Posted June 21st, 2007 by
rybolov
I’m once again the pusher for the ISM-Community Risk Assessment Methodology and I’m looking for a few good geeks.
I figured I would send out the call here, too, since if I don’t advertise enough for volunteers, the whole thing falls on my shoulders. =)
Similar Posts:
Posted in ISM-Community, Risk Management, What Works | No Comments »
Posted June 21st, 2007 by
rybolov
Ah, DISA, gotta love it. They give me periodic spam–not as bad as it sounds. =)
This time, I got one that immediately perked my interest:
“DISA FSO is releasing the Best Security Practice Checklist. This checklist was developed to assist during the procurement process for managed services acquisitions. “
What’s interesting to me is that it’s mostly based on web applications service providers. I don’t think most of it applies to what my guys do, or we’re doing something along a different scope.
Similar Posts:
Posted in DISA, Outsourcing | No Comments »
Posted June 20th, 2007 by
rybolov
While I was in the “giant kitty-litter box” some years ago, our base was 200 miles from anything. Our link to the outside world was a satellite Internet connection through a company in Dubai. We had a small 10-station computer lab with about as many VoIP phones behind a Linux firewall doing NAT.
Because everything was running on generators, and Joe the Infantryman couldn’t remember to fill the generators with fuel, our base had very unstable power. We would have an outage every day at around 2:00 in the afternoon. The power situation and the sand caused the power supplies of the computers to die fairly quickly.
Then one day, a bad thing happened. The linux firewall lost the boot drive during a power failure and didn’t come back up. It went to the maintenance shell which, of course, requires you to log in with the root password. This is when people came and asked me to fix it.
All the firewall needed was a fsck, but I was out of luck–no password. I ripped open the case and booted off a CD but the drive wouldn’t take a fsck. I eventually ended up turning the firewall into a debian box. Using ethereal, I sniffed out a gateway and unused IP address, then I called the company who owned the equipment. We had a nice conversation about how it would take them a month to send out a tech to fix or replace the firewall, so in the mean time, I owned it.
Now the funny thing is that everything is slow when you don’t have the tools available. I had to take one of the workstations and rip out a CD drive to put one in the firewall. I had to sniff out a network connection just so I could download a bootable .iso. These are all fairly small, but they take time.
I think the whole time to get us up and running was about 12 hours. Definitely not the quickest job I’ve done. But at least our guys could call home.
Now the reason that I’m bringing this is is because I’m looking at the movies from Hack In the Box 2006 and there is one about hacking satellites: Hacking a Bird in the Sky – Hijacking VSAT Connections by Jim Geovedi and Raditya Iryandi. These guys used some of the same techniques that I did.
Similar Posts:
Posted in Army, Hack the Planet, Technical | 2 Comments »
Posted June 20th, 2007 by
rybolov
Yes, this is a simple gag advertisement for zombie alarms. But check out the FUD job that they are pulling. Some security vendor needs to buy up these guys and get the product included in PCI before the merchants revolt. =)
Similar Posts:
Posted in Zombies | 3 Comments »
Posted June 19th, 2007 by
rybolov
About 6 months ago, I had a fantastic run-in with the cleaning crew in my building. I was doing an early-morning data center visit to see what kind of activity was going on. While I was going through the mantrap, the cleaning crew was coming out. Some immediate observations:
- What are they doing unescorted in the data center?
- Who let them in?
- Holy Cr*p, they have a mop bucket full of water!!!!!11111oneoneone
Whenever I deal with the cleaning crew, I always feel linguistically-challenged. If they spoke Russian, then we could deal, but I am blissfully ignorant when it comes to Spanish (see, I have a mild chink in my armor =) ).
Anyway, I tried to explain to them that the electricity runs under the floor and how it’s just not safe for them to be mopping the floor with a wet mop, but the language barrier killed it. In the end, I gave up and told their supervisor just that they shouldn’t go in the data center.
Then I tracked down the guy who let them in unescorted. Some choice words were exchanged, I’ll leave it at that. =)
Similar Posts:
Posted in The Guerilla CISO | 4 Comments »
Posted June 18th, 2007 by
rybolov
We used to call it “shelfware”–the documents that people write once and throw up on a shelf where nobody touches it until the next audit.
I humbly propose a new linguistic creation: “Liarware”. This is the documentation that has no grounding in reality because it was written by people who were paid to create documentation to check a box that the document exists.
Similar Posts:
Posted in Rants | 7 Comments »