You can subscribe to this list here.
2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
(6) |
Oct
(3) |
Nov
(1) |
Dec
(8) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2005 |
Jan
(13) |
Feb
(3) |
Mar
(1) |
Apr
(36) |
May
(4) |
Jun
|
Jul
(1) |
Aug
(7) |
Sep
(1) |
Oct
(15) |
Nov
(22) |
Dec
|
2006 |
Jan
|
Feb
|
Mar
(2) |
Apr
(2) |
May
(15) |
Jun
(2) |
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2010 |
Jan
|
Feb
|
Mar
|
Apr
(2) |
May
(1) |
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
(1) |
2011 |
Jan
|
Feb
(1) |
Mar
(1) |
Apr
|
May
(1) |
Jun
|
Jul
(4) |
Aug
(1) |
Sep
(5) |
Oct
(2) |
Nov
(2) |
Dec
|
From: Pete H. <pe...@is...> - 2011-11-28 13:48:36
|
Hi, I stumbled across this. It's an HHS Conference held in Argentina with Jorge Bernardo of Kwell. It is in Spanish but definitely worth a look! Conferencia HHS http://www.youtube.com/watch?v=WEK0n6-22_I&feature=related Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-11-03 10:55:59
|
Introduction to the OSSTMM 3 at FUDCon: Pune, India with Joerg Simon! If you are near Pune, India on Friday Nov 4th 2011 join the Fedora User and Developer Conference (FUDCon) in Pune 2011 at College of Engineering, Pune (CoEP). The brilliant, charasmatic Joerg Simon is giving a talk about the last OSSTMM 3 and the Fedora Security Lab. Do not miss it and pick up a special Security Lab Version with the latest ISECOM Papers, Methodologies and Programs. The talk is Scheduled at 11:00AM Nov 4th. Be there (and let Joerg know you read about this here). Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-10-03 10:49:33
|
When Defense in Depth Doesn't Work - a free Monday Evening Talk in Bern, Switzerland with Pete Herzog sponsored by Dreamlab When: Oct. 17th. Price: Free Language: English and German Details: http://www.dreamlab.net Register: Register by email to ME...@dr... And smart managers and professionals will want to stay for the Trust Analyst class the following day on Oct. 18th. The CTA is a 1-day certification class for anyone who needs to make decisions. Also excellent for anyone who deals with personnel, risk management, or security policy. It's also a great class for those hackers who really want to dig deep into social engineering. Trust has more to do with risk than most people know! Price: 1160 Fr. (including certification) Language: English (discussions can be in German) Details: http://www.trustanalyst.org Register: https://www.dreamlab.net/education/security-courses/certified-trust-analyst/cta |
From: Pete H. <pe...@is...> - 2011-10-03 10:23:22
|
Hacker Highschool (www.hackerhighschool.org) 6 years in action in Argentina! Read about it here: http://www.lacapital.com.ar/educacion/En-Rosario-funciona-desde-hace-seis-aos-la-primera-escuela-de-hackers-del-pais-20111001-0035.html Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-09-29 08:31:55
|
Hi, Tomorrow is the absolute last day to register for the most eye-opening and informative security testing class available. Next week there's a class in Paris, in French, for the Professional Security Tester certification class. You really don't want to miss out! The truth behind professional hacking is the mindset- great hackers explore deeper into how systems, people, and processes work than most everyone else, which is how they get past security. OSSTMM training shows you how to do this. I know many of you have been hesitant because of language and now here's your chance. It's a great chance to get certified in a class that will put you at the top of your game, learning to test and analyze security in a systematic, methodical way. Not to mention it's a huge boost for those of you seeking new jobs in IT or security. Dates: 03.10.2011 - 07.10.2011 Price: EUR 3400 Details: https://www.dreamlab.net/education/security-courses/osstmm-professional-security-tester-opst Register: https://www.dreamlab.net/education/security-courses/osstmm-professional-security-tester-opst/dlch-opst711fra Contact: Robert Randall <rob...@dr...> Furthermore, there's also classes in Italian, German, and Dutch as well. Check out the ISECOM training page for more details on certification courses in other languages: http://www.isecom.org/tp.shtml Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-09-28 17:57:42
|
The T-bomb: Why is the average person satisfied to trust someone or something with just 1 reason? And even a skeptical person is often satisfied with no more than 3 reasons. So with only 3 compelling reasons, even a hardened cynic can be owned. That's all it takes and then they got you. Trust can be wielded as a tool or a weapon. It can be used to bind or blind. Trust can be weaponized. Freedom: But it can also be liberating! Trust is closely tied to risk so knowing why you can trust allows you the freedom to let your guard down in the right situations and the right operations yet be totally and properly protected in others. It gives you finer control over the risks you take by reducing unpleasant outcomes or surprises. Get Your Trust On: In just one day, the Trust Analyst class will explain the properties of trust in real world environments from the board rooms to the the server rooms. We will examine the unbiased measuring of trustworthiness in business, people, systems, vendor contracts, and even Cloud environments. We will examine what makes trust: both as what feels like trust and what we need to have reasons to trust. We will demonstrate how trust misused or abused leads to poor decisions along with real examples you will be familiar with. Finally we will examine how applying trust metrics to those real world examples will make the right choice glaringly obvious to you. The goal of this class is to get you armed with practical trust skills so you can walk the walk the moment you walk out of the classroom. Audience: The CTA is a 1-day certification class for anyone who needs to make decisions. Also excellent for anyone who deals with personnel, risk management, or security policy. It's also a great class for those hackers who really want to dig deep into social engineering. If ever a class can bring together many walks of life, it's this one! Why: ISECOM certifications pay for ISECOM research such as the OSSTMM, Hacker Highschool, The Home Security Vacation Guide, the Bad People Project, attack surface metrics, trust metrics, and much more. This is a great opportunity for you to learn a critical skill which will benefit you from the moment you walk out of the class and also give back to the ISECOM community. So I hope to see you all there! When: 18.Oct.2011 Where: BFH, Wankdorffeldstrasse 102, Bern, Switzerland Price: 1160 Fr. (including exam) Language: English Details: https://www.dreamlab.net/education-de/security-courses-de/certified-trust-analyst Register: https://www.dreamlab.net/education/security-courses/certified-trust-analyst/cta Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-09-28 13:45:22
|
Hi, I've seen many requests from French speaking people regarding the ISECOM certification classes. I just saw that next week there's a class in Paris, in French, for the Professional Security Tester certification. The truth behind professional hacking is the mindset- great hackers explore deeper into how systems, people, and processes work than most everyone else, which is how they get past security. OSSTMM training shows you how to do this. I know many of you have been hesitant because of language and now here's your chance. It's a great chance to get certified in a class that will put you at the top of your game, learning to test and analyze security in a systematic, methodical way. Dates: 03.10.2011 – 07.10.2011 Price: EUR 3400 Details: https://www.dreamlab.net/education/security-courses/osstmm-professional-security-tester-opst Register: https://www.dreamlab.net/education/security-courses/osstmm-professional-security-tester-opst/dlch-opst711fra Contact: Robert Randall <rob...@dr...> Furthermore, there's also classes in Italian, German, and Dutch as well. Check out the ISECOM training page for more details on certification courses in other languages: http://www.isecom.org/tp.shtml Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Jorge B. <jo...@be...> - 2011-09-26 20:53:50
|
Thank you for your support. Jorge -----Mensaje original----- De: Pete Herzog [mailto:pe...@is...] Enviado el: miércoles, 21 de septiembre de 2011 02:05 p.m. Para: Hacker Highschool Asunto: [ISECOM-HACKERHIGH] Teaching Kids to Hack Hi, IEEE just published a great article on Hacker Highschool: http://spectrum.ieee.org/at-work/education/hacker-high-school Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org ---------------------------------------------------------------------------- -- All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ ISECOM-HACKERHIGH mailing list ISE...@li... https://lists.sourceforge.net/lists/listinfo/isecom-hackerhigh ----- Se certificó que el correo no contiene virus. Comprobada por AVG - www.avg.es Versión: 2012.0.1809 / Base de datos de virus: 2085/4510 - Fecha de la versión: 21/09/2011 |
From: Pete H. <pe...@is...> - 2011-09-21 17:03:46
|
Hi, IEEE just published a great article on Hacker Highschool: http://spectrum.ieee.org/at-work/education/hacker-high-school Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-08-09 20:17:02
|
Hi, We are looking to hear from teens and the parents/teachers of teens who have done some of the Hacker Highschool lessons from hackerhighschool.org. We will put you in contact with someone who has some questions for you about the lessons and how you feel they've helped you. Deadline is August 11th. So please get back to me by then. Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-07-13 10:11:22
|
Hi, "I was at a cafe in Bern, Switzerland last year to meet with two other ISECOMers: Nick Mayencourt, a Board Director and Philipp Egli an ISECOM trainer and the talk turned to robbing banks. That's not uncommon because Switzerland is very big on banking and also very big on security, especially the OSSTMM. So with the biggest diamond heist of the last century in the news again, you may have seen the movie based on it called Ocean's Eleven, we took a look at the case through the eyes of an OSSTMM Analyst. This is how it went." Direct link to article (no login required): http://www.isecom.org/Bank_Robbery_Analysis_OSSTMM3.pdf Full magazine: http://hakin9.org/online-banking-security-magazine-22011-2/ Sorry to all for the problem regarding the login requirements for the article. I'm just glad the magazine worked with us to find a solution to get direct access. Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-07-12 11:26:19
|
Hi, "I was at a cafe in Bern, Switzerland last year to meet with two other ISECOMers: Nick Mayencourt, a Board Director and Philipp Egli an ISECOM trainer and the talk turned to robbing banks. That's not uncommon because Switzerland is very big on banking and also very big on security, especially the OSSTMM. So with the biggest diamond heist of the last century in the news again, you may have seen the movie based on it called Ocean's Eleven, we took a look at the case through the eyes of an OSSTMM Analyst. This is how it went." http://hakin9.org/analyzing-the-biggest-bank-robbery-in-history-lessons-in-osstmm-analysis/ Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-07-11 16:04:10
|
Just a reminder to check out this new article and share it with people who could use it: The ABZs of Cybersecurity "People are careless. You cannot trust that other people will do their part in keeping you safe." https://www.infosecisland.com/blogview/15036-The-ABZs-of-Cybersecurity.html Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-07-08 16:42:59
|
Hi, A must read for those of you in the process of understanding security and hacking. It's also great to give to those who you want to be more security aware. The ABZs of Cybersecurity <If we want people to be safer with their information we can't go the "just say no" route since people just won't do that. Abstinence doesn't work for school sex programs and it won't work for online safety. The main reason for this is because our physical and emotional needs are extremely complex, involve multiple chemical interactions in multiple areas of our body and you can't just will them to stop. They are there. So here's some of the practical security awareness we provide to mollify the bad info habits of people in this age of instant communications and instant gratifications.> https://www.infosecisland.com/blogview/15036-The-ABZs-of-Cybersecurity.html Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-05-23 13:58:58
|
Hi, I'm looking for people who have taught the Hacker Highschool lessons (www.hackerhighschool.org) at a high school or as part of home schooling. Please get back to me as I'd lie to talk to you about it. Thanks! Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-03-16 20:48:36
|
Hi, I posted a new article: https://www.infosecisland.com/blogview/12596-The-Lots-of-Sex-Risk-and-Security-Project.html It's about the failure of current security awareness programs. Really good stuff for those of you interested in Hacker Highschool! If you can come to the Troopers con (www.troopers.de) at the end of the month, I'll be there discussing a lot of these techniques in depth as well giving examples of many, many more. Actually, you should come to Troopers and look me up while there! Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2011-02-15 18:35:12
|
Hi, There are 2 new seminars available next month held at the Troopers conference in Heidelberg, Germany, starting March 28. "Smarter Safer Better" is for anyone, really anyone, who wants to understand how the human mind works to make better trust and security decisions. Think of it as the ultimate security awareness class where you are first aware about YOU and how to sharpen those instincts. It's an eye-opening experience! See http://www.troopers.de/troopers11/agenda/smarter-safer-better-workshop/ "OSSTMM 101" is that class for everyone who just couldn't get through reading the whole OSSTMM 3 but really wants to know about it and how to it gets applied. See http://www.troopers.de/troopers11/agenda/osstmm-101-workshop/ Both classes are taught by me, Pete Herzog and are each 1 day long. Check out the Troopers agenda for more details: http://www.troopers.de/troopers11/agenda/ Then you can sign up and register here: https://www.troopers.de/sign-up/ It's a great venue and these will be great seminars! Hope to see you there! Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org . |
From: Pete H. <pe...@is...> - 2010-12-17 19:07:45
|
Hi, The OSSTMM 3 hs been released. It's the ultimate guide to teach security and how to break it whether it's network, physical, human, or wireless. Get it here: www.osstmm.org Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org |
From: Pete H. <pe...@is...> - 2010-08-30 12:08:46
|
How do we get manipulated, cheated, scammed, and robbed? It doesn't just come from thieves and hackers but also people like advertisers, co-workers, journalists, politicians, leaders, and even our own loved ones. If you don't learn to see through it then you will always be poorer and at a greater disadvantage in work, school, and life. But it doesn't have to be this way. ISECOM, the non-profit, security research organization is rolling out a seminar series world-wide to help you learn the skills you need to defend yourself and your family at home, online, at work, and on the streets. WHEN AND WHERE? For only 3 weeks in October, Pete Herzog, security researcher, security analyst, and co-founder of ISECOM, will be kicking off the Insecurity Seminars in select states and provinces for organizations who want to sponsor them for public or private venues: USA: NY, CT, PA, NJ, DE, MD, VA, NC Canada: ON This is your only opportunity now to bring an internationally acclaimed security and trust expert on timely, sensitive, and highly critical topics to your organization, community center, school, or business. THE SEMINAR SERIES How great would it be to know how to peel through the lies and deception in your life? Everyone has been fascinated and stunned by what they learn about security, trust, and themselves in ISECOM seminars. They learn how to develop a real sense of security. So now think how great would it be to live in a community where others could do that as well? This is people helping people to become smarter, safer, better people. You can help us do this by sponsoring any of the following 2-hour seminars in your area: -- Hacker Highschool, Critical Security Thinking for Teens One of the most powerful things you can give a teen is how to be curious and resourceful like a hacker. Hackers succeed as they do because they know how to teach themselves beyond the lessons provided and give themselves the skills they need to see further and achieve more. This seminar provides a foundation in security the way the hackers learn it and the skills teens need to learn to take charge of their own learning beyond the school books. Parents and educators attending will also learn how to help other teens and how to start a Hacker Highschool chapter in their school. -- Smarter Safer Better Whether it's advertising, identity thieves, con-artists, social conformity, bad relationships, or political promises, we all need to deal with the pressures of persuasion and deception all the time. This seminar covers practical skills to keep yourself from being tricked, fooled, or persuaded into making a choice you should know better not to. We will show how you get tricked and manipulated, the truth behind control, and how to empower yourself by giving others reason to trust you. By learning to think critically and see through the lies, fraud, and artificial influences around you is how you make yourself smarter, safer, and better. -- Mastering Trust If you ever wondered how you can see through a lie, expose fraud, or know enough to challenge deceit then this seminar is for you. Learn how to improve your trust instincts to make the right decisions quickly. Whether in times of crisis or just business as usual, we must face many choices where we need to trust someone or something and we need to be right about that trust. This seminar will teach you how to do exactly that. -- Making Sense of Security This is practical, no-nonsense, straight-talk on security based on OSSTMM 3 research. The OSSTMM is the ultimate manual on how to break the security of anything and the third version is more detailed and more explicit than ever before. Whether you need to lock down a building or a computer, the OSSTMM is the go-to resource on how to do it right and verify it. OSSTMM research has found its way into other security standards like ISO 27000 series and the NIST documents so you can be sure that when it comes to security, this is what you need to know. This seminar will lay out the how and why of the OSSTMM 3 in plain talk that will benefit and enlighten anyone whether they are professionals or security do-it-yourselfers. -- Mastering Trust for Couples and Families If you ever wondered if you can open up or trust someone again then this seminar is for you. Relationships are built on trust however sometimes that trust gets broken either in big or small ways. This seminar gives you the tools to analyze your own ability to trust and your own self confidence to become a better person by clearly seeing how to repair broken trusts. No tricks. This seminar provides very real and practical solutions for very real problems by identifying what your reasons are to trust. -- The Bad People Project There are too many rules for children to learn about being safe. Parents worry. They want that their child is safe and happy. So they pile on the rules for life but many conflict, are antiquated, or just don't make sense. That's why ISECOM began a project to study how we can improve the rules we give to children, understanding that cultural differences, mass media, and social conventions may reduce their effectiveness. First, we needed to know how children imagine a bad person looks and acts like. So we asked them to draw one. Now we are building better safety rules that children can hold on to through life regardless if on the streets, at school, at work, on the telephone, or over the Internet. Learn how we are doing this, how you can take part, and how you can bring these rules to the children in your life. This seminar is for parents and educators who want to keep children safer and happier in the modern world. WHO IS ISECOM? ISECOM is an open, non-profit, security research organization with the mission to "Make sense of security". Founded in 2001 in Barcelona, Spain as an open source research community, ISECOM received non-profit status in 2003. ISECOM regularly releases projects and updates based on cutting-edge security and trust research. BOOKING A SEMINAR These seminars are provided in conjunction with our sponsors. Sponsors need to provide the venue and commit to a sponsorship per seminar to cover speaker expenses and materials. Last day to reserve is September 10th however you should contact us as soon as possible to fit into an available time slot. With just a limited time in the US, you need to act now to coordinate dates and locations with us. ISECOM seminars are a great way to reach the people in your community or within your specialization and take steps towards equipping them with knowledge and skills to fend for themselves! CONTACT in...@is... http://www.isecom.org/seminars -- |
From: Pete H. <pe...@is...> - 2010-05-12 22:05:53
|
Hi, We updated the Bad People Project with new pictures and a new design. But we still need your help! At the website www.badpeopleproject.org you will now find a PDF (the one with the picture of the girl on the cover) which explains the project, it's goals, and how to participate. Please take it and print it or pass it on to schools and parents you know. We really need your help to make this happen. http://www.badpeopleproject.org Thanks! (Translations of the PDF are also welcome if you have time and want to see it in your language.) Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org |
From: Pete H. <pe...@is...> - 2010-04-06 18:21:18
|
Hi, We are starting a project to get a better idea of how children think about what's bad to better understand how to teach children how to be safer. This is the Bad People Project and we have a sample available here (as we get more information and build the galleries): http://www.isecom.org/bpp/ We need your help! We need you to send us your submissions, license free to use by ISECOM, where you ask a child to draw what they think a bad person is or looks like. Do not help or influence the child at all. Have the child tell you who/what it is and include this and any relevant information with the submission. Also include: Child's Name (optional) Child's Age Location / Region Any relevant additional info The goal of this project is to build security and safety awareness for children by understanding how a child sees the scarier part of the world. This will also allow children in other regions, other countries to explore the diverse aspects of childhood around the world by looking at each other's pictures. Please help us out by sending us a child's drawing either scanned in or taken with a digital photo. Thanks! Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org |
From: Pete H. <pe...@is...> - 2010-04-06 18:00:14
|
Hi, We are currently updating and re-writing existing lessons as well as writing all new lessons to cover new technologies. Lessons run about 10 pages and are designed to challenge the young hacker. A guide on how to write a lesson can be found here: http://www.hackerhighschool.org/lessons/HHS_en0_Contributor_Guide.pdf Our HHS program has been very successful with hundreds of thousands of lessons downloaded. They are currently used in hundreds of schools and by home-schoolers all over the world. Each lesson you create and re-write will carry your name (and picture if you so choose) as the developer and will be something you can be very proud of. Please check out the Contributor Guide and get back to us as to what kind of lesson you want to do or re-do. Thanks for helping us make this project a success! Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org |
From: Pete H. <pe...@is...> - 2009-05-05 11:02:00
|
Hi, We are currently changing the HHS template and looking for people to re-write old lessons and write new lessons for the project. Let us know if you can help. We have also started a page on Facebook for those interested in joining. See http://www.facebook.com/pages/Hacker-Highschool/75099892466?ref=mf to join in! Sincerely, -pete. -- Pete Herzog - Managing Director - pe...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org |
From: Rick T. <ri...@is...> - 2006-10-25 13:16:32
|
http://www.infobae.com/notas/nota.php?Idx=270983&IdxSeccion=100841 See link for an interview with Jorge Bernardo about HHS in the Argentinian newspaper Infobae (in Spanish). -- Rick Tucker - HHS Project Manager - ri...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org ------------------------------------------------------------------- ISECOM is the OSSTMM Professional Security Tester (OPST) and OSSTMM Professional Security Analyst (OPSA) certification authority. |
From: Rick T. <ri...@is...> - 2006-06-26 21:03:58
|
Not sure what happened here, but neither of the posts below are showing up in the archive. I'm resubmitting them for anyone who didn't get them. Rick -- Rick Tucker - HHS Project Manager - ri...@is... ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org ------------------------------------------------------------------- ISECOM is the OSSTMM Professional Security Tester (OPST) and OSSTMM Professional Security Analyst (OPSA) certification authority. Stacey Bryden has posted a revision of the Chapter 8 lesson summary on the HHS discussion list. Please give her your comments and feedback. If you haven't signed up for the discussion list, you can do so on the HHS site. -------- Original Message -------- Subject: Re: [ISECOM-HACKERHIGH-DISCUSS] Chapter 8 summary review from Rick Tucker Date: Wed, 21 Jun 2006 11:38:14 -0700 (PDT) From: im 414345 <im4...@ya...> Reply-To: Discussion list for the Hackerhighschool Project <ise...@li...> To: ise...@li... I want to thank everyone for the feedback provided to me on my first draft efforts. I have attempted to meet all the comments and expand the summary as needed. Here is the modified version for your review. Stacey Summary: Forensics has expanded to include all types of digital devices such as mobile phones, PDA?s and more. While the scope of the field continues to expand there are key elements that remain constant. Maintaining a structured approach to the process and ensuring adequate records are created is a cornerstone to all investigations. Failure to maintain proper documentation and chain of custody of evidence will have a negative impact on the outcome of a case. While forensics primarily focus on retrieval of information from hard drives, CD?s, and other digital media there are other key sources such as firewall and IDS logs that are often included in the context of an investigation for event correlation. Linux has become a primary operating system for performing forensic discovery for a variety of reasons including the ability to recognize various file system types. Linux is widely accepted within commercial and law enforcement fields as the leading platform in forensic cases. This largely stems from the ability of Linux to understand and mount a wide variety of file system types as well as its protective abilities by providing the ability to mount various media in read-only mode without requiring hardware intervention (such as jumper settings on hard drives that can be easily forgotten). This is not to say that Windows based forensic tools are not utilized for many organizations will at times use both system types. This can be to provide for corroboration of evidence and also to provide for the technical knowledge of the investigators involved or organizational preference. The National Institute of Standards and Technology (NIST) has the Computer Forensic Tool Testing Project to independently test and evaluate the performance for write block tools and devices and disk imaging tools providing a level of standards to assist investigators. There are several issues that can be encountered in a forensic investigation. When the suspect has made attempts at avoiding recovery, encryption is often used to guard data however recovery can be possible through efforts such as brute force, dictionary attacks, and attempts with previously used passwords. Other common issues involve maintaining: proper procedures for seizure, the chain of custody, and proper documentation. Without standard procedures and appropriate documentation presenting evidence that could stand up in a court of law becomes difficult. Forensics is a constantly expanding field with more digital evidence being collected to provide additional support on cases as varied as murder, harassment, hacking and more. With the growing dependency on technology more data is being generated providing for more detailed assessments of events and supporting physical evidence in cases. Assignment: If you were given a case, where would you start? What evidence would you ?tag and bag?? What procedures would you follow? What would you log? Consider the potential for going to trial on the case. How would this affect the type of evidence gathered and the methods used? Would a trial affect the types of logs and the detail of the records that were kept? In the event of a trial appearance, would you be able to defend your work and discovery process with ease? Six months after the investigation has ended and you have worked other cases? A year? Would you be able to provide credible testimony with the records and detail level that were kept? If not what additional efforts could be made to facilitate this effectively? ------------------------------------------------------------------------ Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail Beta. <http://us.rd.yahoo.com/evt=40791/*http://advision.webevents.yahoo.com/handraisers> |