October 2013 - Stern Security

Privacy Guidelines

Privacy is a core pillar of our business and as such, we do everything possible to protect our client information.  We do not share client information with any third parties.

Visitors to our site will have their anonymous web information logged through our web server logs and Google Analytics and we will only use this information for statistical data and for investigations in the case of attacks on our website.

Our high regard for your privacy and security is the reason that we are in business!



Communities In Schools Orange County

“Stern Security has made our non-profit a secure place to continue business. They provided invaluable details on how to secure our wireless networks and educated us in the process!” Sheila Sholes-Ross - Executive Director, CISOC


About Us

Stern Security is a cyber security company headquartered in Raleigh, NC dedicated to increasing the long-term security posture of organizations.  Our team firmly believes in developing lasting relationships with organizations instead of the "hit and run" approach used by many consulting companies today. At Stern Security, we speak clearly to the business professionals and non-tech individuals within organizations and save our “tech speak” for the technical teams.

The consultants at Stern Security are highly trained data security professionals with many years of data security experience from security roles in numerous industries. Our consultants have major data security certifications, have won security awards and security competitions, taught security classes and continuously presented at security conferences.  We only assign senior security professionals to perform client work

We are deeply involved in the local security community.  We are members of several groups including ISSA, NCHICA, ISC2, and BSides RDU.  Our founder and CEO, Jon Sternstein was the former Security Officer at a large healthcare organization and is the author of Security Penetration Testing (The Art of Hacking Series) published by Cisco Press.

Most importantly, our team is looking forward to working with you!


Local Network Attacks: LLMNR and NBT-NS Poisoning

How can an attacker capture usernames and passwords on a local network by simply waiting for the computers to willingly give them up?  LLMNR and NBT-NS poisoning!

Link-Local Multicast Name Resolution (LLMNR) and Netbios Name Service (NBT-NS) are two components of Microsoft Windows machines.  LLLMNR was introduced in Windows Vista and is the successor to NBT-NS.

Subscribe to this RSS feed