Elamb Cybersecurity

Category: Computer Security

  • How I got into Security

    Martin McKeay over at the Network Security Blog asks “How did you get into Security?”  That is a good question.  Its something that I’ve been asked and what I like to ask others in the business.

    Up until recently, I’ve done security my entire adult life very reluctantly.  I started off in the military as Security Policemen (now called security forces).  I was a security specialist and was groomed into law enforcement.  The description sounded like special forces.  And even though security forces do some pretty cool stuff its NOT usually doing anything even close to what combat controllers, pararescue, Force Recon, Navy Seals and Delta Force do.  Instead its like the Air Force version of infantry (when I was in we even trained with the Army infantry at Ft Dix).

    I had about five years learning every aspect of physical security.  I later “cross trained” into communications expecting to do some hardcore technical stuff.  And I did, but while I wanted Routers I got the help desk and later pure security (firewalls, IDS, C&A packages, COMSEC, EMSEC) a little of everything.  My experience in the military made it easier for me to pass the CISSP which covers a little of everything.

    These days I teach certification classes and do auditing, policies, consulting as well as certification and accreditations. 

  • Standard Desktop Configuration (SDC) everywhere

    For the last year I’ve been working on the DoD’s SDC implementation.  Standardizing ALL common use desktops is a very good idea for security.  But the problem I have with it, is that they are forcing SDC on mission systems as well.  They allow extension for some systems. 

    This is a problem because mission systems are NOT standard.  Each mission system is different with different requirements.  Also, common desktops are in giant homogenous networks that can keep up with the changes in SDC with relative ease with applications like SMS.  Mission system are often controlled by a different entity than host so they must be updated manually.

    So bottom line: SDC – great for desktops, VERY bad for many mission systems. 

    Now SDC will be pushed to ALL government systems.

  • Prevent Computer Viruses

    In the last three years or so I haven’t had a single computer virus on my main system unless I put it there on purpose.  I use a very simple method to prevent computer viruses and malware from ever getting on my system. 

    check it out here: http://elamb.org/hacked/how-to-prevent-computer-virus.htm

     

  • Information Security Gurus: Say Goodbye Mr. Network Geek

    “Information Security workers have found themselves caught up in this wave of change. Originally, it was an important and vital job to track down the current virus threats, manage the Service Packs in [Pick your Windows flavor here], install the few hotfixes needed and call it a day. The rest of our time was spent on the important matters – defining”

    The “wave of change” keeps me employed, but I must agree with Karn at Security-Guru.blogspot. There is a lot of times that I’m just playing “wack a mole” with security problems. The root of the problem needs to be taken care of.

    There is a movement of more proactive security instead of the old losing reactive security:


    – At Defcon Rick Wesson of Support Intelligence, LLC introduced a method of tracking botnets, and black listed malware server globally and in real-time.
    – Microsoft is heading up a proactive security project called Strider HoneyMonkey Exploit Detector. It is a kind of active honeypot that follows the links of malicious sites to find new exploits.

    read more | digg story

  • What is a Hacker?

    “A hacker is someone who thinks outside the box. It’s someone who discards conventional wisdom, and does something else instead. It’s someone who looks at the edge and wonders what’s beyond. It’s someone who sees a set of rules and wonders what happens if you don’t follow them. A hacker is someone who experiments with the limitations of systems for intellectual curiosity.”
    The above is a quote from crypto living legend Bruce Shneier’s book, Beyond Fear.  This is exactly how I feel about hacking.  Hacking is a major asset to Information System Security… if fact is THEE only real asset.  I’ve had arguements with some of my peers about this.  Information Security Pro vs. Hacker.  If the typical information system security pro doesn’t get smart on hacking (security/programming) techniques, security will continue to be a losing battle.  Cyber criminals have no problem learning the latest exploits, they have no boundaries and this gives them a “superpower” against security professionals.  Some Information security professionals, on the otherhand, restrict themselves by categorizing hacking as bad.  They see it as unethical and not responsible. 

    It is unethical and not responsible to NOT know hacking techniques that might exploit a customers system.

    Thanks for the post Bruce.  I hope you will make another appearance at the Defcon. 
    read more | digg story

  • Security Forums Directory

    Easily locate forums and newsgroups related to security. Why isn’t elamb.org on there? Oh, well.

    read more | digg story

  • Former Pentester of FBI, hacks the FBI

    This case is not the same as the Department of Veteran Affairs loss of records or the Department of Agricultures security failures.  In this case, a contracting consultant conducted a penetration test with out getting formal approval.  He expoited the FBI's vulnerabilities to gain elevated privledges.

    Joseph Thomas Colon, 28, is a former employee of BAE Systems.  His pentest allowed him to obtain the passwords of 38,000 employees, including that of FBI Director Robert S. Mueller III.  According to Colon, the FBI field office in Springfield, Ill., he was attached to gave him approval.

    However, every professional pentester and/or ethical hackers knows that you have to get formal approval from an authority. 

    Colon's lawyer said in a court filing that his client was hired to work on the FBI's “Trilogy” computer system but became frustrated over “bureaucratic” obstacles, such as obtaining written authorization from the FBI's Washington headquarters for “routine” matters such as adding a printer or moving a new computer onto the system. 

    As a result, Mr. Colon will likely serve about 18 months in prison. :(…

    Pentesting and ethical hacking tools and techniques must be dealt with responsibly.  The bureacracies that might allow pentesting must be respected at all costs.  The first thing in Pentesting and ethical hacking that is taught is to ALWAYs, ALWAYS, ALWAYS get writen consent to procede from the owners of the system.

     

  • Delete Search Results: Cover your tracks

    Ever search for something questionable on someone else system and go into a hyperventilation panic when you notice that their computer is retaining the keywords you typed into their search engine?  

     

    You typed in “boobies” on your mom's computer and now the word pops up everytime you type a “B”!!

     

    Perhaps it was your spouses system and your were searching for evidence of pornography.

    Maybe it was your kids computer and you want to make sure they are o.k. mentally.

    Maybe your Internet connection has been down for a while and you’ve had to use your friends system or a public system.

    Whatever the case maybe it is none of my business.  And you don’t want it to be the business of the other who will use the system after you.

     

    Here are two simple techniques to get rid of those bad keywords.

     

    For Window XP “Recently Opened Documents”:

    To delete “my Recent Documents”

    Right – Click on the “Start” button

    Select “Properties”

    On the Start Menu Tab, Select “Customize”

    Select the “Advance Tab”

    Select the “Clear List” button at the bottom.  Don’t worry, it will NOT delete the files.  (Deselect the checkbox if you don’t want the system to track previously opened files)

     

     

    For Windows XP, Internet Explorer:

    In IE, Select “Tools”

    Go to “Internet Option” at the bottom of the Tools list

    Under Temporary Internet Files select “Delete Cookies” and “Delete Files”

    To delete the history of the websites you searched select “Clear History”

  • 18 Days of Reckless Computing

    Someone over at wired gives tests his new Dell to see how many viruses and how much malware it takes to get the Geek Squad to call it a total loss.

    read more | digg story

  • 10 Security Suite Reviews : Who's Got Your Back

    All-in-One Security

    Suites of antivirus, antispyware, and firewall software can provide convenient, solid protection against today's worst threats. Our tests of ten contenders show who's got your back.

    read more | digg story