Come and Take It » Uncategorized

Schneier’s Five Questions

admin — Tue, 31 Jan 2012 01:30:20 +0000

I just read Bruce Schneier’s Beyond Fear. It was classic Schneier and by classic Schneier I mean very good and thought provoking. He sets forth a methology to analyze and evaluate security systems, technologies and practices. Below are the five questions that he set forth in the book which are the bassis for this methology. I find this books and his writing in general to be the best at helping to develop a security mindset.

Step1: What assets are you trying to protect?

Step2: What are the risks to the assets?

Step3: How well does the security solution mitigate those risks?

Step4: What other risks does the security solution cause?

Step5: What costs and trade-offs does the security solution impose?

Book Review: Kingpin, How one Hacker took over the Billion-Dollar Cybercrime Underground

admin — Sun, 05 Jun 2011 01:29:11 +0000

I enjoyed Kingpin. It gives real insight to credit card fraud and government “cyber” investigations. This case (the conviction of Max Vision) really symbolizes the movement of hacking prosecutions into a new realm. This new realm is really just plain old crime by other means.

Zero Day: A Novel

admin — Sun, 24 Apr 2011 17:19:20 +0000

Mark Russinovich is a windows Ninja and he has been for a long time. He is bona fide. This does not mean that he is necessarily able to write a good novel, develop characters, or articulate convincing scenarios about cyber-terrorism. Fortunately, he is able to do all three. Zero Day was fun to read, intense thriller. The technical side of the plot was great. No surprise here, but the larger plot was believable and more than a little scary. This was a good read for both quiet technical and not so technical readers.

The Cuckoo’s Egg

admin — Fri, 25 Mar 2011 04:37:25 +0000

When I saw that The Cuckoo’s Egg was on Richard Bejtich’s top ten Infosec books for 2010, I decided to give it a re-read. I had fond memories of the book and I was not disappointed. There are still some good security lessons to be learned from the book. It is a well presented story and a fun read.

http://taosecurity.blogspot.com/2010/12/best-book-bejtlich-read-in-2010.html

Information Leakage on Used Network Devices

admin — Mon, 04 Oct 2010 02:05:59 +0000

All devices need to be sanitized of information before disposed of. I recently acquired a 2950 switch for small project off of ebay.. As expected, the configs were still intact with a treasure trove of information. Yes a treasure trove. The switch was previously at a major corporation, there were two snmp RW strings and the enable password which was cracked in less than 30 seconds.

WinMD5Sum

admin — Fri, 27 Aug 2010 02:46:40 +0000

The latest entry to the Software Vault is a nice little windows program to compute and compare MD5 hashes. I have found myself in the past not checking the md5 hash on a file when I was on a windows box and I would have checked the hash if I was on a Linux box. This is just a nice little program to have.

http://www.nullriver.com/products/winmd5sum

Into the Cloud with Drop Box, Toodledo and Google Aps

admin — Sat, 23 Jan 2010 22:53:37 +0000

I have been exploring different methods of storing non work related docs, files and information in the cloud for easy access. I want to access from multiple locations and from a variety of devices. The best solution so far is google aps, toodledo and drop box. The new iphone app for Drop Box is great. For task management, I am trying Toodledo which is not fully baked but has a very usable iphone app. I have been more successful with it than google tasks or Outlook tasks.

Automated Backups for Beacon Endpoint Profiler

admin — Thu, 26 Nov 2009 16:42:52 +0000

The Great Bay Beacon Endpoint Profiler 2.1.8 has a number of options for backups. Backups are automatically run daily and manual backups can be run from the command line from the web based GUI. The files can be manually downloaded, but the backup files are not be automatically moved to a remote location. Below is a simple shell script that automatically backups the Profilier database and the cron job that schedules the shell script to run daily. The cron job entry is in bold.

$ cat bugs3.sh
time=`date +%Y%m%d_%H%M_%S`
pg_dump | gzip > /home/beacon/backups/beaconbackup-$time.gz

ftp -n -i -v < open XXX.XXX.XXX.XXX
user username password
put /home/beacon/backups/beaconbackup-$time.gz /usr/local/backup/Beacon/beaconbackup-$time.gz
EOD

$ cat bugs3.sh
time=`date +%Y%m%d_%H%M_%S`
pg_dump | gzip > /home/beacon/backups/beaconbackup-$time.gz

ftp -n -i -v < open 128.249.XXX.XXX
user appliance password
put /home/beacon/backups/beaconbackup-$time.gz /usr/local/backup/Beacon/beaconbackup-$time.gz
EOD

[beacon@Beacon ~]$ crontab -e
*iMAILTO=”"
# Check once a minute for stopped/dead components
*/1 * * * * cd /usr/beacon; /usr/beacon/beacon resurrect
# Perform working file clean up every hour
0 */1 * * * find /usr/beacon/pending -maxdepth 1 -type f -mmin +120 -delete;
0 */1 * * * find /usr/beacon/pending -name *.xml -mmin +120 -delete;
0 */1 * * * find /usr/beacon/working -name *.xml -mmin +120 -delete;
0 */1 * * * find /usr/beacon/working/cca -name *.dump -mmin +120 -delete;

# Perform ongoing maintain every two hours
0 */6 * * *                    /usr/beacon/sql/vacuum-switch.sh va-all
15,45 * * * *                  /usr/beacon/sql/vacuum-switch.sh 15min
1,30 * * * *                   /usr/beacon/sql/vacuum-switch.sh 30min
30 */2 * * *                   /usr/beacon/sql/vacuum-switch.sh history

# Perform daily DB backups
0 3 * * *       /usr/beacon/sql/db_backup.sh
0 4 * * *       /home/beacon/bugs3.sh
# For HA maintenance. No-op if not in HA mode
*/1 * * * *    /usr/beacon/sql/chk_status_master.sh

# For HA maintenance. No-op if not in HA mode
*/3 * * * * /usr/beacon/sql/check_slon.sh
1,31 * * * * /usr/beacon/sql/check_confirm.sh

This Week In Google Podcast

admin — Tue, 10 Nov 2009 04:31:27 +0000

Leo Laporte hosts a new podcast on Google and “cloud” related topics. Leo has two cohosts, Gina Trapani, lifehacker founder and Jeff Jarvis. It is a weekly podcast and has just completed its 15th week. The cast is always informative, entertaining and gives listeners insights to the Google’s radical yet sometimes quiet and not so quiet influences on the future of the net. Give the podcast a listen, you will not be disappointed.

http://twit.tv/twig