t my new job some of the things I need to do is network mapping and interface mapping so we can figure out where potential risk lies within the network. I have been looking for a framework in Ruby that can help me programatically map a network. I thought I found what I need in Scruby. However, it seems like Scruby is not in development anymore and is really just a proof of concept of Scapy. Recently I saw a post by Chris Gates on the Carnal0wnage blog about exactly what I need. I have also been trying to diversify when it comes to my programming languages and python is first on my list. So I decided to give Scapy a shot. The out of the box network visualization tools in Scapy are amazing (if you get all of the correct dependencies installed). You have multiple choices when it comes to outputs. I don't think I have even begun to scratch the surface of the visualization capabilities of Scapy.
Thursday, July 29, 2010
Learning Python via Scapy
Wednesday, July 21, 2010
Sam loves swimming and ribs
Smiling for the camera.
Sunday, June 20, 2010
It’s time for the Security Industry to grow up
It’s time for the Security Industry to grow up. Most of us have been drawn to the security industry because of the fun things we get to do. We like finding problems with security controls and love being paid to break into systems and networks. However, as much fun as those things are information security has become a very important part of businesses and industry. As more and more businesses digitize their business information and assets the more important information security becomes. Whether we like it or not information security is quickly becoming a critical part of the business process.
In that light it is important for us as information security practitioners to learn more about business processes. I know that it feels great to get a shell on a box. However, that shell might not be attacking a critical business process and therefore is a potential waste of effort. By understanding the underling business processes of the company you are testing you can identify targets that are critical to the business as a whole.
This approach however, requires an understanding of business processes. A great way to begin to understand general business processes is through education. I know that business classes can be uninteresting and even boring at times. I will admit that during my education the business classes were the least interesting classes I took. I still can barely remember the content I went over even though I did very well in the class. Recently I have realized my shortcoming in understanding business processes and have been going back over my business classes’ textbooks. If I take more of a “hackers” view at business processes I can begin to see critical places in the business process of where a successful attack could be critical to the business as a whole.
There are many obvious targets such as high-level executives, payroll, and data warehousing. However, some targets could be just as critical. Imagine targeting the PR department and having the ability to send out press releases that could immediately damage the businesses’ reputation with their customers. All it takes is one factitious press release going viral and the company’s reputation could be irreparably damaged.
By understanding the business process we as “security professionals” can begin to see these cracks in them and begin to design stopgaps to protect them. I still believe that the hacker mentality can thrive in a business environment. However, in order to do that we need to grow up, educate ourselves and take our rightful place in the business world.
I am writing this in hopes to spark a discussion on this topic. If you don't agree with me please feel free to let me know why. I am a firm believer in open, uncensored and frank discussions.
Tuesday, June 8, 2010
Western Tracking Institute Tracking Class
1 I spent last Saturday at an animal tracking class provided by the Western Tracking Institute. The instructors Rick, Lee and William were top notch and we were able to learn a lot about gaits and animal identification. 2 You have no idea how many ways a rabbit track can present itself. Our Tracking location was very interesting. We spent all day under the 805 and 56 merge underpasses and bridges. The first part of the day was spent under the big overpasses. The underpasses were a great place to see many different types of tracks. The substrate was very soft in places and that allowed us to analyze the gaits and tracks fairly easily. We saw raccoon, skunk, bobcat, deer, opossum and the ever present cottontail tracks. 3 4 The second part of the day was spent under the bridge in the muck. Luckily I brought a pair of rubber boots to keep all of the mud and water at bay. We found some really interesting tracks under the bridge including crawfish, deer, bobcat, a ton of raccoon tracks and a mystery track that no one could identify. In all it was a fun day of tracking even if you could barely hear each other talking over all of the traffic noise. I'm looking forward to the trailing workshop later on this summer and hope to get through the entire curriculum. In all it was a great experience and I highly reccommend taking any of the classses offered by the WTI.