Friday, January 9

Email RFC 2142

I am always amazed at the wealth of talent on the SANS alumni email list. Yesterday, someone asked "what email address do you use for security? If someone discovers a vulnerability, issue, or breach how do you expect them to easily get a hold of you?"

Great question. Having some experience in this, I generally dredge their website or use Google. What I didn't know is RFC 2142 answers this very question.

Credit to Igor Mozolevsky for this information.

Part 4 of RFC2142[1] states:


Operations addresses are intended to provide recourse for customers,
providers and others who are experiencing difficulties with the
organization's Internet service.

----------- ---------------- ---------------------------
ABUSE Customer Relations Inappropriate public behavior
NOC Network Operations Network infrastructure
SECURITY Network Security Security bulletins or queries

Monday, December 1

December (IN)SECURE Magazine

Check out the December edition of (IN)SECURE magazine here.

Saturday, November 15

shmoocon 2009

Yup. Going again!
Glad I am staying at the Wardman Park Marriott .... so the walk will be short.

Any other Indy people going?

ISP McColo Shut Down After Connection Found To Spammers

I can tell you the drop in our spam was around 35% - 40% after McColo was taken offline. Other reports are as high as 75%.

Article here.

Hats off to Hurricane Electric for booting em.

Sunday, November 4

Linked Armor

Allen and I are starting a business. This is our logo.


Thanks to Brian (fellow IndySec-r), I will be going to shmoocon. As you may know, tickets can be difficult to acquire. Let me know if you plan on attending.

The date for the event is Feb 15 -17th.

Thanks again Brian.



Ok. Things have been crazy; let me share.

I just finished co-authoring SANS SEC 540 VoIP Security with Raul Siles and Dr. Eric Cole. Eric will be teaching the inaugural course at the SANS Cyber Defense Initiative 2007 in December.

The course is very lab intensive, so be ready (you won't be getting out of class early). I hope you enjoy it.

Thursday, November 1

SANS Chicago 2007

Headed to Chicago for SANS SEC 503 intrusion detection in-depth. I love Chicago and 503 was next on my list, so it worked out well.

Many things going on of late. Blog is suffering. I just finished a major project (will write more about it later), so things on the blog front should improve a little.

This has become somewhat of a pilgrimage of sorts, as I took the 401 class in Chicago this same time last year.

IDS here I come.

Wednesday, September 26

(IN)SECURE - September 2007

The September edition of (IN)SECURE magazine is out.

I love it.

Wednesday, August 15 - sorry to see you go is no more. I am not sure what went down, but it was serious enough to kill the site.

14 August 2007 - 23:58 GMT

With the industry and those in it so seemingly hostile to Whitedust, and
pure apathy from anyone who thinks otherwise. Why bother. This site is
now closed permanently. It's staff have abandoned the scene and the industry
for real world projects - for good, you won't be seeing us again. You "Won".

Good luck out there. You'll need it.

-The Staff

Monday, August 13

Information Security Decisions - Chicago

Over November 5th and 6th I will be attending Information Security Decisions 2007 in Chicago.

View the Information Security Decisions site here. They note "No sales pitches disguised as content!" Let's hope.

Information Security Decisions has posted a "Top 10 reasons to attend" list. You can read it here.

Here are my top reasons to go:
  1. Ask Bruce Schneier about Alice and Bob.
  2. Meet other security nerds (hopefully some chisec people).
  3. Win the CTS.
  4. Learn something new.
  5. Enjoy a nice nerd vacation and some Chicago-land food.
  6. Stay in the $33 a night hostel (visited for SANS Chicago in 06).
Please note, you must be approved for admission (you must work in security and sometimes buy things). Also, and this is very important, this is a free event, but if you register and do not show up --- it is $195.

Taken from the registration email:
NOTE: Once your application has been approved we will call you to confirm your attendance. Information Security Decisions is free to all attendees....
All Information Security Decisions delegates are required to reserve their conference seat by providing a valid credit card, which will not be charged.

However, if you do not call ahead to cancel or simply do not show up on November 5th, you will be charged $195 to cover the costs we incur for your attendance (meals, proceedings, etc.). This policy allows you to display your commitment to ....

I will be staying at the Hostel located just down the street. It is quite nice and would remind you of a dorm room (in fact part of the building is just that). The price is $33 a night.
  • View photos of the hostel here.
  • HI (Hostels International) Chicago site here.
  • View a map from the Hostel to the event Hotel here.
I have three open seats in my car. I will cover gas, but would appreciate help with the parking costs. I will be going up Sunday night and plan on leaving Tuesday evening after dinner.

Contact me if you are seriously interested.


Monday, July 30

Video overview of SANS/GIAC by Stephen Northcutt

A great overview for anyone thinking about taking SANS training and/or taking a GIAC certification.

Video found here.

... taken from the latest (IN)SECURE magazine.