Places to go on the Internet to practice your hacking skills.
Here is a site that lists some of the above and a bunch more:
“22 Hacking Sites, CTFs and Wargames“
On Linux this is quite easy. Some drivers will require your interface to be inactive if you want to do this.
- ifconfig eth0 down
- ifconfig eth0 hw ether 11:22:33:44:55:66
- ifconfig eth0 up
- then request a new IP address with dhclient
Nice little post here on continuous IR, and how it can feed into the program as a whole.
Making Incident Response a Security Program Enabler
The approach an organization can take to take incident response from a reactive process to proactive one involves the following steps:
– Improving an organization’s incident response capabilities
– Improving an organization’s root cause analysis capabilities
– Improving an organization’s security monitoring capabilities
– Influencing others to see incident response as a continuous process
– Operationalizing incident response information
– Collecting and documenting data for the organization’s incident response metrics
– Analyzing the organization’s incident response metrics to produce intelligence
– Presenting the intelligence to appropriate stakeholders
An interesting article from OpenDNS.
When you see an AV alert you need to triage the system, because it has been compromised + there may be still some undetected malware present on it.