F5 ASM Security Bypass
It has been long time without writing anything here again. I guess i am not a great blogger =) 2 months ago, with my friend Mesut Özer, we were working on a Cross Site Request Forgery issue. As an emergent solution before mitigating it application level, we tried to mitigate it web application firewall. While we were trying to mitigate this issue on WAF, we realized that, it was possible to bypass ASM rule set by sending over-sized HTTP request with custom parameters. This problem occurs F5 ASM 10.2.3. I could not have chance to test other versions. Then we contacted vendor and provided them details. 2 weeks ago they confirmed that this issue has been patched for above versions.
This is a quite good example of the importance of mitigating application level problems on application itself. =)
Metasploit Penetration Testing Book Review
It was very exited and kind request to me. That will be my first time and I am really newbie on this. I will be reviewing a Metasploit Penetration Testing Book. Thanks for this opportunity.
Perception Management Activities in Cyber World
I was in Marmara University, Istanbul for 3 hours seminar about Perception Management Activities in Cyber World and Cyber Terrorism. We talked about crime, social perspectives for the definition of crime, individualist approach for crimes, unconventional warfare, terrorism, psychological warfare and future wars. It was quite good seminar and want to thank all the attendees and people who organized this seminar.
Cyber Security Conference 12
It's been huge time and again a conference note =) Maybe you know, I have already established a study group name is Arquanum Multidisciplinary Cyber Security Studies. We are mainly focusing on not only information security brunch of Cyber Security, but also examining Perception Management, Sociology, Psychology, International Relations, War Theory, Unconventional Warfare and their implementations in Cyber World. I made a presentation about 4. Generation Warfare, Perception Management Activities in Cyber World and Cyber Wars. It was perfect. I want to thank all attendees.
Road to Denmark
I will be in Kopenhagen, Denmark from 10.12.2010 to 19.12.2010. I will have a chance to see Agata and Pawel who are my lovely friends, and also i will finally be able to meet Magdalena. This will be my first time in Europe and I am excited a little. If there is no problem, I will give a lecture at IT Kopenhagen University about my multidisciplinary cyber security researches. Although I gave a lot of seminars, this lecture will be my first activity in a foreign country and that makes me a little nervous too. I hope everything will go clear. I will share the details after my Denmark trip 
Stuxnet as a Cold War Weapon and New Generation Armament
I wrote a paper named "Stuxnet as a Cold War Weapon and New Generation Armament" in Turkish Lang. The paper gives a perspective about interdisciplinary cyber security process which i have been deeply interested in for three years and consists of International Relations theory, sociology, psychology, information security, electronics war, criminal science, forensics, non conventional war techniques, perception management and conflict management. Briefly i tried to make an introduction to how cyber crimes can be used as a weapon? What kind of operations can be done in cyber world?, Can cyber world be used as a cold war process?, etc. I will write it in English too later, but now it is available here for the people who know Turkish.
