Nowadays I’ve heard many rumours.. Some of them are totally bullshit and crap, some of them could perform some doubt injection in your confidence and some of them, unfortunately totally shaken you up.. I wish I could close my ears and ignore all these rumours..

For the first time in my life, I do feel lil bit insecure…

For me.. Nothing. Just like the same old 2008 and perhaps some of the previous years. Nothing changed besides the additional white hairs decided to make themselves more visible on top of my head. I have some expectation especially on my own self enhancement  and yeah as for my family standard of living as well. I also learned not to expect ANYTHING in current situation also and for that I need to plan for better future

So back to the original question.. What’s new for me in 2009? Getting myself busy with meetings either internal or external, applications evaluation and review, testing, some research, updating my CV devising new training regime, and yeah planning and EXECUTING the plan.

Sounds familiar? Well as those are the things that need to be performed on top of new tasks as well. Well that is the only aspect which is new currently. New additional tasks while everything else remain unchanged (I bet some of you – you know who you are- will laugh).

Rant on first few weeks of the year. Not bad

Today, me and my colleage from another department had one interview session with one of the local newspapers. Actually the topic is regarding the oldest trick in security which is Social Engineering. It’s fun and we make it as a knowledge sharing session and forum style just to get rid the formality and tense climate. Everything went well even though I have few things that I wanted to share but perhaps due to lack of short notes and time, I just simply forgot (my bad).

Mostly we explained and shared about our experience when dealing this attack technique. I guess most of us didn’t aware that almost everyday people performing social engineering activities either with or without them knowing it.

Hopefully the readers can learn few things especially on dealing with this kind of attacks in the future. Like the famous saying by whom I dun quite remember,

“The weakest link in ICT Security is the human”

After the interview. Photo shoot session

Photo shoot

Most of the times when I want to perform network and host assessment, the most common tools that I used are Tenable Nessus (I think everybody use this nifty tool), nikto, wikto and of cause the infamous HD Moore and Co’s metasploit framework among other tools. Even though my work and daily tasks are more into defensive posture especially on detection and response, but then I do believe in the importance of knowing and respect your adversary. Besides assessment is part of the security process, I think it is better for me to find any vulnerabilities that may exist on my systems instead of the “non users”

So I came across with OpenVAS tool when reading one of the emails in the bugtraq mailing list sent by Michael Wiegand of intevation.de announcing the new release of Open Vulnerability Assessment System (OpenVAS) on 17th December 2008. I just browse to their website and download all the necessary package to run this tool.

(more…)

For those who haven’t read this yet, I would recommend you to do so especially to those who possess the Nokia Series60 platform either 2.6, 2.8, 3.0 or 3.1 devices. It seems that your phone SMS/MMS capability will be disrupted or affected and most of the time the target will be the vulnerabilities that exist in Symbian 8 through 9.2. Even though other phone’s functionality will not be affected, still in this video it shows that even the phone switched off due to this hack.

So.. for further reading, just visit the Darkreading.com here or straight to the advisory produced by Mr.Tobias Engel. There is a list of all the phone models affected by this hack. That’s why I’m using Sony Ericsson though lol

Info on S60 platform can be found here

Dear Mr Sime Darby and the power brokers..

HANDS OFF IJN PLEASE…

Finally, I’ve received my GIAC GCIH Certificate this morning. The best thing is GIAC took all the trouble to make sure that any GIAC certification holder not only receive their certificate but also received their respective certificates in frame. Well I did see one of my colleagues CEH (Certified Ethical Hacker) certificate and to be honest and no offense to their holders, it looks like what Nisha’s got when she graduated from her kindergarden school.

Now my GCIH certificate is on display temporarily along with my books and other precious possession on my table at the office. Kudos to GIAC for their effort.

Hopefully this shud be a good indication of better things to come in 2009

Ahh… 2009. Another new year and perhaps thousands of people will start blurting their so called new year resolutions etc. Well I did stop making any new year resolution many many years ago because never once I managed to fulfill my so called new year resolution. LoL. It seems that on each of these new years, there is always another unfulfilled resolutions piling up on my head. So my last resolution is the only resolution that I managed to fulfill which is ” To stop making any new year resolution”. Anyway, despite this circumstances, I still want to wish all of you a Happy New Year. May 2009 be prosperous and peaceful to all of us. (I’ve celebrated my new year last Monday though)

(more…)

After two nice weeks of holiday, I am back at the office today. But not before me and wifey send Iman to the long awaited Kindergarden class and collecting Nisha’s last semester Report Card (and also purchasing her exercise books and other school items for next year – which is around the corner btw).

Anyway, what a way to enlighten my first day at work when I received an email from one of our clients.

” Dear *Ehem

We’ve discovered that there are two events that required immediate attention from our firewall logs.

Today 4:29:09 Firewall_ID SYN flood! From External_IP:Ephemeral_Port to web_server:http_over_ssl port, proto TCP (zone Untrust). Occurred 1 times.

Today 4:29:08 Firewall_ID SYN flood! From Another_External_IP:Ephemeral_Port to Web_Server:http_over_ssl port, proto TCP (zone Untrust). Occurred 1 times.

Did you guys detect these events or not? If not then please explain why? ”

I think I shud continue my vacation though…

http://smu.edu/newsinfo/stories/oldest-christmas-card.asp

I would like to wish the readers who celebrate Christmas a Merry, merry, merry, merry Christmas and Happy Holidays to you. May this day becomes the start of prosperous, harmony and peaceful years for all of us.

Take care and happy Holidays guys and gals