Is Nmap smarter than Trustwave

A year ago when I was working for a company that had outdated firewalls at their store locations we were required to abide by PCI 2.0 requirements.  Well we had issues with these firewalls with not completing a PCI scan.  I worked with Trustwave to no end on why these would were timing out and not finishing their scans and the engineer assiting me at the time actually shared the nmap scan that was occuring from their cloud ASV scanners.  

Access Time turned off by default in Windows 7

If you want to have forensic information of access time for files you need to turn off ntfsDisableLastAccessUpdate in the registry.  See Below.


Database found within Websense with SA and blank password

Last week I found a database running on port 8203 from the Websense server that was using SA with a blank password.  We opened a ticket with Websense and they confirmed my findings with the current version.  They have not issued a solution yet.  It appears to be a test database but for what?  It was really funny how it was found since it passed our quick vulnerablity scan from neXpose.   Now this is not an issue from neXpose as I was using the default Full Audit profile as part of the final risk assessment.  Shame on me for not scanning all ports since it

Why I use DuckDuckGo vs Google for my Search Engine

Google blatantly tells us in their new privacy statement that they will use our information to deliver their services.  It is the model of we are the product of the product, but for some of these services its not that we are making the product better it is the fact that they are stealing our data which leads to our privacy to marketing companies for money.  So there must be other alternatives and I am on a quest to find best of breed alternatives. 

Useful Palo Alto CLI Commands

I promise more to come on this, just really busy at work these days.

Sharing my notes.

Obi100 VoIP gateway that supports Google Voice - Reviewed

By Bill Norment


Google+ Article

So I believe this will be part 1.  After I started unravelling all the features its about impossible to cover everything in one blog.  So there will be a part 2 for this blog.  I hope you enjoy part one.


Using rvm to run both versions of Ruby

First - install the latest version of git

$ sudo apt-get install git

Next run the following

$ bash < <(curl -s

Next go to the following user

Find Domain Controllers using NSLOOKUP

> set q=srv
Where is your domain.

Is Google Chrome Frame Secure?

Are there any security issues around using Google Chrome Frame plugin for any version of Internet Explorer? 
Microsoft will not comment on on 3rd party software.