Extreme Tech Analysis by Wolf

The Atlanta SecureWorldExpo was really fun this year! I had a chance to catch up with some old friends and meet some great new people.
There was a snafu with the program, and my session was not on the paper schedule, though it was on the web site, so I was pleased to see anybody at all show up for my session on “Penetration Tools You Should Know.”

I figure the people who were planning to come to my talk should have even more benefit so I did a drawing for a signed copy of my book, Computer Security and Penetration Tools.  Jason Miller of ChoicePoint walked away with the prize.

I am looking for stories about insider threat right now, for a project to be finished later this year.  If you have one, let me know by email or add a comment to this post.  Since Insider Threats are the most prevalent of successful attacks on businesses today, I have been drilling down into the situations that make it possible and the many solutions available.

Just a quick idea.

Computer security is a habit.  There are a few things that need to be done consistently, and they are not difficult.  They are also not expensive.

• # Use a password on your computer.  These days, the threats you let in on your computer might be just bad habits your friends have.  You probably don’t distribute your car keys to all the people who come over to a party at your house, and you probably don’t want to allow anybody who comes over access to your personal stuff.  It’s none of their business.  The government has approved the airport search team to look at the content of your computer, if you are going on international flights.  This has obvious security and privacy issues, and if you have sensitive business files on your laptop or your home computer, you want them behind a password.  Unexpected users on your home machine might not be as careful as you are and you might collect spyware and worms from them going to unsafe sites. Read the rest of this entry »
  Book Mark it-> del.icio.us | Reddit | Slashdot | Digg | Facebook | Technorati | Google | StumbleUpon | Window Live | Tailrank | Furl | Netscape | Yahoo | BlinkList

I am going to be speaking at the Atlanta SecureWorld Expo. This is my third SecureWorld, and I have been going to the Expo since they started having them. I was asked to post the details of the talk and so here they are. My segment is part of the 2-day conference pricing structure (less than the cost of an hour’s consultation for 2 full days of great speakers and industry leaders), and I will be available in the Exhibit area much of both days. I am trying to secure a special rate for my readers here, and as soon as I can I will post the results.

Penetration-Testing Tools You Need to Know
by Wolf Halton - Author, Speaker, Researcher
(co-author of Computer Security and Penetration Tools)
11:30 AM - 12:15 PM
Ballroom C
April 29th 2008
Cobb Galleria Centre
Two Galleria Parkway
Atlanta, Georgia 30339
Telephone: 770-955-8000

TWO DAY CONFERENCE $195
Conference Sessions, Conference Keynote Breakfast, Conference Reception, Exhibits and Open Sessions (Includes Lunch & 12 CPE Certificate of Attendance)

SECUREWORLD + $695
Extended Training Opportunities - Includes Two Day Conference Tracks
(16 CPE Certificate of Attendance)

EXHIBITS/OPEN SESSIONS…FREE
Exhibits / Open Sessions (Available With Online or On-site Registration)

http://secureworldexpo.com

An Internet search can net you hundreds of penetration testing tools, but which tools are going to help you the most to protect your network? What tools would you use in conjunction to see what was really going on in your wired network. The tools must be easy to use, and it must provide the best test you are capable of. Wolf Halton, security expert and open-source consultant, is here to set the story straight by giving you a “How to” virtual demonstration using the two best penetration tools available.

The Open Source movement has raised fear in the hearts of the closed-source traditional community. They consider the mere concept of making source-code readily available to be equivalent to letting people steal their corporate intellectual property. In response to this fear, software manufacturers have spent huge sums of money to infect you with this fear and make you suspicious of open-source projects and doubt the prudence of using open-source software in your organizations. Mostly, open source software distributors have not risen to the challenge to refute the claims. Wolf Halton, security expert and open-source consultant, presents The Seven Security Secrets of Open Source, to show you ways to improve profitability and lower the costs of doing business by using Open Source software.

Though my segment is non-free, the open Exhibit speakers are good.
OPENING KEYNOTE April 29, 2008
(Open Session) 9:30AM
Jeff Bardin, Director, Risk Management, EMC2
Cyber Jihad

April 30, 2008
INFRAGARD KEYNOTE BREAKFAST
(Open Session)
Keynote Speaker 9:30AM
Johnny Long, Professional Hacker,
Author & Researcher
“No-Tech Hacking”

LUNCHEON KEYNOTE 12:30PM
(Open Session)-Paid Conference Includes Lunch
Gordon Mitchell, President, Future Focus
How to Become A Counter-Spy in Three Easy Steps

LUNCHEON KEYNOTE 12:00PM
(Open Session)-Paid Conference Includes Lunch
Roger G. Johnston Ph.D., Manager, Vulnerability Assessment Team
Smirking and Vulnerability Assessments

So look at the SecureWorldExpo site for all the details. I look forward to seeing you there!

There is a new project at http://lsc.hsi-us.com/tiki-index.php All about the similarities and differences of the command-line language for Solaris and Gnu/Linux. Go see! It is a project at its infancy, so come help change the diapers and feed it!

This phishing email is very creative but not exceedingly believable. I thought it was one of the funniest I had seen for a while. It is an interesting title, however, as it contains an implicit call to action. A good marketer with the right product could do some good with this title. THe phishing contents were a bit of a let-down, as story-lines go.

I have put up a web site called http://goodcoffeedirect.com/  My talent lies mostly in getting the sites working, and so this is an interesting one for me in that I am having to figure out how to market the site.  I have done a lot of reading on this topic, but this is really the first time I have taken a site into the category of successfully making sales.  Usually, the people I made sites for would handle that themselves.  Since this issue will be almost entirely about marketing and how to do it, I am doing this one at my blog on http://www.mymarketingmafia.com

If there is an interesting part that is more tech than marketing, I will write it up here.

Maintenance on web pages usually costs $125, but I have managed to negotiate a rate of $100 for one page development or maintenance! This is a 20% savings, just for my loyal readers. Just enter the detail of what you want us to do for you and click the “Pay Now” button.

The Storm Worm loves holidays. Storm Worm is a code name for a particular bot-net. A bot-net is a large group of zombified computers that are 0wned by some shadowy person without the knowledge of the people who actually have the computers. Bot-nets do a few things. What Storm Worm’s 0wners like to do is send out buckets and buckets of spam. These are not all the same kind of message, there are several, but all I want to tell you about is the postcard variants. Read the rest of this entry »

Marketing-speak 101 Word for the day: Actionable

Defining IT’s Role in Actionable Sales Planning

This is an actual title I received from one of the white-paper producers to which I am subscribed. By reading into the various articles it is plain that they believe this word “Actionable” has something to do with being active or producing an effect. It doesn’t mean that at all. Read the rest of this entry »

Well, with all this spare time surrounding the Christmas Season, I thought I would look into ways that you or I could get useful traffic to a blogging web site. I bought the source codes from Mark Joyner’s last, extremely successful, web business Aesop.com and found it very interesting and useful. I have used variations of his code on various pages since I got it in 2003. So Far I have made no real attempt to take over the blogosphere, but now Mark has put out a beta version of a blogging course from his Simpleology site. Read the rest of this entry »