Ayoi's

Finally, I’ve received my GIAC GCIH Certificate this morning. The best thing is GIAC took all the trouble to make sure that any GIAC certification holder not only receive their certificate but also received their respective certificates in frame. Well I did see one of my colleagues CEH (Certified Ethical Hacker) certificate and to be honest and no offense to their holders, it looks like what Nisha’s got when she graduated from her kindergarden school.

Now my GCIH certificate is on display temporarily along with my books and other precious possession on my table at the office. Kudos to GIAC for their effort.

Hopefully this shud be a good indication of better things to come in 2009

When I visit SANS Handler’s Diary today, there’s only one short entry by the Handler of the day; Jim Clausing. That post is regarding one website that provides cheatsheets on the network protocols and some challenge as well. So I browse into that website and heck, it is very informative and useful. If you’re into network thingy like protocols, design and others, I recommend that you bookmark it. The name? Packetlife.net.

p/s: Now I know that RJ45 is not the name of that connector actually .

This is NOT UTMS

Unified Threat Management System or UTMS. Yup, that’s the new hype now. Who needs separate box for firewalls, IPS, IDS, Anti-Virus, Spam filter, VPN, DNS, Mail server and many others when you can have it all in one bundled up in one machine or box? Just like nowadays, we can have a machine that can be our fax machine, scanning documents, printer and as a photocopier as well. Cool eh? Yeah cool until a simple power failure will render that huge machine useless..

(more…)

The talk that I’ve presented during Infosec.my technical forum this year is Network Security: 3 Key Elements where the key elements are process, technology and Human. I have the idea to give presentation on that topic based on my observation and experience in this field (OK not that long though). Most of our competitor emphasis on how advance their technology is when managing their clients network security. Well I am from the old school in this field where I believe technology is only to assists human in performing their tasks. From the email that I received this morning, I know how right I am in this matter..

(more…)

Most of the time whenever I have meetings with clients, the topics will be based on penetration testing, system hardening and some about having monitoring services as well. OK, that because the purpose of having those meetings are to discuss on that topics anyway. But then they( the client of cause) somehow never mention about their response if there’s any incident occurrs. Yeah they did mention about the SLA or SLG but it concentrates more on the escalation process between MSSP and them. Most of the time, we have either little or no idea on how they perform any form of response or handling on the reported incidents detected.

(more…)

Yeah, that’s me

picture from www.Magnistudios.com

Yeah.. one of the reasons why I didn’t manage to go to the office today. To be honest there are other factors but those factors can be KIV’ed but this one is beyond any KIVs or suppressions.

(more…)

Not at my current company, but at General Electric in United States. The position? Incident Handler with Reverse Engineering/Malicious codes analysis skills (intermediate to advance). IF I did have the skills of Mr.Bejtlich and Mr Ed Skoudis, I will definitely apply for that post. For time being better for me to continue my Football Manager campaign complete reading and studies on the topics that I’ve started before. Btw, I yet to sit for the GCIH exam.

Anyway if you have what it takes for that post (it will be based in Cincinnati) please read GE Director of Incident Response’s blog here

Spent most of my after lunch time doing my SANS GCIH Practice exam. It has 150 objective type of questions and must be completed within 4 hours. Initially I want to go through the practice exam in October or November, but then what the heck, I just want to get used with the type of questions, exam format etc so I can make appropriate notes on the subject.

(more…)

I think this is one of the most overlooked items when putting machines/systems/application on the wire. Perhaps when we build up as example a machine that will host web applications that will be offered to the public via internet, or for our business partner via extranet and perhaps for internal purpose only via Intranet, we might concentrate on the auditing the source code to eliminate any possible flaws, opened ports, necessary services required to run on the machine, platform harderning and many others.

(more…)