammer, a corporate social networking service bought by Microsoft in 2012. When ... Read More »

Whether you’re building a brand new network or looking for ways to improve the resiliency of your existing infrastructure, the following guide is intended to give some tips on how to minimize the effects of failures within the network. This guide explains configuration for primarily Cisco Fault Tolerant Network Design equipment, but a lot of these same principles and protocols ... Read More »

Recently, my company found out that our current file monitoring software was being deprecated. After researching many expensive options, we found the Windows built-in file integrity monitor would suit our needs for Windows Security Auditing. First, there are both pros and cons with using Windows security auditing. One of the benefits of Windows security auditing has verse third party software ... Read More »

Hakin9 is a magazine about the best technical solutions and latest trends in IT security and insecurity. We wish to make this knowledge accessible to everyone, whether they are professionals or hobbyists. The articles we publish are written by specialists who put theory into practice and show how to gain hakin9 skills.  - This affiliate has offered step by step Metasploit free tutorials for Mafia ... Read More »

Before diving into the auditing cloud computing let us first look at what it is. Cloud computing has many different defections; however, since 2009 cloud computing became a popular buzzword as a new way to conduct IT business.  As a metaphor for the Internet, “the cloud” is a familiar cliché, but when combined with “computing,” the meaning gets bigger and ... Read More »

Passwords are the most common form of identification, they are also the weakest. In today’s age, strong authentication is becoming increasingly important. There are a number of alternative authentication methods that have been around for a while, such as voice recognition, fingerprinting, and retinal scanning. There are also new technologies hitting the market as well, one of them is Deepnet ... Read More »

The purpose of this article is to show a linux email server advance guide for internal email server with pop3 & IMAP support over SSL with access available via Thunderbird. For this Linux Email server advance guide we will use postfix as the SMTP server, Dovecot as the IMAP/POP3 & Auth server, with postfix using dovecot’s SASL function to authenticate (Openssl used ... Read More »

USB storage devices are everywhere and just about anyone has a USB Flash Drive on them or has one at their house. People are also pick up lost Flash Drives they find on the ground at work or outside of work and then they end up using these Flash Drives that aren’t verified and properly wiped. The USB Switchblade example ... Read More »

Security, privacy, and incident responses are often the important drivers in a company’s decision to pursue a bring your own device auditing (Navetta, 2012). When dealing with laptop device security and mobile device security most companies policies are different even though both devices have the same common security controls such as encryption and VPN capabilities; however, the divide starts when ... Read More »