I remember when I was a child (no comments from the peanut gallery), my parents were into Citizen Band (CB) radios. They performed a number of modifications to their equipment that were questionable, if not downright illegal. The upshot of these modifications was that they were able to play with radio ‘skip’ and communicate with other CB’ers all over the world. They kept a world map on a cork board, and every time they talked to someone in a new country or continent, they would place a pushpin on the map to show where they’d ‘been’.
I think I want to start something similar, but rather than mark the connections to other geeks, I want to start tracking the source of intrusion attempts against the networks I safeguard. Not all of them, just the attempts that are important enough to research and track. So far, in the last month I’ve had several fairly major attempts from hosts in countries like Germany, South Korea and Iran. Not to say that this is the origin of the actual hacker, but this is where the attacks are coming from.
Anyone know a program that would allow me to post a map online and then put virtual pushpins on it? This may be a fun project for some free time. Not that I have any of that.
I know a lot of people out there did. I forget where I read it, but apparently this influx of new computers on the Internet causes a nasty little spike of virus and hacking activity every year. I’ve already seen some indication that this may be true on my home IDS, as well as the one at work. In both cases, it seems to be a slight increase in malicious traffic. Of course, it might just be my imagination. I’m too tired to actually figure out the statistics.
If you were on of the lucky ones who, unlike me, got a new computer, do me a favor and read my little blog on Security Primer for the Non-technical. Take a few minutes to figure out how to patch your system. Install an anti-virus program if your computer didn’t come with one (AVG by GRI Soft is a good, FREE, choice for anti-virus). If you have DSL or Cable, use a router with a built in firewall, or at least get a personal firewall. It doesn’t take much to become reasonably safe on the Internet, but you do have to make the decision to do it.
I wanted a new computer for X-mas. The bad part is that I have absolutely no need for a new one, since the current mass of computers in my office more than meet my needs. That doesn’t stop me from wanting. The inner geek in me is wailing for new hardware. The outer geek is just whimpering a little.
Enough rambling for today. Hope you had a good Christmas.
I’m always have to be cautious about what I put on this site. I know at least one of my co-workers read the site from time to time, and I don’t want to disclose any secrets of the internal workings of the business I work for. On the other hand, I want to let others know about some of the trials and tribulations I have to go through on a daily basis, so they can take heed of my mistakes. I’m sure that someone will let me know when I step over the line.
The last two days have been very exciting at work, and not in a positive way. You would think that, by now, every server in the corporation would be patched (with the major ones, at least), have anti-virus, and be properly managed. But that is obviously too much to ask. On Thursday afternoon, I came back from lunch to find that we had an infestation of the Nachi worm. It turns out that a host that had become infected several months ago had been unplugged and placed in a closet. When it was brought out Thursday morning, the infection began.
Continue Reading »
I recently read an article that stated over half of all blogs are created, edited and updated only once. That is, the owner takes the time and energy to create the blog, and then never goes back to it again. Kind of reminds me of the email account I set up for my wife.
I have set a personal goal to post to this blog at least once a week, even if it is only to say that I have nothing to say. I hadn’t posted in several weeks, and one theory is that I’ve just been too busy. A more accurate theory would be that I’m too burnt out. I love security, the challenges and puzzles offered by the job, but sometimes the people aspect of the job gets to me. I don’t do politics well, and I have come to realize more and more that the security profession is built on politics. I guess I’ll have to treat the political manuevering as another technology to learn. Internal politics can’t be any more buggy than most Microsoft products.
Speaking of jobs, I’m looking for a new one. For various reason’s I have decided that its time to move on from my current position as a contractor. In several days I will have completed two years on my current contract. Its time for me to find a more permanent position with a company. I have several copies of my resume out already, but if anyone has a great position with my name on it, please contact me!
So, that’s it for now. Next week I think I’ll write a rant on security policies. “Write security policies for the real world, stoopid!”