Category: Information Assurance
Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012
This is a good link to describe DFARS 252.204-7012, which is the set of security requirements that all DoD contracts must follow:
Avoid Reusing Passwords
Google Knows…
If you have an Android phone, Google likely has a history of most of the places that you have been over the past 10 years. You can view that history by signing onto your Google account (via Gmail, etc.) and then going to:
https://myactivity.google.com/more-activity
Under location history, click “View Timeline.” A map will appear with dots showing where you have been. Based on my map, it appears that the history may only include locations within the United States and Canada. And there are missing places. But, the accuracy of the information displayed is quite refined. For example, I can zoom into a location I visited on a business trip a few years ago and can tell the hotel I stayed at. I can tell when I arrived at the hotel for the evening and when I left for the airport the next morning.
This location tracking is turned on by default on Android devices. It can be turned off in theory. But, it is entirely possible that Google collects and retains this information anyway.
General Links
Software Development
How to Configure Eclipse for Python
Information Security
Terms of Service You Did Not Read
Networking
How to Spoof DNS on a LAN to Redirect Traffic to Your Fake Website
WASC Threat Classification – A dictionary and description of various website attacks
Other
US Mobile Cell and Data Plans – Amazing prices if you know exactly what you need.
Fund and Grow – This company specializes in business finance through business credit cards. Interesting idea. I cannot recommend them one way or the other.
HourOfCode – Short programming oriented courses for kids – or kids at heart
3D Printed Gadgets for Woodworking
Tools
15 Tips On How to Use ‘Curl’ Command in Linux
Wi-Fi Networking Links
TL-WR802N Router
Here is the official link to the TL-WR802N router that I purchased in November 2018. Note that this router comes with a highly insecure default configuration. With some simple cracking tools in Kali Linux, I was able to obtain its login name and password in under one minute…
https://www.tp-link.com/us/products/details/cat-5506_TL-WR802N.html
Nevertheless, Open-WRT and DD-WRT can be installed on it to provide a more secure system.
https://openwrt.org/toh/tp-link/tl-wr802n
https://wr802n.blogspot.com/2018/04/dd-wrt-install-on-tp-link-tl-wr802n.html
Secure Your Router’s Access (OpenWRT)
How to Make an ISO Copy of Your Hard Drive on Ubuntu
General Links
Lock Down Wi-Fi with Wireless Isolation
Wi-Fi Security – WEP, WPA, and WPA2 (hakin9_wifi_EN.pdf)
CVE Details – The Ultimate Security Vulnerability Database
Wireshark Display Filters
Penetration Testing Hardware
The links below are to hardware devices that can be useful for penetration testing:
Professer Messer Security+ Videos
A good video supplement to Mike Meyer’s Videos for Security + is the Professor Messer set of videos:
Professor Messer Security+ Videos and Notes
These videos are 100% free. And they are transcribed for those who prefer audio or visual learning. Professor Messer also has detailed notes for a reasonable fee.
US DoD Major Defense Acquisition Programs
Here is a list of the US DoD’s major defense acquisition programs (MDAP) and major automated information systems (MAIS) acquisitions that are currently in progress:
PNO = Program Number