Monday, October 31, 2005

Quick Book Review: "Stealing the Network : How to Own an Identity"

I just finished this book on Sun after about a month of trying to get through it. Overall, it was a pretty good book. Because it was written by about 8 different authors, it doesn't flow very well. Now, its predecessor, "Stealing the Network : How to Own a Continent," flowed much better, had just as many authors and was technically superior. I was surprised at the large number of types and grammatical errors. Maybe it was because of them rushing to print? Beats me. It was a pretty good sequel and some of the chapters were genuinely enjoyable. If you haven't read "How to Own a Continent," I highly recommend it. If you have, then consider this one if someone gives you a free copy or you get it cheap used.

Friday, October 28, 2005

What is going on with me? Updates are here!

I thought I should get a little something up here since people do check regularly and I was just prodded by Martin McKeay after commenting on his blog. If you haven't read his blog, check it out.

Work is great! I am really enjoying my new position on the UF Security Team within the University of Florida. Our website is a little weak right now, but we have a Public Relations person that was hired just before me, and it is one of her projects. I hope to assist and provide information on secure OS builds, incident response tools and procedures, possibly even a security blog...but that might not fly.

I have settled in pretty well with my new Apple PowerBook. It has taken some getting used to. Compiling different forensics tools has not been a problem. I did a quick test of MetaSploit Framework 2.5 and it seemed to work fine. Working within Virtual PC is limiting compared to VMware, but I am getting by OK withing snapshots. :-( I was surprised to find that I could install FreeBSD 5.4 in it.

My coworker Jordan and I are working on "Hacking: The Art of Exploitation" with some guidance from our friend Atlas we met last year at a SANS conference. Atlas was first place individual (Ronin) and third place overall in Capture the Flag (CTF) at Defcon 13. It is very cool stuff. Some of the examples work on MacOSX while the rest I have had to SSH into a SUSE 8.0 Linux box. Oddly, the examples don't work on my SUSE 9.3 box, which I think has to do with some sort of kernel setting for exec-shield, but I don't know yet. I am looking forward to getting into working on real executables...like the ones from CTF.

What else? I am DJing again this weekend at a Haunted House in Orange Park. My daughter, Gabriella Skye, is almost 5 months old. I am drinking coffee daily again, more water, less soda.

I think that is about it. I promise to start posting more technical stuff. My goal will be at least once a day during the week depending on if I am in the office of not. Have a great Halloween!!!