To be honest, I do not have any single idea to write anything. The original idea is to have this bold large size fonts statement some sort like this ” I really want to enter a new post today but I took an arrow to the knee” but since I am not willing to be “facepalmed” from some of my colleagues who has this habit of visiting this blog instead of porn other interesting sites, I bribed by lazy mind to do this post with a dose of 9gag  :D

Since wifey keeps on teasing reminding me about my age whenever I forgot misplaced my things, let see how many significant events or milestones happened in 2011 that this old mind could recall

1. Wifey decided that beating the traffics and rushing to work is not a fun thing to do anymore, so she applied the housewife post and of course she got that job
2. Since she’s spending most of the time at home, she decided to venture into cooking and baking and of course as a loving, romantic and caring husband,  I got her an oven and the usual baking and cooking stuff.
   

   This is NOT my wife

3. Due to no (2), we as a family spent most of our time eating at home. I will have my dinner at home as well and try my best to finish the meal (since I have my dinner kinda late). If not she will tear me a new hole.
4. And due to (3), I used to weigh around 60kg but now my weight is around 70kg and it is not even a year (OK just a matter of few hours if not days but still..) Looking at weighing scale is not a fun thing as it used to be.
   

   Not my feet and not my weigh..

5. Since wifey now is a professional housewife, she has the luxury of monitoring our kids up close and personal. Some of her findings sometimes mind shattering a bit
6. My 9 years old daughter reaching puberty at such a young age and as a good mother, wifey always try her best to answer all the questions posed by my daughter. Sometimes she will use metaphor and there were times when the question will be answered straight to the point.
   

   This is NOT my Daughter!!

7. Both of my daughters already behave like young gals. Teddy bears, face cleanser, blab la.. Am I too slow or the time passes by in the speed of light
8. My twins, now 4 years old are too handful for their mother and for me as well. Having a stroll in shopping mall with the twins is like a traffic police trying to control a traffic full of Mat Rempits . Most of the time they will end up in the shopping trolleys. As much as we try to avoid the toy sections, it seems that they have this Toys Tracking System embedded in their brain. Both of them will shout and pointed to the toys section direction whenever we try to use a different route. It doesn’t matter whether we are at Giant, Tesco or AEON Jusco (since those are the nearest shopping malls), they always get their Toys bearing right.
   

   This IS My Twins

9. Because of (1 until 8), in my 7^th year working at this company, I surprised myself with one action which I believe was a right move. Heck I still believe it is the right move. Well since I still the company and will celebrate 8^th anniversary of working at this company (hopefully la) I don’t think I should elaborate more
10. Some scary stuff is when the tsunami hits Japan back in March 2011 and my younger brother happened to study at one of the area affected by the earthquake and tsunami. From his recollection of events, he experienced the earthquake while taking his bath and what he did at that time is to hold on tight to the wall of the kolah(kolah in English is?). I can’t remember whether he managed to grab the towel or not. I didn’t ask. Thankfully his housing area only affected by the earthquake but not the tsunami. Oh, by the way it happened that my brother supposed to be graduated on the tsunami day The only silver lining emerge from this catastrophic event is I got myself an XboX 360 courtesy from my brother. The only problem is I can’t use that Xbox since the power usage here is not what it’s like in Japan.
    

    From left: My younger bro, my sister, my mom and my dad at Japan. Mission : kemas rumah

    

    Not my house but my bro's. Somehow I do feel that perhaps the condition already like this even if there's no earthquake

    

    All of them need to clean up this mess. Thankfully the landlord is friendly and helpful

11. I’ve started to use twitter back and received some “response” from that
12. Regarding the Computing Professional Board Act proposed by Malaysian Govn, my view is simple. If you want to do something, do it properly and make sure that all the stakeholders to be consulted first.  Get your feet wet and dirty by talking/discussing directly with the parties involved in the industry and not totally listen and depends to your CONsultant. They are looking the financial aspect alone.
13. Oh yeah, why not the related ministry start to do some research and study on why the IT graduates failed to get a job. Why they failed to apply their knowledge in the real working environment. Somehow I do believe that we need to prepare those graduates on the reality of works. Well I did give some opinions and views during Faculty of Science and Technology of Islamic Science University Advisory Board Meeting last few weeks.
14. Yes, I am privileged and honored to be appointed as one of the Advisory Board members for the FST of Islamic Science University. Hopefully we can assist the Faculty and the university to produce quality muslim graduates.
15. I better stop now

Hey not bad for a guy who “I do not have any single idea to write anything” eh? Till next time. .. Hopefully

Last few weeks were kinda hectic for me. Right from doing something which I never did before (and thankfully I managed to execute that task accordingly) up to doing some investigation at one of the client sites at 4 in the morning (and at 9am of the same morning I had to do some presentation at one of the clients). I’m not only exhausted physically but emotionally as well. And yeah, during those hectic period, I just realized that my body is not as its used to be when I was 25. I tend to easily hurt my back and of course having two ultraman at home didn’t help either

YES. I did tender my resignation on 1st April 2011 and NO it ain’t one of my April Fool’s joke. Of course I went for interviews before I submit my resignation letters lah and Alhamdulillah, there are many offers on the table. I have my reasons for deciding to call it quit which of course I won’t reveal it here but once your heart decided that something need to be done to improve your condition, you got to do what you are suppose to do.

But now, instead of creating a similar posting like this, I decided to stay with the company that I have served for more than 7 years after a series of discussions. A series of discussion not only with the company, but with my financial minister as well.

So for those who can’t wait for me to leave the company, I am sorry to say that I am here to stay. Sorry guys hehehehe..

Now I have to finish all the works that pending due to the unforeseen event occurred last week.. Fuh..

Last weekend, I had a “old-friend-get together” session with one of my old friends nearby my house. He is one of my long lost friends and I can say that we shared a lot of experiences doing some naughty activities during our younger days.

He is totally opposite of me (used to be). I was a straight talker (Err I should use “am” but maybe it’s debatable) while he is more diplomatic, “cakap berlapik” thingy. I’m more “let’s go and do it now” while he is “Okay but let’s plan and think about the consequences (escape plans actually) first”.

So after exchanging the usual pleasantry, we start reminiscing the past activities and had a good laugh about it. The of course we touched about our current life and careers. Kinda surprise when he mentioned that he already surpass me on the number of companies that listed in his CV as former employer. When I asked him why, this is his answer;

“I work for money. For loyalty get a dog. For ‘Bear with us statement’ get a bear“

I just laughed so hard that I accidentally spilled my nescafe on the table.

Have to give that statement an exit 0

Perhaps next time I need to be a lil bit tactful with my wordings.

Or maybe not hehehe

I spent most of my time at the main office compared to the client site last week. I wish I haven’t do that since I get lots of other works.. Lesson learned. Anyway it also means that I can have nice conversations with my colleagues on the gossips current news. Among other things that we’ve talked about is on the headache that both of us is facing currently about improving our analyst’s capability, skills and knowledge. Other topic which is kinda fascinating is the way of how our company’s ex-staff behave whenever they need to deal with our company in their daily business.

Some of them seems like having a bad feeling towards the company and of course I have no idea on what they’ve experienced during their working years/months in the company. My colleague relate to me on some unwarranted remarks or unpleasant comments made by them. Of course since some of them are our clients/potential clients, these remarks or comments in my opinion perhaps can have some negative impact on us.

I am not defending the company as I also have some unpleasant moments and experiences while working here. And yes I do sometimes feel that I do deserve more or it seems that my works is not being appreciated by my superiors. But then that’s my personal opinion and perhaps my bosses have other reasonable explanation on why they act like that.

IF I have an opportunity to grow/move/enhance my career to other places, of course I will leave in good term. I do realize and have to admit that without the opportunity given by my current company, I won’t be what I want to be and get other opportunity. I’ve learned a lot during the past 7 years and will be eternally grateful for all the experience, skills and knowledge that I’ve gained while working here. I always remember my beginning when I was a relatively new and kinda dumb when I first joined the company. In 2004, security is a relatively new for me. Looking into security events and distinguishing between false positive and actual events requires a lot of works. I had to double my effort in order to improve my knowledge, skills and other capabilities and I really had to live up to the security analyst title. After 7 years, I can’t say I’m good but what I can claim is that I am far better than I was in 2004. I never expect myself to conduct trainings, giving talks, doing presentations, doing some analysis and studies(I wont call it research), travels to other countries, lead a team for a multimillion project and many more. Those are some of the tasks that I am doing now.

My point is simple. We can easily find our head among the clouds when we feel that we have improved significantly, when people start making you as their reference points (even from master students) and feel that we’ve achieved this without anybody’s help. And we do feel that we are bigger than our current department/company (I am soooooooooo guilty of this ;P) But do remember that we will not be whatever or where ever we are now if not for the opportunity to grow that was given to us today/previously.

Every company has its own flaw/weaknesses and strength. the adage; “Love your job but not your company” perhaps is true but let we add one more line.

“Be grateful but not easily satisfied and don’t look back in anger.”

p/s: This entry IS NOT sponsored by my company OK? And NO, this is not an arrangement for me to get a raise haha

Just imagine IF you received this notification email:

Dear Sir,

We have detected scanning activity related to specific ports.This signature detects when a computer attempts to access more than 10 different TCP ports on the victim’s computer.

Severity : Medium

Port : 0

Events #: 50000

Corrective Actions: We will keep on monitoring traffic related to this event

“We will keep on monitoring traffic related to this event” can be considered as one of the corrective actions? )

p/s: No, it is not ours..

So since for this time our coverage is nationwide, we need to deploy a quite number of devices and servers at few locations (or exchange-this is what they called) and these devices and servers can only communicate via internal “cloud” and of course no external connection (to the internet I mean). The only machines that have connection to the internet is our workstation with our IP and MAC recorded and via proxy (non transparent). Meaning I can’t use my lappy and have to perform my tasks in the workstation. But sometimes when I really really really need to use the lappy, I have beat around the filtering system and perform my task. It’s not that difficult actually.

But then this kind of limitation that I have to face is good actually. It makes my brain working a lil bit and besides getting my tasks done as expected, I also find some time to do some study (I’m not gonna call it as research) on lot of things like the LOIC, sipvicious scanning traffic behaviors etc.

I discovered that I have to find a way to have my virtual machine boxes updated, installing the packages offline and many others. So overall in these limitations and difficulties, I can say it is a blessing in disguise. At least I can make use all the CLI and the scripting in good use Oh yeah, somehow I have ubuntu as my testing machine and heck, I have to “man” a lot besides googling. Why ubuntu? since that’s the only vm image that we have at the client site and I do not think any port install for my freebsd will works there.

No, this post title doesn’t has anything to do about me looking to add another “branch” OK? The one that I have is enough already. There’s no way I want to add another headache and even though I always listen to Mr. Salih Yaacob’s antics and his humorous quips in Sinar FM’s sinar pagi show on the radio every morning, I have to admit that I do not possess or intent to have the skills that he possessed (happily married with 3 wives that is).

This is more about the difficulty that I have to face. Currently I’ve been given the task to become the TECHNICAL team leader for our multimillion MSS project at one of the telecommunication companies in Malaysia. Why I emphasis on the technical thingy? Because it seems that currently the tasks that I’ve performed is beyond the technical aspects of the project haha.. Why? My friends, that will require one special post which I do not think will see the light of the day. I am not that stupid less clever you know..

Anyway, what I want to touch in this post is (I guess) the same thing that posted in many many entries in this blog; the human factor. On the non-human part, I think everything is within my control. Updating, configuring, installing, mounting servers and switches is not that difficult. There’s always mr google to provide useful/non-useful assistance. I bet that most of us and it doesn’t matter how many years that you’ve collected all the skills and knowledge in executing your tasks and jobs, you will look for mr google for some answers or references, at least once. No? You are lying (I guess I’d like to have Dr. Lightman’s skills in detecting liars from facial/body expressions. Don’t know what am I talking about? google “Lie To Me” ;P )

Human is totally different matter (of course). In my field at least here in Malaysia; to find a Security Analyst is similar like searching a man who REALLY understand his other half (Currently we dun have internet access and the twins smashed our laptop screen recently so wifey wont read this ). I didn’t say that there is none, but perhaps RARE ). It is not about lack of knowledge (there ARE many books or e-books about everything and there is google), skills (many many avenue to hone the skills, legally or illegal, underground or in the office, laptops/desktops-cheaper nowadays) but it is more about the ATTITUDE.

During Interview:

“Are you familiar with Linux or any UNIX variant type of Operating Systems?”

“Yes, I’ve used ubuntu for my desktop, redhat, centos, fedora and all the distros that you never heard of”

“Cool. Anyway, do you have any experience in networking? Designing, implementing or any other “ings” that you can think of?”

“Of course. I help setting up cybercafes, configuring the workstation, setting up the internet connection etc.”

“OK good. Familiar with any security devices and implementation like IDS, IPS, Firewalls, End point security etc?”

“Hell yeah. My final year project during my univ years was snort implementation as IDS / comparison between ipchains and iptables etc”

“OK”

On the job

“Bro, since I have a an important meeting can you please check whether the connection between our monitoring servers and our correlation engines? If the monitoring servers can’t retrieve the logs from the correlation engines, perhaps you should restart the service. But maybe you need to check the process list to make sure the service properly stopped and restarted. Also remember the ICMP is disabled in this network.”

“How can I do that?”

“Err remote login? Just use any SSH clients that you have”

“Err OK.. What kind of client?”

“I’m comfortable with Putty. But that’s me lah. I do not know about you?”

“Err OK. But there’s no reply when I tried to ping.. How to identify whether the monitoring servers can retrieve the logs or not?”

“Of course there’ll be no reply. Haven’t you listen what I’ve said just now? Use netstat and tcpdump then. Quite easy.”

“Net what? tcp what?”

“Never mind, I’ll call office telling them I have to miss that meeting…”

It seems that most of the young apprentice in my department using google for other things.. Sigh…

*The conversations above are purely fiction OK? It didn’t happen… …Exactly like that lah.. Hahaha

When I joined the current company, I was sent to a client site and spent 3 years there. I’ve learned a lot of things in those 3 wonderful years and yeah including starting a blog as well. At that particular place I think I’ve developed my technical and soft skills especially when dealing with people like how to scold people without letting them feel that they are being scolded. Also from that place I learned on the importance of team work and you are not Superman..

After that 3 years, I transferred to the HQ and again I saw that as an opportunity for me to enhance whatever I had (of course the opportunity to travel to other places as well

And now after 3 years spent at the HQ, I was given a task to establish and setup security monitoring & response team and facilities for one of our clients here in Petaling Jaya. I will spend the next two years here and even at this early stage of my tour of duty, I’ve gained and learned a lot of new things…

Kinda deja vu actually. It seems that all the things that I’ve faced/experienced/complained at the previous client site is happening again. You know the usual thing like how to improve your staff, how to be diplomatic, and yeah nowadays I need to juggle few tasks at my hand at one time. Maybe I should google and look for any vacancies at circus…