Security Assessments

I guess everyone has something about their job that they like the most.  For me, my passion is IT security.  As stated elsewhere in this site, I don't think you can build a reliable, robust IT infrastructure without also being well versed in IT security.  I also have experience maintaining PCI (Payment Card Industry) security compliance at a .com that took credit cards online.

I am available to review or test your IT infrastructure security or design a program from the ground up.  I have experience with several different firewalls, hardware based, Windows based, and Linux based.  I am also well versed in many security applications and devices such as follows:

  • NMap for port scanning
  • Nessus (OpenVAS) for vulnerability scanning
  • Microsoft Baseline Security Analyzer for identifying missing security updates and common security misconfigurations on Windows servers and workstations
  • Cain & Abel for testing the security of networks
  • TCPDump for protocol and packet analyzing on the Unix/Linux command line similar to Wireshark for Windows mentioned below
  • Wireshark for protocol analyzing to find out what is happening on your network
  • Snort for both intrusion detection and intrusion prevention (referred to as an IDS for Intrusion Detection System or IPS for Intrusion Preventions System)
  • Tripwire IDS for intrusion detection
  • Symantec Endpoint Protection for corporate wide virus protection
  • Vipre Business Antivirus for corporate wide virus protection
  • Kali Linux, claimed on their web site to be "The most advanced penetration testing distribution, ever."