Friday, December 11, 2009

SANS 502 - Get Your GIAC GCFW Cert in Burbank, CA

GCFW_Silver

SANS 502 - Firewalls, Perimeter Protection & VPNs is an undiscovered gem in the SANS armada of training offerings. It's an excellent overview of technologies and concepts that any entry level Information Security professional going into a corporate environment needs. While it may not be as sexy as the penetration testing classes SANS also offers, it definitely still holds value for anyone who plans (or ends up) responsible for protecting a corporate network environment. This class corresponds to the GIAC GCFW certification. Personal comments aside, here's the flyer SANS has just sent out:


Please join in me Burbank, CA starting on February 11 for SANS Security 502: Firewalls, Perimeter Protection & VPNs. Experience this local class and SANS award winning security training first hand in the popular Mentor format! For complete course details and registration information, please click on http://www.sans.org/info/45104.

Register by December 15th and receive $500 towards any single course* in 2010. Enter in the discount code "BYE09" in step 3, group discount code.  Instructions to redeem your $500 award will be sent to you upon receipt of your paid registration.

Benefits of the Mentor Program https://www.sans.org/mentor/about.php are:

  • Save 25% off the regular SANS tuition fee with the ability to save even more with group discounts (see below)

  • No need to spend money on travel outside of your local area

  • Small, locally run 10 week classes utilizing the same great SANS courseware presented at larger conferences

  • Evening classes do not conflict with daytime commitments

  • Direct, hands on contact with a qualified Mentor


The Mentor program reviews the courseware at a slower pace giving the student more time to learn the material. Students can apply the class material the next day when they return to the office and bring questions back to the Mentor each week!

"The SANS Mentor program is a great value. It allowed a learning environment that was local, with a knowledgeable instructor, and fellow like minded individuals.  All of this without having to travel!"
- Sean Nixon - Fidelity National Information Service

EXTRA TUITION DISCOUNTS are available for 2 or more students who register from the same organization. To obtain the Group Discount fee for this course, please contact Heather Kohls directly at mentor@sans.org PRIOR to registering with your company name and contact information of those wishing to attend.

Discover the quality training only The SANS Institute has to offer and register today!  Once again, for complete course details, course outline and to register, visit http://www.sans.org/info/45104.

Wednesday, December 9, 2009

Barnes & Noble Nook Review: Pretty Good



Gizmodo has posted a good article discussing Barnes & Noble's latest entry into the ebook reader market, the Nook. Plenty of comparisons to Amazon's Kindle to be found.

Barnes & Noble Nook Review: Pretty Good

(Via Gizmodo: Top.)

Tuesday, December 8, 2009

User Interfaces In Film, and the Man Who Designs Them



Mark Coleran designs User Interfaces that are used in film. One of my recent favorites was Tony Stark's computers in Iron Man, however apparently he can't take credit for that one. Still, this is a pretty cool job, similar, but less challenging than that of a video game UI designer job in the real world.

[Mark Coleran via Metafilter and Gizmodo]

Monday, December 7, 2009

A Romance Flowchart: When Is It Inappropriate to Use Your iPhone?

Awesome. But am I allowed to bust out this chart to justify phone usage?


Click the image to view a larger version.

Based in New York City, Shane Snow is a graduate student in Digital Media at Columbia University and founder of Scordit.com. He's fascinated with all things geeky, particularly social media and shiny gadgets he'll never afford.

(Via Gizmodo.)

Saturday, November 21, 2009

7 Reasons Why You Should NOT Eat Breakfast

No More Breakfast
Breakfast. Image credit: Andreza Pinheiro.

I've always been told that skipping breakfast is unhealthy. So, I found the article from StrongLifts.com below to be eye-opening.

Thursday, November 19, 2009

Motor Trend Car Of The Year: 2010 Ford Fusion

The newly-refreshed 2010 Ford Fusion was just named MotorTrend's Car Of The Year for 2010. Not a bad choice in our opinion as Ford's got the most money to spend on marketing. Also, the car's damn good.

(Via Jalopnik: Top.)

Wednesday, November 18, 2009

Study indicates MacBooks are pretty reliable

17nov09compach0qw83.jpg

A laptop reliability study conducted by Squaretrade reveals most reliable laptop manufactures. The sample size was from over 30,000 devices over a 3 year lifetime. No big surprises here as the cheaper bargain laptops and netbooks round out the highest failure rates and the more expensive systems last longer. The linked PDF is full of pretty graphs which is always a win.

Of personal importance is my current laptop manufacturer of choice the Macbook Pro's ranking in the study.

[via Engadget]

Tuesday, November 17, 2009

Metasploit Framework 3.3 Released Today

metasploit_hax_small.jpg


The Metasploit Framework 3.3 was released today (Tue, Nov 17th.)



Tons of bug fixes and more exploits for us to play pentest with!



(via SANS Internet Storm Center.)

Strong Contender for Worst Idea of the Year: Adobe Flash 10.1 Adds Hardware Video Acceleration

adobe_flash_virus.png


I'm not claiming to be an expert on how Macromedia / Adobe Flash is bolted together nor it's security architecture, however adding an API to allow any website to stream HD video to directly to the video card sounds like a terrible idea on the level of badness equal to ActiveX. Makes you wonder what the QA cycle for video card drivers is like.



Luckily, Adobe has only announced support of this new reason to keep all us security folks employed HD Video Acceleration for Microsoft operating systems at this time.



(Feature announcement via Lifehacker.)



Oh, and here's some performance benchmarks from anandtech

Google Chrome OS To Launch Within A Week

chromeOS.png


Google's Chrome OS project, first announced in July, will become available for download within a week, we've heard from a reliable source. Google previously said to expect an early version of the OS in the fall.



(Via Linux.com :: Features.)

99 Problems

geordie 99 problems.jpg


Source:

Twitter_LeVar_Burton.png

Top 10 Risks to Web Applications

OWASP has published a release-candidate report of the top 10 risks they foresee to web applications in 2010.

Summary:



  1. Injection

  2. Cross Site Scripting (XSS)

  3. Broken Authentication and Session Management

  4. Insecure Direct Object References

  5. Cross Site Request Forgery (CSRF)

  6. Security Misconfiguration

  7. Failure to Restrict URL Access

  8. Unvalidated Redirects and Forwards

  9. Insecure Cryptographic Storage

  10. Insufficient Transport Layer Protection

Monday, September 14, 2009

Lady Gaga at the 2009 VMA's looks awfully familiar

all-your-gaga

Selecting Anti-Virus Software for Home

"I purchased X Anti-Virus for my Home PC last year and unimpressed, let it expire. Which anti-virus product should I purchase now?"

I get asked this question a lot. I provide below how I typically answer it, hoping that someone out there will find it useful as a template for your responses to similar questions to which you must respond.

Monday, May 4, 2009

AUC #2: ls

auc2AUC 2 - Arbitrary Unix Command #2
I thought it might be useful to cover some obscure unix commands that you may find useful in your day to day system administration. My primary work machine is a Macbook Pro these days, so I'll lean towards cover commands that come with OS X. Most unix operating systems will likely have the commands I cover.

Thursday, April 16, 2009

Worth Watching - Stargate Atlantis

Stargate Atlantis | SCIFI.COM.png

I never got into Stargate SG-1. I loved the original Stargate movie so I gave the series a try, but never got hooked.

I recently discovered the second Stargate spin off, Stargate Atlantis just as the SciFi cable channel was advertising it's 5th and final season was about to come to a close.

I'm hooked.

Sunday, April 12, 2009

Amazon Deal: 90% off HD-DVDs

AA892708-2A2E-4EC3-8157-9E939C78F712.jpg

If you are like me and sided with the HD-DVD format during the HD media war, you have an HD-DVD player collecting dust in your entertainment center. (I'm not bitter)

So how better to embrace the new world order that is Bluray than laugh at Sony by purchasing the same content, at the exact same quality, by buying up a storm of High Definition DVDs at rock bottom prices. In fact, at up to 90% off they are cheaper than purchasing most Standard Definition DVD's on sale.

I picked out my favorites below (read: worth watching in High Def) as well as a link to what's left of the HD-DVD stock. Pick $25 worth and get free super saver shipping. If you are HD-DVD player-less and have an Xbox 360 or a Windows Vista PC you can pick up the Microsoft HD-DVD add-on drive for about $50.

Saturday, April 11, 2009

LCD on the Wall, Which Netbook Battery Lasts the Longest of Them All?

batteries_netbook

On the hunt for a travel netbook? After testing out early models with squished keyboards I decided to wait for a model with useable size and 10" seems to be about perfect. I originally thought I wanted a fully loaded netbook until I realized that wasn't the point. Netbooks are not intended to replace laptops. They are intended to be ultra portable with prices making them nearly disposable. Netbooks are perfect travel companions for photographers who need to dump the days pictures onto a backup external hard drive and review images on a screen larger than the thumbnail preview on the back of their camera.

Since a unit's size is an important feature, how much juice can you realistically expect from the form factor? Find the list of which models last the longest after the jump.

Monday, March 30, 2009

AUC #1: paste

auc2AUC 1 - Arbitrary Unix Command #1
I thought it might be useful to cover some obscure unix commands that you may find useful in your day to day system administration. My primary work machine is a Macbook Pro these days, so I'll lean towards cover commands that come with OS X. Most unix operating systems (OpenBSD, FreeBSD, Linux, Solaris) will likely have the commands I cover as well so only the Microsoft-only folks will be left out. (sorry)

Thursday, March 26, 2009

Forget Reading the News, Absorb It

newser

Similar to the NYT Article Skimmer I posted recently, Newser.com provides another option if you want to absorb the news rather than read it. +5 points to them for reducing burn time spent on the internet.

Wednesday, March 25, 2009

Open Source Mac

osmac

I recently stumbled upon this website (OpenSourceMac.org) which is a clean list of useful open source software that has been written or ported over to Apple OS X. This is very handy to email to your friend which you recently converted to Apple :-)

Tuesday, March 10, 2009

X10 Smarthome Security

owned_house

I've been looking into home automation gadgets like X10 for quite some time now. My interest in home automation revolves around reducing power consumption, recording anomalous events with cameras as evidence and because I'm super lazy and only like doing things once (but the right way) and want my CFL's to flick on when I stumble in after a long day at work. I also want to build a DIY BIDS: Burglar Intrusion Detection System.

I even admit to visiting my local library and borrowing books on the subject solely with the goal of pimping the geek out of my home. So did I find true trekkie bliss, full of motion sensing lighting, sexy sounding verbal computer readouts, intelligent power management and enhanced security?

Wednesday, March 4, 2009

Computer Security At Hotels

public laptop

When was the last time you visited a hotel, plugged in your laptop, and logged into your gmail account?

Do you recall the last time you connected to Free Public Wifi to quickly check your eBay actions? Looking back, don't you wonder who else may have been listening in on your Internet activity? Let's find out how to protect yourself against unwanted network 'wiretappers'...

Monday, March 2, 2009

Complete Unix Cron Job Crib Sheet

cronDo you only use unix once in a blue moon, need to setup crontab and can't quite remember the order? (Without peeking at the image on the left)
Try out this handy cron job crib sheet which you can paste directly into your crontab as a reference each time you make a scheduled job change.

Tuesday, February 17, 2009

How to Read the NY Times Fast with Article Skimmer

[caption id="attachment_221" align="alignnone" width="300" caption="NY Times article skimmer"]NY Times article skimmer[/caption]

The NY Times has a new prototype page called Article Skimmer for displaying news. After being spoiled by the efficiency of Google Reader, I like where they are going with it.

Thursday, February 12, 2009

Free dia-like webapp

[caption id="attachment_205" align="alignnone" width="300" caption="online flowcharting"]online flowcharting[/caption]

Lifehacker brings us lovelycharts for all our "free, I don't have time to download and install dia" needs.

Wednesday, February 11, 2009

Nice Desktop Setup ... For Windows Vista

Beautiful_Desktop

I found this beautiful desktop setup posted on lifehacker. Pretty nice. Inspires me to create something similar in OS X.

Sunday, January 18, 2009

My Backup Failed and It Wasn't My Fault

[caption id="attachment_136" align="alignnone" width="242" caption="Penguin added for festivity bonus "]Penguin added for bonus festivity[/caption]

One of my two recently purchased 1TB Seagate 7200.11 drives (model: ST31000340AS, firmware: SD15) decided to join the IBM deathstar family. Otherwise known as the deskstar, it's apparently #18 on the list of worst tech products of all time.

This time, the drive decided to stop powering up fully instead spinning up and down like a yo-yo. Quick internet research revealed they are failing en mass due to a firmware bug. RMAing the sucker tomorrow for a reflashed one. This is just the latest proof regarding my knack for buying defective storage intended for backups.

Go Figure.

Read full article at:
The Register

Anyone else got one of these duds?

Thursday, January 15, 2009

Dell Mini 10 - My Next Toy Purchase

[caption id="attachment_119" align="alignnone" width="397" caption="Dell Mini 10 - Thanks Engadget!"]Dell Mini 10 - Thanks Engadget![/caption]

Specs:

  • 1280x720 glass screen

  • Z530 1.6 GHz Atom

  • 3G

  • GPS

  • 802.11n

  • multitouch/gesture trackpad

  • A decent sized netbook keyboard


Read the full post