OSCP and Defcon26

First - I was thinking my OSCP course started on the 27th, nope it starts on the 19th.  I would have missed it except i decided to double check this morning.  I have to say these guys are kind of a pain in the ass.  Any link they send you is only open for 72 hours.  It's like screw you I am paying you for access to this stuff you bastards, but given that they are really the only game in town what can you do.

Second - This is freaking crazy

So of course I booked at the Linq.  May have to add days if I end up going to Blackhat too.

OSCP

Signed up for the Pentesting with Kali Linux course from Offensive Security.  Going to try for my OSCP.    If anyone has any hints, not cheats, but actual hints on good sources of info etc.  send them my way.

DefCon so far

As probably two of you (and by you,I of of course, mean the voices in my head) know, BlackHat and DefCon have been on my to do list for awhile.  This year I was finally able to make Defcon happen.  

It's been an experience, some good, some not so good.

First the not so good.

Lines - if you are old and fat like me, you won't like this part for sure.  Registration - 2 hour line, Swag room, minimum 2 hour line, Vendor room - line, attending a training session - stand in line to get in.

ICS Village - far smaller than I expected, but the ics wall was cool as hell.

People - most of the people I have met have been pretty cool, but there have been a few dicks, especially the first day.  My biggest disappointment people wise has been there are far fewer people I know here than I expected.  I thought I would run into a few real life acquaintances.  Just hasn't happened.  I have recognized a few people from the Layer One conference I went to in L.A. back in may and two people I follow on twitter.

Next the good -

Information - The couple talks I have been too were pretty good.  Not professional, beacuse they aren't professional speakers, but good info and pretty well presented.

Training - I only got into one session, but the 4 hours was pretty Info packed and the Cybati training module was pretty cool.  I wish it would have been full day, but what can you do.

People - both good and not so good.  A lot of the people here are really really smart.  (then there is me, total dumbass), and imaginative.  Seen some pretty cool wearables, some really cool shirt designs, heard some good music, and so on.  

That's basically it so far.  Having a good time, glad I did it.

Ready Player One Trailer

I have watched this video a few times now and while it looks good visually I am absolutely positive that this movie is going to blow fucking chunks.

If you have read the book and watch this video, you know what I am talking about.  If not read the book and then we'll talk.

Another Wallet Bites the Dust

My last wallet lasted me from 1987 to 2006, then I got this one.  I never really liked it as much as the older one but after a while it did it's job.  It's been held together with packing tape since 2012, but the tape is giving out and I needed RFID protection so I broke down and bought another new one.  It's a stafford trifold and it has an ill placed zipper that I think is going to break cards.  I am going to try it for a couple days but I am not holding out hope.

The old wallet in it's battered glory.

SANS Orlando 2018

I know we are just starting Blackhat / DefCon season, but I am wondering who is planning on going to SANS Orlando in April 2018 (no link available yet).  At this point I am.  It would be nice if we could kind of build a list and schedule some sort of meetup.  (Look at me pretending I have readers).  I have to start planning early so I can get a second job delivering pizza or something to pay for the trip.

The top three classes I am interested in:

ICS515 - ICS Active Defense and Incident Response
ICS456 - Essentials for NERC Critical Infrastructure Protection
SEC460 - Enterprise Threat and Vulnerability Assessment

but they haven't published the course list yet so who knows what will be offered.

Updates

Just catching people up -

Been a busy couple weeks.   I mentioned that I had onboarding training at work.  It sucked horribly and sucked the life from me.  Still recovering.

Since then I have been doing the Cyber-Physical Systems Security Course on Udacity.  It's not bad, but it's also not as in-depth as it could be..

Getting ready for defcon.  Mainly by imaging my laptop so that I can wipe it and restore when I get home.  I have a throwaway phone that I will be using while there and building the cash stash.

Finally, was in a car accident, got rear ended at a stoplight.  My car is still driveable, but it did get tore up some.  Trying to get that fixed.

So there you go a 5 minute update on my life.  I'll try and get back to the news roundups soon.

This is how I spent my high school years

I am in the yellow Marine Corps shirt.  This must have been 1981 (Jr. Year) so I am 16.  I am wearing glasses which I didn't have to do full time until then and I am drinking Miller which I couldn't afford until then.

The guy in the center of the picture is Chris from Carnifex.org and it's his picture (I blatantly stole it).  I'm guessing this was a Christmas party at his house, although in that time frame it might have been at Leigh Sampson's.

Harvard Business School Style Cyber-Security Case Studies

Recently I was reading "The Golden Passport" a history / critique of Harvard Business School and the overall deleterious (didn't think I knew that word did you?) effects it has had on American business.  On of the recurring themes is the prevalence of the case study at the school.  I had one class once upon a time that used a graphic novel version of a HBS case study on cyber-security but I was wondering if anyone knows of others?  On the off chance that anyone reads this and you do, please let me know.

In the meantime as I was searching I found this class syllabus from either last year or 2015 which looks like it has some interesting readings in it.

Update:  Harvard Business Review sells case studies.  I may buy one just to check it out.

ICS CERT Releases 2016 Assessment Summary Report

via

ICS-CERT conducted 130 assessments in the fiscal year 2016, which is more than in any previous year. Monitor newsletters published by ICS-CERT this year show that it has already conducted 74 assessments in the first half of 2017.

...

Similar to the previous two years, inadequate boundary protection remained the most common flaw – 94 discoveries representing more than 13 percent of all weaknesses identified during assessments. Boundary protection issues can result in failure to detect unauthorized activity in critical systems, and an increased risk to control systems due to the lack of proper separation from the enterprise network.

This may sound like a simple to avoid issue, but business demands and security demands often conflict and if you aren't very careful it's easy to breach your boundaries without realizing it.  (Or whoever is in charge just doesn't care, or the system was installed before control system security became a big deal and people don't want to mess with what's working. )