Tuesday, July 31, 2007

SANSFIRE 2007 - that's a wrap!

I'm sitting in my hotel room in Washington, D.C., having just completed another great SANSFIRE conference. SANSFIRE is the granddaddy training and informational conference put on by the SANS organization, with 28 different classes and a host of top notch presentations this year.

All the usual suspects were in attendance, such as Ed Skoudis, Mike Poor, Chris Brenton (who taught the track I was in), Dave Hoelzer, Dr. Eric Cole, and a giant cast of other information security notables. This year the conference was hosted once again by the Internet Storm Center, lead by Marcus Sachs and Johannes Ullrich, as well as many of the ISC handlers

Some evening highlights I was able to attend included:

  1. A State of the Internet Panel Discussion moderated by Marcus Sachs and paneled by nine of the Internet Storm Center Handlers such as Bill Stearns, Lorna Hutcheson, Adrien Du Beaupre, Jim Clausing, and Chris Carboni.
  2. A fantastic, and chilling talk by Lorna Hutcheson on the changing face of malware.
  3. A presentation by Dave Hoelzer on DAD, an open source and free log management tool for the Windows platform from Enclave.

All in all, the six days sure went fast and I'm looking forward to next years event and another mass injection of knowledge in the world of information security.

Tuesday, July 17, 2007

Military FTP sites

It's been reported that FTP file servers run by the military were discovered to be wide open, by reporters from AP, no less, allowing the download of maps of Iraqi military facilities, descriptions of security features and plans for infrastructure upgrades. The sites either had NO password protection (as if they should have been on publicly accessible FTP sites to begin with), or in one case, the password was included in another file on the server. If we are constantly losing the battle to secure sensitive data of national concern, how can we expect to win the real military battles being waged? This was not because of the techno kung-fu applied by uber hackers of malicious nation states, but because of simple sysadmin type negligence that should have gone the way of the dodo bird ten years ago. Maybe the solution is apply penalties in line with what this truly does, that is, put folks in harms way.

Blog Archive