Thursday, September 16, 2010

Don't Cha CyberRAID? -too the toon of Don't Cha by the Pussycat Dolls

I know you like security (I know you like security)
I know you do (I know you do)
Thats why whenever September comes around exploits all over you
And I know you want go (I know you want go)
It's easy to see (it's easy to see)
And in the back of your mind
I know you should be there with me

Dont cha wish you were at CyberRAID just like me
Dont cha wish you were a security freak like me
Dont cha, dont cha
Dont cha wish your sploits were raw like these
Dont cha wish your hacker was fun like me
Dont cha, dont cha

Fight the feeling (fight the feeling)
Leave it alone (leave it alone)
Cause if it aint secured
It just aint enough to leave a web zone
Let's keep it friendly (let's keep it friendly)
You have to play fair (you have to play fair)
See, I dont care
But I got warez I aint gon' wanna share

Dont cha wish you were at CyberRAID like me
Dont cha wish you were a security freak like me
Dont cha, dont cha , baby
Dont cha wish your sploits were raw like these
Dont cha wish your hacker was fun like me
Dont cha, dont cha

I know 0-days on your mind
I know we'll have a good time
I'm your friend
I'm fun
And I'm fine
I aint lying
Look at my screens, you aint blind [2x]

See, I know your network (I know network)
I understand (I understand)
I'd probably be just as crazy about it too
If it were my own network
Maybe next lifetime (maybe next lifetime)
Possibly (possibly)
Until then, Oh friend your'e secret is safe with me

Dont cha wish you were at CyberRAID like me
Dont cha wish you were a security freak like me
Dont cha, dont cha
Dont cha wish your sploits were raw like these
Dont cha wish your hacker was fun like me
Dont cha, dont cha

Hope you enjoyed that.
I'll post more about the stats from Cyber-RAID later today.
Be safe out there,

Wednesday, September 15, 2010

B-Sides KC Too (to the tune of Beside by Ben Miller)

I wanna be, wanna speaking at B-Sides KC
Speaking speaking
I'll be speaking there soon
Feels like a train, running off the track
Going all directions, but I cant come back
Did I miss you, speaking as I do
Never felt the thrill like when speaking to you
I'm at a point, I'm just a speaker not a listener
Breaking down the walls, getting off this plane
I want to live my life simple & so true
I'm just a man who speaks at B-Sides KC
Do you hear me, you know what I do
Thinking of KC, yeahh it's getting me through
I'm waiting for you there
I wanna be the man who speaks at B-Sides KC too
So much information, flowing out of me
Don't want you to worry, about what it means
I cant say this & I can't show that
All I know is I'm gonna love you when I'm back
Do you hear me, you know what I do
Thinking of KC, yeahh it's getting me through
I'm waiting for you here
I wanna be the man who speaks at B-Sides KC too
And I'm waiting here for the smoke to clear around us, yeah
When the storm goes down there will be sunshine there on your face
Just you wait
I'm at a point, I'm just a speaker not a listener
Breaking down these walls getting off this plane
I want to live my life simple & so true
I wanna be the man who speaks at B-Sides KC too
Do you hear me, you know what I do
Thinking of me, yeahh it's getting me through
I'm waiting for you here
I wanna be the man who speaks at B-Sides KC too
Speaking speaking
I'll be speaking to you
I'll be speaking to you soon

I am not actually speaking at B-Sides KC but I will be there.
If you are in Kansas City or nearby come join on us on September 17th
More information can be found here - and here -
There is a great line up of speakers for this first year.

Be safe out there

Thursday, September 9, 2010

Converting IP information in Excel

Over the past couple of months I've been compiling a report from a TCPDUMP that has been pulled on our old DNS servers to determine what internal IP addresses are still using the servers. I've been refining the report over time but have been frustrating myself with having to convert the IP addresses to a CSV to get rid of the port number of the source IP. Today I discovered a neat feature within Excel that helps me. Text to Columns
I am sure it is in earlier versions somewhere but it resides right on the ribbon in Excel 2007.
Now all I need to do is copy the column that I want to another spreadsheet and convert it to its own columns with the Text to Columns action.

That cut out a huge step for me, but now how do I consolidate those columns back into one cell with the IP address. It's actually pretty straightforward:
Add a new column to the beginning of the spreadsheet (new A)
Type the following in to A1 - =B1&". "&C1&"."&D1&"."&E1 and hit Enter
There is your IP
now copy and paste the formula down the line and it converts the remaining back
Copy those values back to the original spreadsheet and you are good.

It is also possible to do this via one spreadsheet and to hid the columns that you do not need, but that may come later.

Hope that helps someone else.

Tuesday, September 7, 2010

CyberRAID 0 and Security BSides KC call for volunteers

:Event Information
The KC Infragard is hosting a two day cyber event pitting systems/security professionals against each other in a live cyber battle on a simulated commercial network. Systems administrators will be responsible for managing and protecting a "commercial" network from a live cyber attack, something they may not see on their own networks. Since the exercise is hosted on a private managed network that is not connected to the internet, production data and systems are not at any risk.

Not only will participants get a chance to test their knowledge and preparedness for securing an operational environment while under a live attack, they will also get the opportunity to see how other teams handled similar circumstances. This provides real world data and a solid understanding of best practices that can be implemented in their own organizations. At the end of the exercise participants will know the strengths and weaknesses of their people, processes, policies and technologies. This valuable exercise provides an outreach and education opportunity for our community to take home a greater understanding on how they should be protecting their own networks.

If you are interested in playing, there is still time to sign up, see more information at

:Volunteer Positions
We have a few volunteer positions that we need help filling:
Registration - 2 People needed (2 hr shift the mornings of both Thursday and Friday)
  • Responsible for checking in participants and handing out participant badge

Greeters - 3 People needed (2 hr shift the mornings of both Thursday and Friday

  • Responsible for standing in conspicuous places in hotel, ensuring that guests can find their way to the event

Staffers - 4 People Needed (Full/Half day shifts)

  • Responsible for event details, interacting with hotel, enforcing rules, answering general questions, etc

If you are interested in being a volunteer, please contact me via twitter, email (genesiswaveatgmaildotcom) or comment on the blog and I will get you on the list.

While we still have seats available, we have enough players to ensure a fun, engaging, and successful event. However if you have coworkers, friends or other contacts that you think would enjoy this event, please help spread the word.

:Security BSidesKC
The CyberRAID event will be held in concert with the B-Sides Security Conference. The B-Sides has finalized their speaker selection, If you have not already visited the BSidesKC page, I encourage you to do so.

:Follow us on Twitter
As the event approaches, the most current up-to-date information can be found on the CyberRAID Twitter feed. (@CyberRAIDKC)

Friday, August 27, 2010

CompTIA needs some feedback

This was originally posted J. Seymour - here
As a member of CompTIA's Subject Matter Expert Technical Advisory Committee I encourage everyone to respond.

Are you the “security guy/gal” in your company? Did you implement a multi-factor authentication protocol for your refrigerator? If security is what you “do” I have a favor to ask. Our friends over at CompTIA are developing a new advanced security certification exam to follow their Security+ exam and they’re looking for your input on the exam objectives. This is very similar to what MSL does with our “blueprinting” exercise when we develop an exam. It should take only 10 minutes to complete and can be found here:

As an added bonus, CompTIA is giving away a CompTIA T-shirt to every 10th person who completes the survey!
[cue the fast talking announcer] CompTIA values your privacy. Results are completely anonymous and the data will only be viewed in the aggregate. The survey will be open until September 8, 2010. Please contact if you have any trouble with the survey.
Thanks in advance for helping our friends out!

Monday, August 23, 2010

CYOA - Las Vegas - part three through six still to come

I had intended to complete the rest of the CYOA posts daily while at Black Hat and DefCon. On day 3 I was asked to work DefCon on the dispatch team. I had a great time, but there aren't a lot of stories to share unless you want me to count the number of lost items, times that people came looking for a certain Goon or the collection of items that were thrown into the crowd during closing ceremonies.
I will finish my write up soon but I have to redact a few things.

Tuesday, July 27, 2010

CYOA - Las Vegas - part two

You have successfully arrived in Las Vegas.
Do you:
head directly for a slot machine and start playing?
collect your bag?
get something to eat?

I choose to collect my bag. I wait patiently with the other passengers for my bag to appear. The black bag industry certainly shows no signs of stopping. There it is.

After successfully collecting my bag, do you:
rent a car?
grab a cab?
the shuttle?
walk to your hotel?

Walking seems like a bad idea in the Vegas heat and renting a car can be an unneeded expense when staying at the hotel where the convention is held. I'll be taking cabs later in the week to get to events when shuttles are not available. I choose to take the shuttle because I can prepay for my trip back after Def Con.

You are on your way to your hotel. Which hotel did you choose?
Caesar's Palace (home of Black Hat)
The Riviera (home of Def Con)
TI (formerly Treasure Island about half way between Black Hat and Def Con)
Somewhere off strip (to save a little money)

I chose The Riviera because Def Con is at the end of the week and there will be more traveling back and forth then if I am staying elsewhere. My choice was about cost and convenience in the end. Caesar's would be nice but since this is being paid for out personal funds, price is the winner. Staying off strip did not make as much sense when factoring in the cost of getting to and from off strip. TI was another good option but I could not justify the price differential when factoring in transportation.

On the shuttle to the Riviera you notice that the other passenger is similarly attired to you (read black t-shirt, jeans and laptop backpack). Do you:
strike up a conversation and see if your hunch is correct?
stare at your smart phone and look at the emails that have rolled in while you were in the air?
look out the windows at the scenery as you drive by?

I chose to strike up a conversation and my hunch was correct. My fellow traveler is indeed in town for Black Hat and Def Con. We talk about what we do and who we work for and what we are looking forward to this week. (I have not asked my fellow traveler permission to use his name so I will leave it blank for now)

You arrive at your hotel and discover that check in does not start for another hour and a half (hello time zone shift). Do you:
wander the casino floor and play a few slot machines or maybe a hand of poker?
go to the hotel arcade and play video games for a while?
go find something to eat?
wander down the strip to pick up that last couple of items you meant to pack but failed to do so?

I chose to go pick up a couple of items that I forgot to pack, including the sun glasses I put in my car just for the trip so I would not forget them. Then I stopped and grabbed some lunch at the Peppermill. Good burger, interesting atmosphere. I would recommend stopping by if you are in Vegas just to see decorations.

To be continued

CYOA - Las Vegas - part one

Others my age probably remember the choose your own adventure books from the early to mid eighties. I recall them being a big obsession of myself and my classmates. I remember trying to write some of those stories then but not having much success because I would always leave options hanging because I would go down one path and forget about the others.
With that in mind I am going to present my week in Las Vegas for Black Hat, Def Con and B-Sides in a choose your own adventure style. However just like when I was younger I will only be following one path but I will be showing you the choices along the way that I am presented with. Some will be pretty silly (stay in bed v. get up) while others will be difficult (choosing between sessions where friends are presenting against each other) and a few decisions that have been made for me (I am proctoring talks at Black Hat, presenting at Def Con, and working SkyTalks)
If you are in Las Vegas for Black Hat, Def Con or B-Sides, hit me up via Twitter @n0b0d4 and we can try to make you part of my adventure this year.

So the first choice
Do you want to fly?
Do you want to drive?
Do you want to ride the train?
Would you rather stay home this year?

I choose fly

After packing and then repacking because your first bag experiences zipper failure, you get to bed late because your air conditioner freezes up and its 85 degrees in the house. You then get up super early to fly through Denver to Las Vegas

Do you rent a car?
Do you grab a cab?
Do you take the shuttle?
Do you walk to your hotel?

To be continued

Wednesday, June 23, 2010

Panel Selected for DefCon 18

Panel: Hacking The Future: Weaponizing the Next Generation

Join this panel of "experts" who will discuss, debate, enlighten, and do battle on the topic of Hacker Parenting. From a multitude of viewpoints - paternal, maternal, fictive aunt and victim - the methodologies and techniques of applying the hacker mindset to parenting will be discussed. It is expected that the audience will participate as this topic is one on which everyone has an opinion. Maybe it's possible to do great work and develop a generation of people primed to hack the planet and take over.

James Arlen CISA, sometimes known as Myrcurial, is a security consultant usually found in tall buildings wearing a suit, founder of the Think|Haus hackerspace, columnist at Liquidmatrix Security Digest, Infosec Geek, Hacker, Social Activist, Author, Speaker and Parent. He's been at this security game for more than 15 years and loves blinky lights and shiny things. Cyber.

James Costello is a project manager for a compliancy focused hosting company in the Midwest. He is a charter member and current secretary/vice president of affiliate relations for the Cowtown Computer Congress. He holds a BA from the University of Saint Mary and in his free time enjoys reading scifi, watching British television and repurposing electronic devices.

Leigh Honeywell is a jane of many trades. By day she works as a security consultant while finishing up a degree at the University of Toronto. By night (and sometimes over lunch) she is a co-founder and director of HackLab.TO, Toronto's hacker space. She also serves on the board of advisors of the SECtor security conference, has been a Google Summer of Code mentor, and is an avid cyclist, science fiction nerd, and traveller.

Tim Krabec is the owner of a Small Computer Shop. A Vice President of the South Florida Chapter of the ISSA, Secretary of ASIS chapter 254. He is a former foster parent caring for over 40 children. He currently has 4 children with the 5th on the way. He holds a BS in CS for Florida Atlantic University, in what little free time he has he enjoys watching Syfy and woodworking.

Tiffany Strauchs Rad MA, MBA, JD, is a lawyer, hacker, and college professor. She has presented privacy and technical research at Black Hat USA, DEFCON, Hackers on Planet Earth, Hacking at Random, and Pumpcon. She also likes cars and hacks them.

There is a story of serendipity to go along with this talk.
At DefCon last year, I met Tim Krabec in person for the first time and while we were having dinner after closing ceremonies with his wife and kids we hit upon the idea of creating a talk about how hacker parents work with their kids. We submitted the talk to ShmooCon but did not get accepted. This turned out to be fortunate for us because it allowed us to adjust our strategy for DefCon. One of the decisions we made was to invite others to join and to give us more diversity by adding a mom. My first thought was @securityintern who I had met last year at DefCon as well.

So I contacted Jackie and she said she'd love to help but James (@myrcurial) was already working on a talk for NotaCon (video of which can be seen here - I immediately contacted James and set into motion combining the two talks into one great big talk at DefCon. After several conference calls with James and the rest of the crew, James submitted the talk to DefCon and we waited

And waited. Apparently this was another good year for submissions (thanks @Niki7a for all your hard work).

Then yesterday I received the following tweet from James
@n0b0d4 you should go look at the DEF CON speaker's list #justsayin

So that makes another confirmation that I will be in attendance this year.

I am excited to be a panelist and look forward to see many security compatriots out there.

Be safe out there.