Operation n

SQL-Injection: Microsoft and HP help out?
Both Microsoft and HP have released a free set of tools that will check web applications for any weaknesses that revolve poor parameter filtering that would lead to SQL injection or XSS. HP have released Scrawlr, which based around the commercial product, WebInspect Wait a second, didn’t Spidynamics create WebInspect? Yes but HP bought them out.
Microsoft offer urlscan 3.0 beta and have a source code analyser that detects whether ASP code is susceptible to SQL injection.

Well what about security certifications? There are useful guides to certifications at about.com and dmiessler.com. Arguably, the better internationally known certifications listed are CISSP and SCNP. One recent addition into this arena is the Certified Ethical Hacker (CEH). Their course outline provides a very good background on what you should know as a security tester. Whether the content is any good is another thing.

Also have a look at Bruce Schneier’s thoughts on security certifications, along with Marcus Rankum’s counterpoint.

Then there are government certifications. In the UK, they apply to security companies and personnel that may work on government projects, which usually are not for public consumption. These accreditation allow cleared companies to work on these projects whilst adhering to some stringent rules. The thought process for this is that the government get an independent review of their systems from their pool of accredited testers. The Communications-Electronics Security Group (CESG) set the precedence for security of communications and data. They have a number accreditation schemes for companies. They include CESG Listed Adviser Scheme (CLAS), which focuses in the audit and policy side of security and CHECK which provides a more technical audit and healthcheck of systems. Although the latter is being phased out by Council of Registered Ethical Security Testers (CREST)
On the other side of the pond, it is a bit unclear who would be allowed to work on government projects but it appears they have agencies just for that very thing. For example, the states have National Institute of Standards and Technology (NIST) who offer services including Federal Information Processing Standard Publications. Canada have a similar agency setup in Communications Security Establishment Canada (CSEC).

Like with other fields in the computer industry, the big question is do you want/need to get certified?

Experience counts for a lot and one argument is, the material covered by the certification quickly becomes irrelevant and you have to keep shelling out money to keep up with the accreditation. For example, I have a Sun Java 2 Programmer certification from many, many years ago. But that is not going to do me any good right now, even though I do have base Java knowledge, Java and me like a separated/divorced couple have grown apart! Another train of thought is that certain vendors push their certification too hard and now so many people have the qualification, it cheapens the qualification.
However, having a recent qualification should at least illustrate that you have the base knowledge and cannot hurt your CV credentials.

Big players like Checkpoint, Cisco, IBM, Microsoft, Oracle, Redhat and Sun (Java) have established programs. Other players (particularly open-source) are still setting up such as PHP and Perl.

Fuzzers are not stuff found in your belly button. No but they can be thought of something that randomly prods belly buttons. Seriously though they are automated programs that can look for vulnerabilities in applications by injecting random code that could break them. Basically, you are looking how applications respond. Is your try-catch-finally statements up to scratch? How is your error-handling? Find out with this selection of fuzzer toys. This appears to be a good guide too.

A Japanese lady managed to live undetected for a whole year. Now an ideal physical attack is to somehow get someone inside a building undetected, keeping a low profile and staying over. A well protected building would likely stop this attack. Naturally you’ve got to know a lot about this building in question before even contemplating an attack like this.

A homeless woman who sneaked into a man’s house and lived undetected in his closet for a year was arrested in Japan after he became suspicious when food mysteriously began disappearing.

Police found the 58-year-old woman hiding in the top compartment of the man’s closet and arrested her for trespassing.

The resident of the home installed security cameras that transmitted images to his mobile phone after becoming puzzled by food disappearing from his kitchen over the past several months.

One of the cameras captured someone moving inside his home Thursday after he had left, and he called police believing it was a burglar. However, when they arrived they found the door locked and all windows closed.

“We searched the house … checking everywhere someone could possibly hide. When we slid open the shelf closet, there she was, nervously curled up on her side.”

The woman told police she had no place to live and first sneaked into the man’s house about a year ago when he left it unlocked.

She had moved a mattress into the small closet space and even took showers.