Moving & Technology

So something I hadn’t thought about when moving until today was the lack of technology. Of course I’ll still have my phone but I’m moving on Saturday and I will be without internet for a week at my house. I will obviously live but it got me thinking. A lot of us rely on technology to do our day-to-day tasks like pay bills, chat with friends, look up directions, or just find a good restaurant. Many of these tasks have been transferred to our phone but there are things that are just easier when you have a keyboard.

Typing this blog entry would have taken forever on a phone, or I could let google/siri/whathaveyou try to translate my speech. Either way it is much easier to type out my thoughts and surf on a cable connection than a phone connection.

All in all it’s not the end of the world. I’ll be back online on Saturday the 22nd, and the blog will be down for a week. No big deal.

Posted in General IT, Non-Infosec, Personal | Comments Off

Sexism isn’t just in infosec

For a while now, people in my industry have been talking about sexism in infosec, and rightly so. Sexism exists in a lot of the world and it’s wrong no matter the location or profession. I started to think about how prevalent it is and I wanted to get some other opinions from women who worked in or dealt with other male dominated fields. I decided to talk with my sister who is a manager for a big-box home improvement store, as well as one of my friends I’ve known for about 20 years who has previously worked in law enforcement, volunteers as a firefighter/EMT, and works as a dispatcher for both.

I gave them the same three questions and asked for their honest opinion of what they see on a daily basis. Here’s what they said:

1) Do you feel that your opinions and contributions hold less weight in your industry or that you’re cast-off or slighted because you’re female?

  • Sister: Every day I see customers walk by a female associate who knows more than the male associate to ask a question only to see the male associate turn to the female associate to find out the answer for them.
  • Friend: While my industry is predominately female, I work closely with a predominately male profession.  I do feel that many of those on the male-dominated side tend to brush off the contributions the female-dominated side provides them.   While at my volunteer position, I feel brushed off frequently because of my gender.

2) Do you think you’ve been passed over for promotions/raises/accolades, etc. solely based on the fact that you’re a female?

  • Sister: No, my management (male & female) pushes me to do more because I care about doing a good job.
  • Friend: In my profession, no.  In my volunteer position, yes.

3) Do you feel that those you work with/for or those you serve harass or flirt with you because they feel that because you’re a female that they can, or feel that they can get you to do something for them?

  • Sister: No, I feel that because they are trying to flirt with me, I can shut them down completely and walk away. It may be diff in technology because there is no immediate cost to the customer.
  • Friend: I am fortunate that I work and volunteer with a group of people that treat me with respect, and that when there is harassment or flirtation it is all in good fun.  I previously worked under a supervisor who treated me as if I were incompetent because I was female. He would send my male co-workers to check up on me and make sure I was doing the job right.  He treated me as if I were his secretary rather than his team member, and I eventually refused to work under him.

While this may not be a norm or even a majority in all professions, there still exists a bias towards male opinions and contributions in many societies and we need to keep talking about it. This post was not meant to downplay the sexism in infosec, rather I want to broaden the discussion and make it more about how we treat the women in our society. They are intelligent and hardworking and deserve our respect. Don’t down play what they offer and they may just teach you something new.

Posted in Uncategorized | Comments Off

First working python code!

OK, so I decided I would write a temp converter for my first python program. It took me a few tries but it’s running now. It’s probably not the best way to code it, and I don’t have error handling in it but it runs!

Next steps:

  • Throw in an if statement for anything below absolute zero to return a message and exit
  • Return comment in response to an if statement for appropriate clothing to wear at the temperature entered
  • Error handling

If you have ideas of easy things to code for me to practice please let me know. I’ve already got one idea of a countdown to a specific day for a former coworker’s retirement so I may work on that this weekend too.

Code: http://pastebin.com/ZAtqqbab

Posted in General IT, Learning, Non-Infosec | Comments Off

Dublin potential

So I may be heading to Dublin again next year for SourceConference Dublin in May. Any ideas for me on what to do if I stay a few extra days this time? I’ve listed what I’ve already done below so new ideas within walking distance (or short cab) from Jury’s Inn on Custom House Quay would be great!

  • Guinness storehouse tour (normal & connoisseur tour)
  • Kilmainham Gaol
  • Jameson whiskey tour
  • Hop-On-Hop-Off City bus tour
  • Temple Bar mini-bar-crawl (Palace Bar, Temple Bar)
  • Trinity College / Book of Kells
  • Cabaret evening
  • Walk down Grafton Street
  • New tattoo (plan on doing this again when I decide on a design)

I’ve heard that I should wander around more in Temple Bar, and a couple Google searches have told me to try Kehoe’s for a “local bar” atmosphere but I think I’ll rely on my friend Andrew McKenna for that part of the trip. The music he lead me to last time was amazing.

Good food is a must so tell me where you found some amazing seafood or Irish cuisine.

Comment below and let me know what to try!

Posted in Ireland, Personal | Comments Off

First lesson in learning python

So I thought it would be a good idea to put my money where my mouth is on learning. With my new position one of the things we need to be able to do is pull data from the tool we use via their API. I was told that an easier way to do this is with the python language and I had already been wanting to learn it so it seemed like an easy fit. The only issue is that I’ve never been a “coder” so I was hoping this would be a good start down that path.

I enrolled at Coursera in their python class and started watching the tutorials. This went great right up until I got to week 1′s mini project. The project was to write a program that would use a pre-set list of choices to play against the computer in RPSLS or Rock, Paper, Scissors, Lizard, Spock. It’s a variation on the game so there are less ways to tie.

I’ll save you the frustration that I went through for about 2 hours and say that my lesson learned by this was that I, like many people, need to stop the “instant gratification” requirement in my life. I was wanting to do incremental steps to see progress from my work without looking at the overall picture. This caused me to get data that I wasn’t expecting (all zeros instead of 0-5), and frustrated me a lot. What I wasn’t realizing was that one function had to provide data to the next to get the correct response. Going forward I’ll have a better idea of what to look for when I’m getting data but not the data I’m looking for when troubleshooting.

Posted in Uncategorized | Comments Off

How to focus on learning

So it seems that since my move life has been a bit of a blur. I’ve had to figure out where things are in the area, what vet to go to, get my license & plates changed over, and not the least of all, make sure all the bills get paid on time from the old house or the new apartment. While stressful, none of this is work related. I’ve been struggling to get time to sit down and learn new things like python scripting to plug into the API for the tool we use, or even get better with Linux to broaden my technical skills.

I even have an idea kicking around in my head for a talk the about the information security field and our constant thirst for knowledge but I haven’t had time to sit down and flesh it out. While some of you may be saying “yep, that’s life”, I wonder about those who struggle with time management and how they can continue to learn. When you have a long commute, or take care of a loved one (child or senior) in your off time, how do you manage to stay on top of things and remain relevant? Do you mainline espresso and forego sleep? Read articles when you’re on the train? Give up hobbies you loved in the past to keep up in the industry?

If you could leave a note and let me know what tips or tricks you can impart I’ll make them part of the talk I’m putting together regarding Infosec knowledge sharing.

Posted in Learning, Personal, Security | Comments Off

Greetings from Michigan

Sorry for the long delay between posts. Life has been a little up in the air lately. I am now living near Detroit, Michigan working for VioPoint as a Senior Security Consultant. I had always said I didn’t want to be a consultant because of the travel required but this job seems to fit the requirements of “less travel”. I haven’t had to travel at all yet thankfully so we shall see if that continues.

The team I’m working with is awesome and many of you know them. @ZombieTango, @Dthom, @B31tf4c3, and @JimmyVo are all here and we’re headed up by @jwgoerlich. I’m slowly getting myself settled in my new apartment, house was sold in short order and the only problems I’ve had are with crapcast, so all-in-all it’s been a decent transition. I will be posting periodic work-related blogs on the VioPoint blog at http://www.viopoint.com/blog/. You can catch my first one there regarding auditing automation, and look for new ones coming later. As for this personal blog I just got it back up and running so I will assume that I will be posting more in the coming weeks/months. Keep checking here or Twitter to see if I can keep that up.

Until then I’ll be taking in the fall colors in Michigan and trying to learn as much as I can about the consulting gig.

Posted in Personal, Security | Comments Off

What to do at Source Conference Dublin?

So I’ve been thinking of what I should do the three “tourist” days I have in Dublin. I land late morning on Tuesday the 21st, so I have the rest of that day, Wednesday, and Saturday to wander. This is in addition to the evenings of Thursday and Friday after the conference.

There are a few things I’ve had the opportunity to see while I was there the other two times including the Kilmainham Gaol, Trinity College & Book of Kells, The grounds outside the Royal Hospital Kilmainham, Guinness Storehouse, and the Garden of Remembrance.

While these are some amazing things to experience, I’m hoping to find some more to add to the list. The previous two tours took a city tour but it was very rushed and I didn’t get to see what I wanted to. I’ve got a few things that I don’t want to miss while being over there this time. If you feel I’m missing some, please let me know!

I’ll be staying at one of the Jury’s Inn’s near the conference so if you are in the city or near there, let’s hang out and talk! I can’t wait for this trip!

Posted in Ireland, Personal | 1 Comment

THOTCon & Bsides Chicago

Well I’ve had a few days to recover from the awesomeness that is the Chicago Con Weekend. This year I was able to ride/stay with a friend from GrrCon who was attending with some coworkers, meaning the base for operations was in the city. This proved to be good for location but only average for room quality.

Friday morning we headed to THOTCon for networking, beer, food, talks, and just all-around awesomeness. Although I didn’t see all the talks I wanted, or the people I wanted to meet, I was able to catch the keynote, Ben Ten’s “Creating A Powerful User Defense Against Attackers”, James Arlen’s “The Message and The Messenger”, Cyberwar” with Josh Corman & Jericho, PhreakingGeek’s “Y U No Sanitize bro?” and David Schwartzberg’s “Fun with Exploit Kits for Tech Support”. You can find the information (but no recordings) at www.thotcon.org

Most of the talks I was able to see were good (the ones that weren’t don’t read my blog anyway). The information presented was relevant, and the speakers held their own on stage. James’ talk about presenting will help when I speak at GrrCon later this year, but I think the Cyberwar talk was by far my favorite. So much information was condensed into an hour talk it was hard to take it all in. What I did like was the discussion about the audience being a “cyber militia”. You do have to wonder if we all had to “fight” online, how many casualties would there be?

Saturday morning had us on the way to Bsides Chicago. This was set to be my first CTF experience and I wasn’t sure what to expect. I brought pretty much every piece of electronics I own with me and the weight of it tore my backpack. Learning how a CTF works and banging my head against the wall for most of the day was ironic when Nicolle Neulist’s talk about how to start with a CTF was at the end of the day :-)

The CTF itself was not only brain-draining but a lot of fun! The challenges were set out in groups based on easy/hard/etc. When you get so close to solving one without knowing exactly what they are looking for, it can be frustrating, but seeing the points go up on the board makes it worth it. I was able to capture 8 flags total in what I feel was a respectable showing for a first-timer!

The THOTCon after-party was in downtown and had good food and drinks as well as DualCore on the mic for a short period. More people were met, more hands shaken, and more networking all the people!

All-in-all it was a great weekend and I’m glad I was able to see/make friends and most importantly learn a lot! Looking forward to Source Conference Dublin in a few weeks so I will see some of you again soon!

Posted in General IT, Learning, Security | 1 Comment

DLP and Business Needs

Well it’s been a while and I wanted to write an entry about something that I’ve been dealing with lately. Data Leak Prevention or DLP.

Most non-IT people know about DLP only when the IT organization contacts them to let them know they did something they shouldn’t have. For those of us that have to deal with the policies, the alerts, and sending those notices, it can be more complicated. You start with crafting the policies based on corporate standards, other organization requests, and maybe some good ideas. The alerts start coming through, and you take action where appropriate.

The issues start to happen when something triggers an alert-only policy and you notify the appropriate group, and they ask “well why was this not blocked?”. You begin to describe what policies monitor items versus the ones that block. You try to explain that you can’t block everything, the business still needs to get work done! An example of this is where you block a Word document from being sent from the company. Someone takes that document, scans it to create a .tif file and sends that out. The other organizations that don’t understand the technology will expect that file to be blocked as well…”Well it’s the same document!” Other issues can arise if someone is authorized to use USB devices, but you’re expected to block them from taking specific data that you’re notified about after the fact.

Like other security solutions, the promise of “Data Leak Prevention” is not perfect. The business expects DLP to work flawlessly and as those of us in the infosec community know, there is always a way around any restriction. Implementing DLP requires someone who understands the business needs to set up the policies and tweak them as appropriate. It also requires someone to monitor the alerts and either send a notification, escalate as appropriate, or update policies to catch something that was not getting the visibility it should. What can be the most difficult is trying to translate this process to business customers who tell us what they want to see or know about.

Has anyone had any success explaining the nuances of DLP software to the business? If so please note and share some suggestions.

Posted in General IT, Security | Comments Off