rain forest puppy

Every now and then I go on a stream-of-linkage romp through blogs and security sites. Check out a site, head to the links, start spidering out and repeat. Well, today I brushed through the Nomad Mobile Research Center where I found a lot of 404 links to various people who were big in the security industry years ago. I then came across Rain Forest Puppy’s site and memorandum.

I’ve just finished reading The Cuckoo’s Egg by Cliff Stoll. The book details some of the early hacking attempts in a very new network of computers and systems and open sharing of information back in the mid-to-late 1980s, a time when I was just discovering Atari and Nintendo and Arcade gaming. In looking at the landscape of the time, of computing, networking, and security itself, things have much changed…I mean, DRASTICALLY changed since then. And I can see how people take values from back then and futiley fight the good fight for years and years, even when the time of those networks and openness are gone. The openness and phreaking got replaced with coding and open source and free tools and grassroots hacking…and today, we have commercialization of security.

I read RFP’s memo on his site and realized that this is one of the things I look for in my web romps through security links and blogs and personal sites (sites made back before “blog” was even a thought); the people who have been here already and where they are now, sometimes the dusty relics of long-forgotten websites or stories of how people have moved on, grown up, lost faith, or become part of the commercialization. The Internet and computing are still changing so much, and security even more. In 5 years from now, I could be like them or perhaps just part of the commercialization. Either way, I feel that this sort of web-trotting into the lives of other security persons from the present and past gets back to where the real security happens (or happened), where the real culture of hacking and security lies…not in the Symantecs and Microsofts of the world, but rather in the continued traditions of Black Hat and Defcon and the smaller underground groups of hackers (although slightly less underground than 5-10 years ago).

To anyone that feels like RFP, I just have to say that that kinda just happens, especially when you have a youth-fueled culture in the midst of a brand new, rapidly changing frontier like the Internet and networking. Things change so rapidly, people grow up and out of their hacking 24/7 mindsets, get married, move on in life, and into more conservative affairs. This happens, but it does not take away from the grassroots, “pure” hacking and security that has come before and still happens now.

I will say it is interesting running over sites of people whose names I know as part of the hacker scene, but their sites are outdated. Sometimes you see a resume or a post about where they’ve gone or what they were doing when their site got dusty. Then I realize just how weird the net is. Some sites disappear in moments, others, stick around on servers for years, decades. Just sitting there, waiting, listening, maybe logins have long been since forgotten and the servers just whirr away diligently maintaining their uptime. I’ve seen this in the early gaming scenes in Quake where clan pages are still sitting in cyberspace, waiting for really nothing. Links, images break over time, and they look like those old rusting cars you can find in overgrown pastures…

Some site designs I liked (for future reference): jexe and guninski. I would love a throwback design even if that throws back to a time before I was into computers, but there is something nearly romantic and appealing to the idea of a nighttime black world with the only light the soft greenish glow of a computer terminal illuminating the outline of a determined hacker…

the noc water cooler topics

It is interesting to see the trend of what is hot in security and networking and sysadminness. The turn of the millenium brought in virtualization, and a few years ago Metasploit broke onto the scene in a big way. Wireless and mobility have been amazingly hot in the last 6 years as well. And now that web apps are being developed by everyone, web app testing and security is catching up. In all of this, I thought it would be nice to keep track, for my own purposes, the hot topics at periodic times of the years just to see where things are moving and shaking.

1. web application / layer 7 security / fuzzing – driven by a huge focus in the past 8 months on MS Office vulnerabilities and browser exploits.

2. mobility – driven by laptops being used and lost in the field, prompting a huge number of disclosures of lost information that questionably should not have been outside the corporate/gov’t environments anyway.

3. disclosure and identity theft – Just about everyone has been joining the disclosure bandwagon whether they like it or not, from the VA, Deloitte and Touche, and many universities (poor edu’s will always have a tough open vs secure battle). This will only get worse and hopefully soon the media stops waving each one that happens.

5. botnets and ddos – Blue Security wanted to beat spammers by spamming them. Instead, Blue Security got DDoSed so hard, they are now out of business and have thrown in the towel. Botnets have been widely reported in the past couple years, but they still seem to grow and remain huge and potent.

4. wireless – wireless is just waiting to blow up, with hotspots getting more common and big companies with secret plans on widespread wireless for the masses. Since wireless is still hugely exploitable and fun to mess with, this is just waiting for a huge lashback and a huge outbreak in personal systems being exploited over wireless. Home users haven’t been this vulnerable to being rooted since NAT was hardly used on broadband connections. This is an area that is also just waiting to explode with use and companies and wirespread access.

Mentions and tools: Metasploit is still hot and HD Moore is one of the biggest names in security right now; virtualization is still hot; Office and IE are getting hammered with exploits which is keeping Microsoft very busy; LiveCDs are all over the place now, joining the awesome Knoppix (BackTrack owns).

tunnel vnc over ssh

This article explains how to tunnel VNC traffic over SSH to create a secure means to connect back to your home computer from anywhere. I’ve always wanted to do this and have yet to do it. Basically this is just about poking a hole in your home firewall, setting up an SSH server, and doing a port forware on that SSH server to the internal VNC-equipped system. Nothing rocket-science here, and the technique can be used for pretty much anything. We actually used a similar technique in my old job before we moved to a full VPN solution.

Want to run OpenSSH on a Windows box? This fun tutorial goes through this (overly complex) process!

blue security and prolexic knocked off by upstream attack

I have a ton of respect for Prolexic and what they offer to our world. But the spammers and botnets have waged a mini-war against Blue Security and anyone who seems to assist them. But instead of directly attacking Prolexic, a botnet was leveraged against upstream DNS servers for UltraDNS. Wow, just wow. This is the sort of cyberwarfare that is coming or already here where masses of zombied computers are wielded. So far much of this has been individual hackers or groups with personal beefs, but much like phishing and virus attacks, I expect things like this to take a much more organized and sinister turn in the next 4 years.


This little trick is not necessarily wireless-only, but awesome nonetheless. Using a proxy and some other tools, one can mess with http traffic to unwanted wireless guests such as turning all images upside-down, instead of just outright denying them access. Pretty cool and fun! Reminds me a lot of airpwn, only this would be a wired version using squid.

10 books from information security and 10 from richard bejtlich

Here is a list of Top 10 books as suggest by the Information Security magazine.

Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition by William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin
This perimeter security text is perfect for serious security professionals. The authors have mastered the art of applying the theoretical to actual working applications; the result is pragmatic advice from some of the finest minds in the field.

Hacking Exposed, Fifth Edition by Stuart McClure, Joel Scambray, George Kurtz
The original edition ushered in a new era of computer security publishing, offering unabashed, technically detailed and fully documented instructions on how to subvert the security of a multitude of systems. Although some scoff at the series, perhaps they just hate to see some of their secrets published.

Applied Cryptography by Bruce Schneier
Any book that the National Security Agency prefers to remain unpublished is bound to make great reading. Anyone doing serious work with cryptography needs a copy. With a comprehensive and excellent explanation of encryption of all kinds, this book is second to none.

Practical Cryptography by Bruce Schneier, Niels Ferguson
Schneier’s sequel to Applied Cryptography will help you apply your newfound cryptographic skills successfully and securely. Think of them as volumes one and two of the same book.

Practical Unix & Internet Security by Simson Garfinkel, Gene Spafford, Alan Schwartz
The authors deliver an excellent introduction to a wide variety of computer and network security issues within UNIX.

Security Engineering by Ross Anderson
This book details security design and implementation strategies employed in real-world systems. Although many publishers employ strategies attempting to inflate the page count (and price) of a book, this 600-page masterpiece could only result from the dedication of an extremely knowledgeable veteran of the field.

The Tao of Network Security Monitoring by Richard Bejtlich
“Tao” means “The Way,” and that’s what this book is: the way to evolve IDS operations. The network security monitoring philosophy is both obvious and completely revolutionary.

The Art of Computer Virus Research and Defense by Peter Szor
Szor’s mastery of virus/antivirus technology is unparalleled, and this comprehensive tome is the definitive work on the subject. Although parts are inaccessible to all but experienced assembly language programmers, antivirus is such a critical technology that every professional should read this book, if only to understand the problem.

A Guide to Forensic Testimony by Fred Chris Smith, Rebecca Gurley Bace
As security pros, we stand a higher-than-average chance of being called into court to testify about the results of our investigations. The authors do a good job of explaining the challenges associated with information security cases and how to give the best testimony possible.

Spam Kings by Brian McWilliams
This behind-the-scenes account of real-life spammers and spam fighters is a must-read for anyone trying to squelch junk e-mail. There’s a freak show in here, but also a lot of good intelligence on the inner workings of the spam kings.

And Richard Bejtlich’s Top 10.