Wednesday, April 19, 2017

Yet Another Reading List - Defcon Centered

I am planning on attending Defcon this year so thought I would post this reading list, which was compiled from the Defcon reading list, The JSOC Cybersecurity reading list, The US Army, USAF, USN and USMC Cybersecurity reading lists, The DHS list and a list from Small Wars Journal:

151 Items

Burning Chrome by William Gibson
Che Guevara and the FBI: U.S. Political Police Dossier on the Latin American Revolutionary by Michael Ratner
Cheating at Blackjack Squared: The Dark Side of Gambling by Dustin D. Marks
Colossus And Crab by D.F. Jones
Colossus by D.F. Jones
Colossus the Forbin Project by D.F. Jones
Colossus Triology: Colossus, The Fall of Colossus and Colossus and the Crab by D.F. Jones
Competitive Intelligence : How to Gather, Analyze, and Use Information to Move Your Business to the Top by Larry Kahaner
Compilers: Principles, Techniques, and Tools by Alfred V. Aho, Monica S. Lam, Ravi Sethi, Jeffrey D. Ullman ISBN-13: 978-0201100884
Computer Networks (5th Edition) by Andrew S. Tennebaum, ISBN-13: 978-0132126953
Corporate Espionage: What It Is, Why It's Happening in Your Company, What You Must Do About It by Ira Winkler
Count Zero by William Gibson
Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses by Ed Skoudis; Tom Liston
Counterstrike: The Untold Story of America's Secret Campaign Against Al Qaeda by Eric Schmitt
Cracking the Coding Interview: 150 Programming Questions and Solutions by Gayle Laakmann McDowell, ISBN-13: 978-0984782802
Credit Power!: Rebuild Your Credit in 90 Days or Less by John Q. Newman
Cryptonomicon by Neal Stephenson
Cyber Adversary Characterization: Auditing the Hacker Mind by Tom Parker; Marcus H. Sachs; Eric Shaw; Ed Stroz; Matthew G. Devost Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats by Will Gragido; John Pirc
Cyber War: The Next Threat to National Security and What To Do About It by Richard A. Clarke; Robert Knake
Cyberpower and National Security by Franklin D. Kramer (Editor); Stuart H. Starr (Editor); Larry Wentz (Editor)
Cyberpunk: Outlaws and Hackers on the Computer Frontier by Katie Hafner and John Markhoff
Cybersecurity and Cyberwar: What Everyone Needs to Know by P.W. Singer
Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World by Bruce Schneier
Defeating Adversary Network Intelligence Efforts with Active Cyber Defense Techniques by Keith A. Repik
Design and Analysis of Knowledge-Base Centric Insider Threat Models by Qutaibah Althebyan
Diamond Age by Neal Stephenson
Do Androids Dream of Electric Sheep by Phillip K. Dick
Ender's Game by Orson Scott Card
Exponential Organizations: Why new organizations are ten times better, faster, and cheaper than yours (and what to do about it) by Salim Ismail
Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet by Joseph Menn
Friendly Spies: How America's Allies Are Using Economic Espionage to Steal Our Secrets by Peter Schweizer
Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It by Marc Goodman
Future Noir: The Making of Blade Runner
Ghost Fleet by P. W. Singer; August Cole
Ghost in the Wires by Kevin Mitnick; William L. Simon (As told to); Steve Wozniak (Foreword by)
Hackers: Heroes of the Computer Revolution by Steven Levy
Hacking Exposed 7: Network Security Secrets and Solutions by Stuart McClure; George Kurtz; Joel Scambray
Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions by Slava Gomzin
Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson, ISBN-13: 978-1593271442 , available in paperback
Heavy Weather by Bruce Sterling
How to Investigate Your Friends, Enemies, and Lovers by Trent Sands, John Q. Newman
I, Robot by Issac Asimov
Idoru by William Gibson
In the Beginning...was the Command Line by Neal Stephenson
Industrial Automation and Process Control Security: SCADA, DCS, PLC, HMI, and SIS by Tyson Macaulay; Bryan L. Singer
Information Warfare: Chaos on the Electronic Superhighway by Winn Schwartau
Inside CIA's Private World: Declassified Articles from the Agency`s Internal Journal, 1955-1992 by H. Bradford Westerfield
Inside Cyber Warfare: Mapping the Cyber Underworld by Jeffrey Carr
Inside the CIA: Revealing the Secrets of the World's Most Powerful Spy Agency by Ronald Kessler
Interface by Neal Stephenson
Islands in the Net by Bruce Sterling
Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground by Kevin Poulsen
Leadership BS: Fixing Workplaces and Careers One Truth at a Time by Jeffery Pfeiffer
Learn You a Haskell for Great Good!: A Beginner's Guide by Miran Lipovaca, ISBN-13: 978-1593272838
Legion of the Damned by William C. Dietz
Lethal Interface by Mel Odom
Level 4: Virus Hunters of the CDC by Joseph B. McCormack, Susan Fischer-Hoch
Little Brother by Cory Doctorow
Lobbying and Policy Change: Who Wins, Who Loses, and Why by Frank R. Baumgartner
Man Plus by Frederick Pohl
Managing the Insider Threat: No Dark Corners by Nick Catrantzos
Mars Plus by Frederick Pohl
Masters of Deception: The Gang That Ruled Cyberspace by Michele Slatalla and Joshua Quittner
Mona Lisa Overdrive by William Gibson
Neuromancer by William Gibson
Newton's Telecom Dictionary: Telecommunications, Networking, Information Technologies, the Internet, Wired, Wireless, Satellites, and Fiber by Harry Newton
No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State by Glenn Greenwald
Out of the Inner Circle: The True Story of a Computer Intruder Capable of Cracking the Nation's Most Secure Computer Systems (Tempus) by Bill Landreth
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software by Michael Sikorski and Andrew Honig, ISBN-13: 978-1593272906
Predicting Malicious Behavior: Tools and Techniques for Ensuring Global Security by Daniel Jackson; Gary M. Jackson
Privacy on the Line: The Politics of Wiretapping and Encryption by Whitfield Diffie, Susan Landau
Privacy Power: Protecting Your Personal Privacy in the Digital Age by Trent Sands
Python Essential Reference (4th Edition) by David M. Beazley, ISBN-13: 978-0672329784
Radio Monitoring: The How-To Guide by T.J. Arey
Retrofitting Blade Runner: Issues in Ridley Scott's Blade Runner and Phillip K. Dick's Do Androids Dream of Electric Sheep?
Reverse Deception: Organized Cyber Threat Counter-Exploitation by Sean Bodmer; Max Kilger; Gregory Carpenter; Jade Jones; Jeff Jones
RFID: MIFARE and Contactless Cards in Application by Gerhard Schalk
Rtfm: Red Team Field Manual by Ben Clark, ISBN-13: 978-0321444424
Sams Teach Yourself Networking in 24 Hours by Uyless Black; Uyless D. Black; Joseph W. Habraken
Scanner Modifications And Antennas by Jerry Pickard
Scanners And Secret Frequencies (Electronic Underground S) by Henry Eisenson
Schismatrix Plus (Complete Shapers-Mechanists Universe) by Bruce Sterling
Secrets and Lies: Digital Security in a Networked World by Bruce Schneier
Secrets of a Buccaneer-Scholar: How Self-Education and the Pursuit of Passion Can Lead to a Lifetime of Success by James Marcus Bach, ISBN-13: 978-1439109090
Selected Stories of Philip K. Dick by Phillip K. Dick
Skunk Works: A Personal Memoir of My Years at Lockheed by Ben Rich
Smart Card Developer's Kit by Scott Guthery, Timothy Jurgensen
Smart Casino Gambling: How to Win More and Lose Less by Olaf Vancura
Smart Drugs II (Smart Drug Series, V. 2) by Ward Dean, John Morgenthaler, Steven Fowkes
Snow Crash by Neal Stephenson
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Spy Catcher: The Candid Autobiography of a Senior Intelligence Officer by Peter Wright
Starship Troopers by Robert Heinlein
Stealing the Network: The Complete Series Collector's Edition, Final Chapter, and DVD by Ryan Russel, Ido Dubrawsky, FX, Joe Grand, Tim Mullen, ASIN: B006NV2EGI
Strategy: A History by Lawerence Freedman
Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw - By the Man Who Did It by John Markhoff and Tsutomu Shimomura
TCP/IP Illustrated, Volume 1: The Protocols (2nd Edition) (Addison-Wesley Professional Computing Series) by Kevin Fall and W. Richard Stevens, ISBN-13: 978-0321336316
The Age of the Unthinkable: Why the New World Disorder Constantly Surprises Us And What We Can Do About It by Joshua Cooper Ramo
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers by Kevin Mitnick
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities by Mark Dowd, John McDonald, Justin Schuh ISBN-13: 978-0321444424
The Basics of Hacking and Penetration Testing, Second Edition: Ethical Hacking and Penetration Testing Made Easy by Patrick Engebretson, ISBN-13: 978-0124116443
The CERT Guide to Insider Threats: How to Prevent, Detect, & Respond to Information Technology Crimes by Dawn M. Cappelli; Andrew P. Moore; Randall F. Trzeciak
The Cuckoo's Egg:Tracking a Spy through the Maze of Computer Espionage by Cliff Stoll
The Cyberthief and the Samurai by Jeff Goodell
The Defense of Hill 781: An Allegory of Modern Mechanized Combat by James R. McDonough; John R. Galvin (Foreword by)
The Dictator's Handbook: Why Bad Behavior is Almost Always Good Politics by Bruce Bueno de Mesquita
The Difference Engine by William Gibson
The Failure of Risk Management: Why It's Broken and How to Fix It by Douglas W. Hubbard
The Fall of Colossus by D.F. Jones
The FBI: Inside the World's Most Powerful Law Enforcement Agency by Ronald Kessler
The Forever War by Joe Haldeman
The Fugitive Game: Online with Kevin Mitnick by Jonathan Littman
The Grey Line: Modern Corporate Espionage and Counterintelligence by Andrew Brown
The Hacker Crackdown: Law And Disorder On The Electronic Frontier by Bruce Sterling
The Hacker Playbook: Practical Guide To Penetration Testing by Peter Kim, ASIN: B00N4FG6TW
The Innovator's Dilemma: The Revolutionary Book that Will Change the Way You Do Business by Clayton M. Christensen
The Lean Startup by Eric Ries
The Mossad: Israel's Secret Intelligence Service: Inside Stories by Dennis Eisenberg
The Puzzle Palace: Inside the National Security Agency, America's Most Secret Intelligence Organization by James Bamford
The Shadow Factory: The NSA from 9/11 to the Eavesdropping on America by James Bamford
The Singularity Is Near: When Humans Transcend Biology by Ray Kurzweil
The spy catcher trial: The scandal behind the #1 best seller by Malcolm Turnbull
The Starfish and the Spider: The Unstoppable Power of Leaderless Organizations by Ori Brafman
The Tangled Web: A Guide to Securing Modern Web Applications by Michael Zalewski, ISBN-13: 978-1593273880
The Ultimate Scanner: Cheek 3 by Bill Cheek
The Underground Database (The Electronic Underground, Vol 1)
The VALIS Trilogy by Phillip K. Dick
The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen by Jonathan Littman
True Names...and Other Dangers by Vernor Vinge
True Names: And the Opening of the Cyberspace Frontier by Vernor Vinge
Unrestricted Warfare: China's Master Plan to Destroy America by Qiao Liang
Virtual Light by William Gibson
War by Other Means: Economic Espionage in America by John J. Fialka
When Sysadmins Ruled the Earth by Cory Doctrow
Where Wizards Stay Up Late: The Origins Of The Internet by Katie Hafner
Wired for War by P. W. Singer
Zodiac( The Eco-Thriller) by Neal Stephenson

Thursday, April 13, 2017

SANS ICS 410 ICS / SCADA Security Essentials Day 6

#SANS2017 Class Day 5.  Finishing up encryption from yesterday,  Starting ICS Security Governance today.

Early start today so people can get out of Orlando.

My new true love Amanda abandoned me last night so my world is shattered this morning.  Oh well. Back to the rain and clouds tomorrow :-(

Wednesday, April 12, 2017

SANS ICS 410 ICS/SCADA Security Fundamentals Day 5

#SANS2017  Class Day 4.  Nothing new to report.  Yesterday was all about ICS Servers and Workstations with an afternoon diversion into Falconry.  Again none of it was really new material but the class kind of pulls it together with a slightly different perspective.  Good refresher and thought provoker.

The big thing yesterday was the vendor expo with free lunch.  I didn't have a voucher but they let me eat anyway.  Can't beat that with a stick.

After class I ran back to my hotel and got something to eat at Twin Peaks across the street.  The food kind of sucked but I am now in love with the bartender Amanda.  Her boyfriend probably disapproves but our love will prevail.

Also attended the SANS at night session on operating an ICS / SCADA SOC.  Very good talk with a slightly different philosophy from our instructors, not in conflict really just a little different emphasis.
Overall still happy with the expenditure but now I hear there is a 60000 person Star Wars convention here tomorrow and I am thinking maybe I invested my money poorly.

Tuesday, April 11, 2017

SANS ICS 410 ICS/SCADA Security Essentials Day 4

#SANS2017 Again Day 3 of class since I am counting from the day I arrived and picked up class materials.

Mostly more of the same yesterday.  Lecture same exercises using the Modbus simulator , some google hacking, an introduction to shodan, a sql injection / sqlmap exercise and password fuzzing. Again nothing super new but good reinforcement and refreshers.  Mostly we discussed ICS attack surfaces with some discussion of defense.  I have to say with the time difference I am feeling a little wiped out.

Today we start defending ICS workstations and servers so basically windows and linux hardening.

So far I am still pretty happy with the decision to attend, but again this is probably the last SANS event I will ever attend.  The price point is just out of range unless I get on with a company that will pay for it.  Since I am the living embodiment of the Dunning/Kruger Effect that is unlikely.

No pictures today.  Sorry I am scum I know.


Monday, April 10, 2017

SANS ICS 410 - ICS SCADA Security Essentials Day 3

#SANS2017 Well day 3 if you count registration and the open bar.  Day 2 of classes.

Probably a few (read none) of you know that I was having doubts about attending this course.  On the one hand it is very germane to at least my current job and it is being taught by the guy (Justin Searle) who literally wrote the course.  On the other hand I am burning all my PTO and spending a huge amount of money that I am never getting back to attend (yes I am an idiot and paid out of pocket).   So far the trip has been worth it.

Class Day 1 didn't really cover anything I didn't know, but it was good reinforcement.  We did have some fun programming a cheap little PLC and then building an HMI for it.  We moved thru the material pretty quickly but it was all understandable.  And the instructor is good.

Besides the regular instruction I went to the Keynote.  The speaker (Eric Conrad) was pretty entertaining and the talk was good.  Unfortunately it just made me realize how poorly the places I have worked are utilizing SIEMs.

Downsides -  First the parking situation here is horrible and on top of that expensive.  Second, that keynote was hidden way the hell away.  I swear to God, I walked the two miles from my hotel to the Hyatt and that took less time than walking from the hotel doors to the room where it was being held. I swear it was 2 miles into Georgia.  I think the organizers were inspired by the Bataan Death March.

I already tweeted about the great coffee spill of 2017 and my social gaffes (they said, get comfortable so I took my pants off.  Who knew that was wrong).

The view from my hotel

Tuesday, April 04, 2017

Brett Easton Ellis on Trump Derangement Syndrome; Also H1-B changes that are probably scaring the shit out of people

I am not a huge Brett Easton Ellis fan, just like I am not a huge Trump fan; both will occasionally say something I like or at least agree with, but so did Obama.  That said the first 35 minutes of  this podcast  contains the best response to Trump Derangement (or Depression - you chose) Syndrome I have heard so far.

Well worth a listen.

So there's one thing that has been happening.  Number 2 - Changes to the H1-B program.

First off, low / entry level programmers or developers may no longer be eligible for the visa without additional justification.
In a March 31 policy memorandum, the USCIS said a computer programmer with an ability to use IT skill will not be sufficient. A petitioner “must provide other evidence to establish that the particular position is one in a specialty occupation”.
Second, The Department of Justice has warned companies against using the visas as a source of cheap labor and way to avoid hiring Americans.
"The Justice Department will not tolerate employers misusing the H-1B visa process to discriminate against US workers," said Acting Assistant Attorney General Tom Wheeler of DOJ's Civil Rights Division. "US workers should not be placed in a disfavored status, and the department is wholeheartedly committed to investigating and vigorously prosecuting these claims."
Third, Enforcement priorities seem to be changing.
The measures announced by DHS on Monday focus on site visits by U.S. authorities to employers who use H1B visas.
In future site visits, U.S. Citizenship and Immigration Services agents will investigate incidents where an employer's basic business information cannot be validated; businesses that have a high ratio of H1B employees compared with U.S. workers; and employers petitioning for H1B workers who work off-site.
An immigration lawyer at linked at Hacker News says that this isn't really a change.

The new memo issued Friday rescinds that old memo and basically reminds officers that they must look at the particular position and its job duties to determine whether it meets the definition of specialty occupation, rather than relying solely on the OOH. I think the main issue with the old memo was that it gave kind of a blanket statement that all programmers should be specialty occupations.

The new memo does not change the rules, it just reminds us that a petitioner must be able to establish that a particular position qualifies as a specialty occupation in order to be eligible for the H-1B visa.

In any case it is the most exciting thing that has happened for awhile.