.: July 2006 Archives
Information Overload. Kind of hard to admit that I am nearing that point, since I completely love learning things and absorbing knowledge. But the IT, techie, world has been doing that to me lately...really kicking my ass. I want to learn so much, catch up on things over the years that I missed because I wasn't a packet geek or into coding as a child (yeah, right!). I have an entire different part of this site dedicated to postings and news and links and tidbits of knowledge that I have happened across in the past few years (I keep these separate because, well, it's just for me). I have a huge list of bookmarks in my web browser that are "pending" things to check out, usually tools, large sites, or long papers that I didn't have time to fully deal with back when I was made aware of them. I have dozens upon dozens of books that are half-started or not yet read...as if just owning them means I can somehow claim the knowledge locked away.
I don't have enough hours in my day, enough days in my life, to learn all this stuff like I want to learn it. That's frustrating beyond belief.
Couple this with my recent soul-searching about my career. I love my career to date and where it is going, but I've had some thoughts that maybe specializing a bit more would be beneficial.
Now that I was working on "that other" part of my site that will remain mysteriously locked away, I have realized that my categorizing of information is almost manic at this point. It is still a mess and I'm not happy with having all this knowledge in front of me and just not having the time to get to it. Maybe I should specialize that too?
It kinda makes sense, but while I am happier to do this with my young career, I'll likely not adopt that quite too soon with my thirst for knowledge...but I certainly need to slow down and instead of blitzing this realm, to sit back, clear off the desk, and focus on a few things at a time and truly enjoy and experience them.
by LonerVamp 07.02.06 at 12:48 AM in /general
This paper is very advanced using a lot of different skills, but it does demonstrate how to abuse SNMP on a Cisco router
to get its configuration file, and then have some fun with Generic Routing Encapsulation (GRE).
by LonerVamp 07.09.06 at 12:11 PM in /general
There are scripts and various automatic ways of hardening a Linux system, but nothing is more informative and instructive than doing many of the tweaks and settings manually
. I liked this post because it really delved into a few of the particulars and exactly what is going on.
by LonerVamp 07.09.06 at 12:13 PM in /general
Link to pictures
of the CDC 2005 event at Iowa State University. The CDC is the CyberDefense Competition held at ISU where teams of students attempt to defend their networks against a team of attackers (usually area professionals) over the course of an entire weekend. The event is reminiscent of Defcon's Capture the Flag, but with a much more instructive mentality. I wish we had this much stuff in this field at ISU back when I was a student! A version of this is also being held annually where high school teams are the defenders and college students are the attackers.
by LonerVamp 07.09.06 at 12:35 PM in /general
This link I have not tried recently, but I believe these are still free study guides for the cissp
and should still be pretty informative. I read one or two about a year or more ago, and file away the link for a time when I could more fully pursue the cissp. I believe these are from Shon Harris and hosted by this site as a sponsor.
Of note, Shon Harris also has CISSP training
that you can pay for and attend.
by LonerVamp 07.09.06 at 12:40 PM in /general
by LonerVamp 07.09.06 at 12:50 PM in /general
by LonerVamp 07.09.06 at 12:54 PM in /general
One of my favorite blogs, Security Monkey (or A Day in the Life of an Information Security Investigator), made a post about how to increases your chances of getting into the lucrative and fun field of penetration testing
. The comments are nearly as good as the post itself and I definitely wanted to keep this around.
by LonerVamp 07.09.06 at 2:28 PM in /general
Wow, I never thought I would see an article on CNN.com that had some technical merit! CNN questions laptop security
and why exactly is sensitive data finding its way to mobile devices in the first place? Excellent question!
by LonerVamp 07.12.06 at 6:54 PM in /general
Blue Pill and Red Pill
are part of some new research into hardware abstraction and virtualization where a system can be fully controlled by an attacker if he/she can get an abstraction layer between the OS and the hardware...well, then it's game over. Thankfully, this is not easy and does require physical access. Nonetheless, cutting-edge creativity is quite interesting.
by LonerVamp 07.12.06 at 10:02 PM in /general
Email headers are a simple thing, but when you're in a bind and needing to read one or more, they can sometimes be such an annoyance. This paper is a fullblown discussion on email headers
and what they mean. Quite a nice read, to be honest.
by LonerVamp 07.12.06 at 10:19 PM in /general
A nice long list of popular firefox security extensions
by LonerVamp 07.12.06 at 10:25 PM in /web
What pulled my attention here is a couple papers on Setting Up Cisco Pix Firewalls
, but in browsing the rest of the site, all of these papers look very interesting.
by LonerVamp 07.12.06 at 10:49 PM in /general
Here is a list of Top 10 books as suggest by the Information Security magazine.
Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition
by William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin
This perimeter security text is perfect for serious security professionals. The authors have mastered the art of applying the theoretical to actual working applications; the result is pragmatic advice from some of the finest minds in the field.
Hacking Exposed, Fifth Edition
by Stuart McClure, Joel Scambray, George Kurtz
The original edition ushered in a new era of computer security publishing, offering unabashed, technically detailed and fully documented instructions on how to subvert the security of a multitude of systems. Although some scoff at the series, perhaps they just hate to see some of their secrets published.
by Bruce Schneier
Any book that the National Security Agency prefers to remain unpublished is bound to make great reading. Anyone doing serious work with cryptography needs a copy. With a comprehensive and excellent explanation of encryption of all kinds, this book is second to none.
by Bruce Schneier, Niels Ferguson
Schneier's sequel to Applied Cryptography will help you apply your newfound cryptographic skills successfully and securely. Think of them as volumes one and two of the same book.
Practical Unix & Internet Security
by Simson Garfinkel, Gene Spafford, Alan Schwartz
The authors deliver an excellent introduction to a wide variety of computer and network security issues within UNIX.
by Ross Anderson
This book details security design and implementation strategies employed in real-world systems. Although many publishers employ strategies attempting to inflate the page count (and price) of a book, this 600-page masterpiece could only result from the dedication of an extremely knowledgeable veteran of the field.
The Tao of Network Security Monitoring
by Richard Bejtlich
"Tao" means "The Way," and that's what this book is: the way to evolve IDS operations. The network security monitoring philosophy is both obvious and completely revolutionary.
The Art of Computer Virus Research and Defense
by Peter Szor
Szor's mastery of virus/antivirus technology is unparalleled, and this comprehensive tome is the definitive work on the subject. Although parts are inaccessible to all but experienced assembly language programmers, antivirus is such a critical technology that every professional should read this book, if only to understand the problem.
A Guide to Forensic Testimony
by Fred Chris Smith, Rebecca Gurley Bace
As security pros, we stand a higher-than-average chance of being called into court to testify about the results of our investigations. The authors do a good job of explaining the challenges associated with information security cases and how to give the best testimony possible.
by Brian McWilliams
This behind-the-scenes account of real-life spammers and spam fighters is a must-read for anyone trying to squelch junk e-mail. There's a freak show in here, but also a lot of good intelligence on the inner workings of the spam kings.
And Richard Bejtlich's Top 10
by LonerVamp 07.13.06 at 11:04 PM in /general
I was going to post a nice list of wireless certifications
and courses, but this site sums them up better than my list would do. Definitely took in all the ones I had unearthed and more.
by michael 07.14.06 at 7:33 PM in /general
Dan Morrill posted a list of his top 10 information security skills to have
. I really like this list, and it certainly gives me something to use as a benchmark than just what appears on my resume or certs I might hold. Considering Dan manages teams like this make him the best opinion out there, really.
by LonerVamp 07.20.06 at 6:27 PM in /general
by LonerVamp 07.22.06 at 12:05 AM in /general
Curious about a DNS server? Fingerprint it using fpdns
by LonerVamp 07.23.06 at 10:43 PM in /tools
This little trick
is not necessarily wireless-only, but awesome nonetheless. Using a proxy and some other tools, one can mess with http traffic to unwanted wireless guests such as turning all images upside-down, instead of just outright denying them access. Pretty cool and fun! Reminds me a lot of airpwn, only this would be a wired version using squid.
by michael 07.27.06 at 8:29 PM in /general
A nice presentation on wireless security
. Pretty nice detail on what is going on.
by michael 07.27.06 at 10:51 PM in /general
I have a ton of respect for Prolexic and what they offer to our world. But the spammers and botnets have waged a mini-war against Blue Security and anyone who seems to assist them. But instead of directly attacking Prolexic, a botnet was leveraged against upstream DNS servers for UltraDNS. Wow, just wow. This is the sort of cyberwarfare
that is coming or already here where masses of zombied computers are wielded. So far much of this has been individual hackers or groups with personal beefs, but much like phishing and virus attacks, I expect things like this to take a much more organized and sinister turn in the next 4 years.
by LonerVamp 07.27.06 at 11:17 PM in /general
Sometimes you just need to inject some "security awareness" points into your training program. "Protect Your Workplace
" posters from the federal government are an inexpensive and easy way to start.
And search this page for the security calendar.
by LonerVamp 07.29.06 at 9:30 AM in /general
This presentation on wireless injections
was given in June 2005 at RECON. Powerpoints without presentations tend to be pretty barren in terms of being able to get the just of what the speakers is trying to say, but might be ok to check out someday.
by michael 07.29.06 at 10:05 AM in /general
This article explains how to tunnel VNC traffic over SSH
to create a secure means to connect back to your home computer from anywhere. I've always wanted to do this and have yet to do it. Basically this is just about poking a hole in your home firewall, setting up an SSH server, and doing a port forware on that SSH server to the internal VNC-equipped system. Nothing rocket-science here, and the technique can be used for pretty much anything. We actually used a similar technique in my old job before we moved to a full VPN solution.
Want to run OpenSSH on a Windows
box? This fun tutorial goes through this (overly complex) process!
by LonerVamp 07.29.06 at 10:54 AM in /tools
It is interesting to see the trend of what is hot in security and networking and sysadminness. The turn of the millenium brought in virtualization, and a few years ago Metasploit broke onto the scene in a big way. Wireless and mobility have been amazingly hot in the last 6 years as well. And now that web apps are being developed by everyone, web app testing and security is catching up. In all of this, I thought it would be nice to keep track, for my own purposes, the hot topics at periodic times of the years just to see where things are moving and shaking.
1. web application / layer 7 security / fuzzing - driven by a huge focus in the past 8 months on MS Office vulnerabilities and browser exploits.
2. mobility - driven by laptops being used and lost in the field, prompting a huge number of disclosures of lost information that questionably should not have been outside the corporate/gov't environments anyway.
3. disclosure and identity theft - Just about everyone has been joining the disclosure bandwagon whether they like it or not, from the VA, Deloitte and Touche, and many universities (poor edu's will always have a tough open vs secure battle). This will only get worse and hopefully soon the media stops waving each one that happens.
5. botnets and ddos - Blue Security wanted to beat spammers by spamming them. Instead, Blue Security got DDoSed so hard, they are now out of business and have thrown in the towel. Botnets have been widely reported in the past couple years, but they still seem to grow and remain huge and potent.
4. wireless - wireless is just waiting to blow up, with hotspots getting more common and big companies with secret plans on widespread wireless for the masses. Since wireless is still hugely exploitable and fun to mess with, this is just waiting for a huge lashback and a huge outbreak in personal systems being exploited over wireless. Home users haven't been this vulnerable to being rooted since NAT was hardly used on broadband connections. This is an area that is also just waiting to explode with use and companies and wirespread access.
Mentions and tools: Metasploit is still hot and HD Moore is one of the biggest names in security right now; virtualization is still hot; Office and IE are getting hammered with exploits which is keeping Microsoft very busy; LiveCDs are all over the place now, joining the awesome Knoppix (BackTrack owns).
by LonerVamp 07.30.06 at 10:26 PM in /general
Every now and then I go on a stream-of-linkage romp through blogs and security sites. Check out a site, head to the links, start spidering out and repeat. Well, today I brushed through the Nomad Mobile Research Center
where I found a lot of 404 links to various people who were big in the security industry years ago. I then came across Rain Forest Puppy's site and memorandum
I've just finished reading The Cuckoo's Egg by Cliff Stoll. The book details some of the early hacking attempts in a very new network of computers and systems and open sharing of information back in the mid-to-late 1980s, a time when I was just discovering Atari and Nintendo and Arcade gaming. In looking at the landscape of the time, of computing, networking, and security itself, things have much changed...I mean, DRASTICALLY changed since then. And I can see how people take values from back then and futiley fight the good fight for years and years, even when the time of those networks and openness are gone. The openness and phreaking got replaced with coding and open source and free tools and grassroots hacking...and today, we have commercialization of security.
I read RFP's memo
on his site and realized that this is one of the things I look for in my web romps through security links and blogs and personal sites (sites made back before "blog" was even a thought); the people who have been here already and where they are now, sometimes the dusty relics of long-forgotten websites or stories of how people have moved on, grown up, lost faith, or become part of the commercialization. The Internet and computing are still changing so much, and security even more. In 5 years from now, I could be like them or perhaps just part of the commercialization. Either way, I feel that this sort of web-trotting into the lives of other security persons from the present and past gets back to where the real security happens (or happened), where the real culture of hacking and security lies...not in the Symantecs and Microsofts of the world, but rather in the continued traditions of Black Hat and Defcon and the smaller underground groups of hackers (although slightly less underground than 5-10 years ago).
To anyone that feels like RFP, I just have to say that that kinda just happens, especially when you have a youth-fueled culture in the midst of a brand new, rapidly changing frontier like the Internet and networking. Things change so rapidly, people grow up and out of their hacking 24/7 mindsets, get married, move on in life, and into more conservative affairs. This happens, but it does not take away from the grassroots, "pure" hacking and security that has come before and still happens now.
I will say it is interesting running over sites of people whose names I know as part of the hacker scene, but their sites are outdated. Sometimes you see a resume or a post about where they've gone or what they were doing when their site got dusty. Then I realize just how weird the net is. Some sites disappear in moments, others, stick around on servers for years, decades. Just sitting there, waiting, listening, maybe logins have long been since forgotten and the servers just whirr away diligently maintaining their uptime. I've seen this in the early gaming scenes in Quake where clan pages are still sitting in cyberspace, waiting for really nothing. Links, images break over time, and they look like those old rusting cars you can find in overgrown pastures...
Some site designs I liked (for future reference): jexe
. I would love a throwback design even if that throws back to a time before I was into computers, but there is something nearly romantic and appealing to the idea of a nighttime black world with the only light the soft greenish glow of a computer terminal illuminating the outline of a determined hacker...
by LonerVamp 07.30.06 at 11:02 PM in /terminal23