Saturday, March 28, 2009

Securing Our Medical Infrastucture

On Friday, April 17th, InfraGard New Mexico is holding it's annual conference in Albuquerque, NM at the Hilton Garden Inn in Uptown.

The conference is titled:  Securing Our Medical Infrastructure

At $175 ($125 for current InfraGard members), the all-day conference is steal!!

The speakers include Larry Pesce (from PaulDotCom), Bill Tydeman (computer crime investigator for Health and Human Services), and others.

Visit the conference site for more details on registration and sponsorship.  Hope to see you there!!!


Wednesday, March 25, 2009

Get ready for Conficker - No April Fools Day Joke

Good news: The patch for this issue came out from Microsoft in October last year. If you had automatic updates enabled at that time, you were probably already not vulnerable.

Not so good news: I can confirm that it is set to become more active again on April 1st. On that day, if you are infected, you may notice your machine is very slow for the first six hours or so.

Worse news: Conficker is suspected to be building the largest "botnet" of computers to date. These computers are typically used to perform massive spam campaigns, launder money, host illegal or thieving web sites, or even take down computer systems of nation states (such as Estonia).

What you can do now:
1) Read the Wikipedia article on Conficker, which provides a lot of good information,
2) Download the BitDefender Conficker removal tool from and check/clean your computer.

Monday, March 09, 2009

Darn it, they got me doing Karaoke again!

I met some incredibly talented folks at SANS 2009 this year.  Ryan, Jason, Don, Zoher and I hung out with Ed Skoudis, Mike Poor, Larry Pesce, and others.

Ryan truly has an evil mind (this is a good thing, in our field), and I was impressed with Don's massive cahones for his efforts over at (and also for owning a bar while owning a software company!).

One evening we spent some time chatting with Ed Skoudis after one of his talks at the local Sushi bar.  I didn't have Sushi since I'd just eaten, but somehow (it must have been the mojito), Mike Poor convinced a few of us to join him on stage for a dead-on (umm, not) rendition of Bohemian Rhapsody.  It was fun, but not to be attempted without some liquid courage (at least not with my singing voice).

By the way, Jason, thanks for posting the tamer pictures.

That'll Do, Donkey, That'll Do

[Update 2009-03-13: Our team received notification yesterday that we Passed this project.]

I completed my Group Discussion and Written Project for my SANS Masters program while at SANS 2009 last week. I'm pretty sure the grade will be good, but I won't know for another week or so.

Seth Misenar and Tim Proffitt were my tiger teammates for an assignment that involved researching detective and preventive measures for Downadup/Conficker. We had 24 hours to do the work and present to the ficticious CIO (played by Stephen Northcutt) of GIAC Enterprises. Seth did an excellent job of presenting, but in the end we were "fired" by the CIO because we commented that he had gotten "too excited" about the possibility of his email being infected.

Later in the week we were asked to present again. It was suggested that we should rotate the role of presenter, so I volunteered. We presented a 2nd time on March 7th, and after we were done, Stephen Northcutt didn't say anything.

I got a little nervous at that point and asked, "Do you have any questions? Or any feedback?"

Stephen's response was a simple: "No."

After a little more prodding he added, "I don't even have any recommendations. You nailed it."

Ah.... sweet success. :-)

SANS 2009: MGT 525

I'm just back from SANS 2009 in Orlando (#SANS2009).  I took MGT525 -- yes, the project management class -- with Jeff Frisk.  I signed up for the class because it is a required component of the degree I am working on.  I had actually heard some negative things about the class, so I was dreading it just a little (sorry Jeff).  But, I'm pleased to report that I found it incredibly useful.  I have been running large projects (large information security projects) for awhile, but I haven't really ever had any formal PM training.  We have a Project Management Office, and they provide guidelines and templates, and I know what a WBS and Gantt chart are for, but I didn't really know the "proper" way to go from one step to the next.

My eyes were opened when we worked through labs on taking the WBS and producing a precedence diagram to figure out the actual critical path -- including identifying what activities had how much float time.

Now project management seems much less like art and more like science.  This makes me happy.

Thanks Jeff!