Most of the information about lisa09 is already mentioned by my colleagues Adam and Sjoerd in lisa-2009 and lisa09-02.
I want to mention some training sessions I attanted
- Dtrace course by Jim Mauro and a lot of extra information came from Richard Elling and 1 other Sun employee. Together they provided a lot of real world examples on how to use Dtrace. And nice details about how it works in the kernel. Everyone knows Dtrace from the youtube movie by Brendan Gregg more info on his blog. So now I should enable all Dtrace probes and start screaming in the datacentre and see if I was loud enough
- ZFS by Richard Elling, I never had time to look into this FileSystem before, so a great way to learn all about it in one day. One of the nice features is the buffering of disk-writes which gives a kind of breathing or heartbeat towards the disks. And with ZFS you can buffer writes to a solid-state drive before sending it to the “slower” disks.
- Jquery given by Tobias Oetiker,an easy way to build spiffy webpages that look the same on each browser. Like this demo . Got a really great explanation about the problem with the scope of variables in Javascript especcially because JQeury uses the “$” as a variable and how to get around it using a function. And there is a nice page with a lot of Jquery plugin material http://plugins.jquery.com.
- Nagios Advanced Topics by Sellens , I discovered that the feature I am still missing in Nagios isn’t build yet , having two nagios hosts loadbalance the load and keeping each other in sync. We already build our own solution of nagios hosts keeping eachother in sync only the loadbalancing part needs some work maybe I need to spend some time on reading the nagios mailinglist.
The Sun guys were really pushing or should I say selling opensolaris , well they were giving away a lot of opensolaris dvd’s and they mentioned the website http://www.solarisinternals.com/ a lot. Really cool to see all the buzz about an open system.
In the hotel I had breakfast with Mike Ciavarella, we spoke about his training session about documentation and how it would secure your job and even helps getting a better position.
Attended a lot of BOF Session , one of them was with D.Brent Chapman from Netomata. About the automation of network Configuration and Management it brought back a lot of memories of the times I was managing systems that configure and monitor ADSL modems. People just turn of their modem and I needed to figure out if this was an outage or a Human action, that was fun.
Sjoerd already mentioned the national democratic institute, what really stayed in my mind is that everybody is trying to encrypt as much as possible, and think about social engineering to get information. The people at ndi need to work different, they make sure never to encrypt stuff and be as open to the world to get their Institute accepted by getting trust from governments and groups in the difficult areas where they work. Every time when I use GPG to keep others from reading my data I think about the guy we met at Lisa09.
During a Google-Wave sponsored drink met some people from Research in Motion (RIM) that manage the linux servers that make all connections from the RIM towards google , msn etc possible.
So had a lot of fun at #lisa09 , and nice weather too.
LISA is for sure is sort of event where every geek will find himself like home. It is really good feeling to be surrounded by people who know stuff and enjoy technology everyday.
So LISA09 took place between 1 and 6th of November, 2009 in lovely Baltimore, MD. I chose to follow more the tutorials (trainings) path. Got five tutorials – one bad, two medium and two nice ones. The problem with tutorials is that sometimes they are very basic which I really didn’t expect to be a case on such event.
Read more…
Already three weeks back from Lisa, and after some gentle stimulation trying to write down my experiences of this event. For the people who don’t know LISA, LISA is the Large Installation System Administration conference, a whole week of talks, trainings and workshops about various subjects all related to the work of unix admins in big IT environments.
From what I understood from people who had been here previously, the attendee list was a lot smaller than previous years. But still, there were more than enough people to share a talk with. It was good to have the opportunity to talk to people working at some big and very known companies like Yahoo, Pixar etc. But also I met some people who worked for less know companies (at least for me) but maybe even more interesting companies, for example, the national democratic institute. A non-profit organization facilitating democracy in countries where democracy isn’t that natural as in most western countries. I don’t think a lot of system admins have to worry about problems like militia stealing servers from your datacenter.
The first 5 days I followed a set of trainings, some days training for the whole day, some days a morning and an afternoon session. In general I was a bit disappointed by the trainings, they covered a lot of basic stuff, a whole day can be a very long sit for just 2 new bits of information. But a few sessions were quite interesting and/or entertaining.
Read more…
Subtitle: Why we should be fully-updated on this topic: InfoSec players, Finance world, citizens
Raoul is a member of UNICRI (http://www.unicri.it/), a United Nations crime and justice research institute.
Unicri research technology as well, because if normal people use technology, the bad guys use it as well.
“Every new technology opens the door to new criminal approaches”
In the 70s the first wave of hackers where searching for knowledge. In the early 80s the second wave of hackers was driven by curiosity. The third wave of hackers in the 90s where eager to hack and started to exchange information. The first communities where created. The current fourth wave is now driven by anger and money. Hacking has met politics (hacktivism) and money (cybercrime).
Why is cybercrime on the rise?
1) There are more and more targets, thanks to broadband
2) A need to make money, think economical crisis
3) Hacking got easier, 0-day attacks and skimmers can be easily bought online.
4) Fall guys are easy to recruit, e.g. for money laundering
5) The criminals think they cannot be caught
6) There is no violence, no need to face your victims
Read more…
The Tor project is a non-profit organization that has a full documented network that provides anonymity and privacy by design and is fully documented. Tor is funded by both the US DoD, EFF, Voice of America, Human Rights Watch, Google, NLnet, and you?
Tor is really a community of developers and volunteers and is still looking for developers and volunteers to enhance themselves.
Top countries in the world in bandwidth:
• Germany
• USA
• Netherlands
• France
• Sweden
Anonymity means different things to different people:
• Private citizens – Privacy
• Government – Traffic analysis resistance
• Human rights activists – Reachability
• Businesses – Network Security
Read more…
Subtitle of the talk: Making sense of new critical infrastructure threats
The talk is about the “Smart Grid”. The key components are and advanced metering infrastructure, Transmission and distribution and generation of electricity.
Advanced Metering Infrastructure enables two way communication between the meters in your home and the power company. It offers the following features:
• Load control works like this: Some power offer a discount in return for control over the thermostat of your AC or by allowing them to turn off your clothes dryer during peak hours. The main reason for this is officially to prevent black outs, but it can be used to prevent penalties as well.
• Demand response: It allows for dynamic rates to be loaded to your meter.
Why move to a smart gird?
• Energy conservation
• Cost reduction
• Improved Reliability of Delivery
Smart Grid security is significant because it has national security implications, because there are millions of entry points into the grid.
Read more…
Pavol started by showing the cards he cracked that same day at the conference. Two Polish public transport cards, one Slovacian public transport card and, by coincidence, a Dutch Public Transport Card.
He also released, into open source, an offline MiFare cracking utility that can be used to crack any MiFare card for 30 euros and with just a few hours of work.
In the past MiFare’s encryption technology, Crypto1, was only available in hardware and thus survived for a surprisingly long time.
Pavol explained how his program can computer derived keys from the main key by using the time distance between the keys.
For those people that dodn’t know. MiFare Classic can be cloned in 99.6% (Except for sector 0 that cannot be written) a ProxMark3 card emulator can emulate all cards 100% perfect.
There are currently three countermeasures:
1) User safe cards (Mifare Plus/Mifare Desfire or other)
2) Use decrement counter protection (workaround)
3) Use online checking
Read more…
Today I presented about the TLS regenotiation vulnerability I blogged about earlier.
You can download the slides below:
Special thanks to Marsh Ray for his suggestions and corrections.
Since it became apparent that the next version of AutoNessus was going to outgrow the reference to Nessus, Tennable’s Network Security Scanner, due to the inclusion of other scanners such as OpenVAS, NMAP and Nikto, the author of the program, Frank Breedijk, decided to start a contest for a new name.
On the 19th of November Frank Breedijk announced that Jason Mansfield, who runs the website http:/clinicallyawasome.com, has won the contest by sending in the name Seccubus. A bottle of Vueve Clinquot champaing will be sent to him shortly.
The author has provided the following explanation of the name Seccubus:
Read more…
