Defensive Security Handbook

Password Storage Cheat Sheet, Cryptographic Storage Cheat Sheet Guide to Cryptography Kevin Wall’s Signs of broken auth (& related posts) John Steven’s Securing password digests IETF RFC2898, RFC5869 scrypt, IETF Memo: scrypt for Password-based Key Derivation Open Wall’s Password security: past, present, future These should provide some additio

... See more

Knowing the IP address(es) of your organization is the first step toward finding what is currently listed, but if you’re not sure there are several options. You can use the IP addresses of the resolver that we utilized earlier in this chapter or you can look at arin.net (Figure 18-16). Using the resolver (or shodan) may return results of server IP

... See more