Global CyberLympics

Global Cyberlympics is a CTF (capture the flag) game organized by EC-Council. This is the first time it was organized, first time in Hungary and first time I've participated. I was part of it...the beginning.

Privileged Identity Management Part 2

What do I want to be able to do in an ideal world?

Privileged Identity Management Part 1

Privileged Identity Management is a really interesting area nowadays. It just started to evolve and spread in the market.

Usually the IT leaders do not know how important this could be for the prevention, detection of an incident or as evidence in a crime case. These tools intended to deter the administrators of doing things they shouldn't do and makes it possible to record (almost) everything! HOW?


Well, I have been away for a while because I decided to do the OSCP exam. It is more practical exam than the CEH because it consists of a one month long access to the lab and a 24 hour practical exam.

Create Chroot jail

This tutorial helps you to create a jail for your protection. It can happen that you download a script or code from the internet which is not a safe thing. It could contain malicious code or even an "rm -rf *". It is difficult to recover after deleting all files from your hard drive. It is even annoying if you run it as a general user. All your user level files will be lost (ok I know you can recover most of the files but I do not like to do this too often).

I found two solutions for this problem. These two were selected by me because I use Backtrack4 and Ubuntu 10.04.


Finally I've received the official letter confirming that I am a certified CISSP.
What next? Probably I'll try some more technical certifications. I haven't decided yet there are several opportunities in this field. I'll choose OSCP, CEH or CHFI.

Webserver - Debian Lenny

This is a Debian Lenny based "secure" webserver install tutorial.

The server is configured like a hosted webserver. Hardened, secured.


This section contains the firewall stuff.

Password cracking methods

I am really interested in the different password cracking methods. Sometimes I cannot decide which one is the fastes and more effective. You can choose between single CPU, multiple CPU (cluster), GPU, Rainbow tables, Distributed Rainbowtables and Online crackers.


This is an interesting page for me, because I decided to create a lab for testing different security settings,

issues and other stuff that comes into my mind.

I plan to continuosly modify this page as the concept changes. I will draw some network diagrams eighter.


This page will be the summary of all these. You can find the links below in the correct order:

Create the basic network separated with pfSense:

  1. pfSense Basic

Create LAN members:


Subscribe to IT Fanatic RSS