MadSec: February 2008

Meeting was good, but in a small circle. People reported getting stuck in some snow for some reason... BTW, the waitress, Natasha, is recognizing us now.

Conversation topics that I still remember:

my order of Idaho Nachos

Coverity was added to Fortify and Ounce Labs as a maker of known good static analysis software

enjoyable rantfest about OpenSSL and Kerberos not living up to their potential (complexity, tansitive trust issues, reference implementation serving as production UIs, misuse of one in places where the other would serve better)

Splunk is super cool. Someone is using it to find, in days worth of logs from very busy servers, specific information (users who changed certain field to a value larger than X), all that in a minute or two.

we were musing on the speed or rainbow table generation on the UW Condor grid. Eyes went round.

perl.org "compromise" and other JavaScript malice.

more? I think we spoke about SAS 70 and audits in general, but that was later in the evening, and my memory is failing.

See you next thursday!

‘Twas the night before audit and all through the NOC
not a packet was moving, oh what a crock!

The firewall was tuned with precision and care,
in hope that no kiddies or hackers were there.

The router was patched and all up to date
from many an evening with the admin up late.
The power’s still on, no breakers were tripped.
The boss is still screaming, “let’s get this one nipped!”
Back in the office I heard such a clatter
I dashed right in to see what was the matter.

“It’s gone, it’s gone”, the CISO did bellow.
All up in arms was this laid back fellow.
“What is all gone”, I asked in a flash.
“Come look, come see”, he yelled as he dashed.
I ran as I followed this sad little man.
“Look! See, it’s all gone, from the network, the LAN.”
There is no security guarding our stuff!
We’ve got to fix this, but it’ll be tough.

I searched and I searched. I looked high and low.
I couldn’t find security, where did it go?

Then I had a great thought on this troublesome night.
I knew who had done this, and he wanted a fight.
The Grinch had been here and now security was gone.
It’s probably back at his big lofty throne.

I made a great trek from my office to his.
I stood and considered, but didn’t go whiz.
There he would sit behind the C on the door.
Beneath him, our security, crushed on the floor.
Slowly I opened the great wooden gate.
The smell of sulphur had grown stronger of late.

The flames they did lick his cloven black heels.
His flesh, it boiled off in great sooty peels.
“Why did you do it?”, I asked with no tact.
“Our security is gone, now our servers are hacked!”
Policies, procedures, and plans on the floor.
“We don’t need them”, he said in a gruff roar.
“What do we have that a hacker would take?
“There is nothing good here, but a great big damned lake.”

“Just ‘cause we’re small doesn’t mean that we’re bad.
Security’s a necessity, not some new fangled fad!
Here we have bandwidth, and data and lives.
That’s something to protect like a bee does its hive.
Security is good, it keeps business flowing.
For what you have done, you really aren’t knowing.
The network has stopped ‘cause the hackers were in.
Our data is gone, and your actions, a sin.”

Suddenly, a tumble, a thud, and a flop.
I awoke from the floor onto which I did drop.
“It’s all a dream”, I said with delight.
But, such a dream, that gave me a fright.
The Grinch may be real, but his actions were fake.
Nothing was wrong at the city by the lake.

The auditors came down my hallway with glee.
The had come to behold the glory of me!
Never had they seen a ship quite this tight.
For according to them, everything was right!
They shook hands and left, out the front door they flew.
“Happy audit!”, they said, and “good job to you!”

I wish it was mine, the source is: CSO Blogs.

MadSec

Monday, February 18, 2008

MadSec 62240 - 7pm, Thursday, Feb 7

Monday, February 11, 2008

Re: MadSec 24513 - 7pm, Thursday, Feb 7

Tuesday, February 5, 2008

The Grinch that Stole Security

Next meeting:

Blog Archive

About Me