There will be a Hak5 Live show this Saturday the 12th, at 7pm EST.  Details will be on http://www.hak5.org and probably hak5live.org too.  I’ve got a couple of goodies to talk about and hopefully announce something pretty awesome.

I can consistently make it to 81% in Green Grass and High Tides by The Outlaws in Rock Band now.  I have to learn how to correctly play those sets of 3 notes which just go up and down the frets during that part.  It’s pretty ridiculous.  I’m very happy though, it’s a tough, tough song and gives me a really fun challenge.

I submitted my CPE’s for the Intrusion Detection Systems training I gave at work the last 2 weeks, which brings me up to a pretty decent number so far since I obtained the CISSP.  I may convert some of my material into a format I can put up on the site here.

I just got done doing a podcast with the guys at secthis.com, whom I met at Shmoocon this past weekend (although there were so many faces and once you have a few drinks it’s a little hard to remember that many faces) which ran about an hour.  I had a lot of fun discussing a variety of issues with them.  I’m glad they let me connect up and throw in my 2 cents.

Once it’s all edited up you’ll find it at http://www.secthis.com.

As I will be having a lot more hands on with Snort once I assume my new role at work in a couple of weeks, I decided I needed to beef up my library, so I picked up Jay Beale’s Snort Toolkit book off of Amazon.

It starts out explaining what IDS/IPS are and then jumps into Snort 2.6 covering everything from installation to advanced deployment and rules. The entire kitchen sink.

I’ll post a full review of the book once I read it cover to cover.

Family

I will have my family in town for most of next week, which should be relatively fun. They’re definitely going to get a major tour of the area.

CISSP

I had to delay my CISSP exam until the end of July due to an unscheduled trip that came up last week. On the upside I get to cram some more before I drive up to Northern Virginia and take it.

This past Sunday I obtained my SANS GCIH certification. That brings me up to four, with two more left in queue (Linux+ and CISSP). I am proud of my 92/91 test scores for it, and plan on taking it Gold along with my GSEC sometime in the next year or so.

I’m presently working on some slides for a course that the command is going to send new personnel through. I will be teaching for a good couple of hours according to the current plan it appears, which is fine by me. I like teaching.

One interesting thing that popped into my mind a little earlier was regarding the knowledge that we all collectively have and share. It’s a little hard to put into words, but the basic premise is that regardless of our level of intelligence, or individual wisdom and experience, there are certain things that we all know, and strangely they are things that at the same time, we don’t know.

We are the masters of our mind and body, yet introspectively know little about how we actually tick. We know how to think and breathe, but we don’t really understand how these actions are actually performed from within ourselves. Obviously there are theories that cover this, like Freud’s Id, but it’s fun to think about being able to know and do things, and yet not at the same time.

Thursday was a good day. I passed my Certified Ethical Hacker (CEH) test and can now wield that badge. This weekend I will be taking parts 1 and 2 of my GCIH certification, and should be able to successfully obtain that.

CISSP is coming up and I am starting to really hunker down. There is a wealth of information at my disposal for it, and I plan to use it to the best of my ability.

I went awhile without an update. The Ubuntu article before this was actually written about a week ago, but I had not gotten a chance to get on and publish it, and did end up publishing it a little incomplete, which is why I am going to do another update in a few weeks on Ubuntu.

The past two weeks have been pretty busy for me, both professionally and personally. I’ve been studying for Linux+, GCIH, CISSP, and now CEH. The basic plan is to have CEH and GCIH done by the end of next week if I hear back from EC-Council soon enough. I’m also looking at switching to AMU from Strayer because I feel their program will be a better fit for me.

I did a little packet analysis at home the other night for someone in an IRC room I frequent. A sysadmin from a university came in and was having trouble identifying some traffic on his network. A quick check of the pcap file that he sent me revealed it was simply CUPS traffic, whether or not it was authorized was another story since he did not appear to know what CUPS was, but did mention that his network had both Windows and Linux workstations. It was fun in any case.

Among the many projects I have, is a desire to setup another computer dedicated to running some virtualized servers in VMware Server, probably a bunch of Ubuntu LAMP setups from their server cd. The idea would be to go a route similar to how LSO (learnsecurityonline.com) does their capture the flag contests. Perhaps I will email them and ask how they set their boxes up, whether it is in a VM or not.

The past week included one CISSP study group session, installing Ubuntu 7.04 “Feisty” on my spare hard drive, and the usual weekend partying/cooking out.

I’ve been using the latest Ubuntu release since early Saturday morning, and I have to say I am impressed. If my parents lived closer than a 10 hour drive from me I might actually consider switching them over to this, although I think we’re at least a few releases away from it being a smooth enough experience for them.

I had never really run a Linux desktop for more than a week or two as my primary desktop OS before, and I believe this one is going to stay for quite a long time. Beryl/Compiz makes things look nice and shiny, as well as providing functionality.

StumbleUpon has come through once again with an interesting tutorial on how to get started with picking locks. I now have something to keep me entertained at work tonight, as the entire site is chock full of good information on lockpicking. I might as well add a new skill or two to myself eh?

Work on the possible podcast progresses. I am working on a little project that I think might provide for an interesting commentary.

More later!

Okay so I didn’t quite make it on the once per week promise.

Over the last 9 days I managed to (with the help of friends) troubleshoot and send parts to my Mom so she could have a guy at work fix her computer without me having to fly up there, which just wasn’t going to happen right now given how busy I am.  Somehow she shorted the motherboard out.

Linux+ is looming ahead, next week, and I haven’t done a lot of studying.  The certification itself is meaningless to me, but it was a command voucher I used in order to take it so I have to keep my end of the deal up.  It’s going to have to basically be a weekend cram session in order to prepare for it, because I have my CISSP study group on both Tuesday and Thursday this week.

On the technology front, I am exploring a few options to organize some of the experience and knowledge I and some friends of mine have into something possibly presentable to the general public.  Whether this will be some sort of podcast, or new blog, or just a forum has yet to be determined.  The key factor is how quickly we can bundle everything together into something a layman can understand, and push it out.  I’m really into the whole podcast idea right now, but that might just be because I have only owned an iPod for 6 weeks.

Ironically, I found myself reccomending AOL’s antivirus software yesterday, because it is free and based on Kaspersky’s engine.  The only real issue is that of anonymous data collection and privacy, so wear your tinfoil hat if you choose to install it like I did.

I write this now, having slept from approximately 4am to 8:30am, but we’ll get to that in a minute or two

Registration was supposed to start at 1pm according to the guide, but it was more like 1:40ish. In any event Andy and I were all set by 2pm and collected some vendor swag, had an appetizer upstairs at the Pub built into the hotel, and hung out till things kicked off at 3:30pm.

Opening comments were by the Shmoo group staff, I forget the guy’s name now but i’ll get it later. He was decently entertaining, and basically is the founder of this thing, so he drives the flow of everything. I’m going to summarize each speaker:

Read more »

I might as well make the vow from here on out that barring any disasters, there will be at least one post per week here.

With that said, here are some of the things i’ve been up to in the last 6 days:

Movies: Finally got around to watching Pirates of Silicon Valley. I thought it was pretty interesting, and certainly portrays, at least from my perspective, a decently accurate story.

Music: Jack Johnson, Mark.Nine, starboard morning, Mike Masquith (the last three were free on amiestreet.com)

Games: MLB2k(Xbox360) is about the worst baseball game i’ve ever played. Of course I don’t traditionally play them, so perhaps it’s just me. I’m getting better at NCAA07(Xbox360), I do like the pacing a little better than Madden. Nothing much beyond those.

Podcasts: PaulDotCom, net@nite, CyberSpeak, and Hak5. All very very informative.

Career: The first CISSP study group that the local ISSA chapter is doing is so far very outstanding. I feel a lot better about my chances at passing the exam.

It looks like I will be attending Shmoocon 2007 with a coworker.  It should be very interesting.

My acoustic guitar from music123.com arrived today, and i’m going to play around with it for a while.

Thanks for reading!