There will be a Hak5 Live show this Saturday the 12th, at 7pm EST.  Details will be on http://www.hak5.org and probably hak5live.org too.  I’ve got a couple of goodies to talk about and hopefully announce something pretty awesome.

I can consistently make it to 81% in Green Grass and High Tides by The Outlaws in Rock Band now.  I have to learn how to correctly play those sets of 3 notes which just go up and down the frets during that part.  It’s pretty ridiculous.  I’m very happy though, it’s a tough, tough song and gives me a really fun challenge.

I submitted my CPE’s for the Intrusion Detection Systems training I gave at work the last 2 weeks, which brings me up to a pretty decent number so far since I obtained the CISSP.  I may convert some of my material into a format I can put up on the site here.

This past Sunday I obtained my SANS GCIH certification. That brings me up to four, with two more left in queue (Linux+ and CISSP). I am proud of my 92/91 test scores for it, and plan on taking it Gold along with my GSEC sometime in the next year or so.

I’m presently working on some slides for a course that the command is going to send new personnel through. I will be teaching for a good couple of hours according to the current plan it appears, which is fine by me. I like teaching.

One interesting thing that popped into my mind a little earlier was regarding the knowledge that we all collectively have and share. It’s a little hard to put into words, but the basic premise is that regardless of our level of intelligence, or individual wisdom and experience, there are certain things that we all know, and strangely they are things that at the same time, we don’t know.

We are the masters of our mind and body, yet introspectively know little about how we actually tick. We know how to think and breathe, but we don’t really understand how these actions are actually performed from within ourselves. Obviously there are theories that cover this, like Freud’s Id, but it’s fun to think about being able to know and do things, and yet not at the same time.

Today was just wrapping things up. We checked out of our hotel rooms and stopped by the con, I ducked in on a couple of the presentations going on, and picked up DVDs of the presentations I found to be the most interesting, or most useful for why we were sent there by our command. The plan is to use these to prepare up a full report and perhaps some sort of training to our peers.

What was interesting was that the presentations themselves, while great, were actually not the meat of the conference. It was all about meeting and talking with other people who work in the industry, and actually care about what they do. It felt so awesome to be surrounded by people who actually understood their field, and weren’t in it just for the paycheck (although paychecks are definitely a reason).

I’m definitely going next year.

I offer a limited range of consulting services.  Outlined below are the basic categories of work I will consider.

• Incident Response Analysis:  This covers review of logs, packet data, and any other data associated with a computer network incident.  I can provide detailed technical reports based on this data if required.
• Auditing:  I offer basic remote auditing of medium to small networks and individual servers.  Typically this will be a combination of network and vulnerability scanning.  For detailed penetration testing I can refer you to colleagues.
• Training:  With experience in providing enterprise level training within the Navy I can offer 1 on 1 training covering a variety of different topics within the network security subject.
• General Computer/Network Security services:  Please contact me for any other services you may need as we may be able to work something out.

Recently I have been taking various training courses and tests covering different aspects of computing and network security.  I’d like to share some of my experience and opinions here.

Brainbench:  I took the free Computer Forensics, and Network Security tests they offered.  These were fairly comprehensive tests, and I thought they gave me a pretty decent representation of my knowledge.  As far as the applicability of the tests though, there does not appear to be very much merit as far as a bullet on your resume, so I would reccomend these purely for self-assessment purposes.

SANS:  In prepration for the GSEC test I have taken the practice exams, and they seem to be pretty much what they are advertised to be, not quite as difficult as the real thing, but definitely required knowledge of the material.  I feel more confident in taking my test after taking these practice exams.

CERT VTE:  I completed the Forensic Specialist course on here, and while there is no test, the sheer volume of information is staggering.  There are also extremely detailed labs available which actually put you into virtual machine and let you accomplish a set of tasks.  Absolutely wonderful stuff.