Posted March 30th, 2007 by

Good things are afoot.  DISA has a SRR Lite CD that has all of the tools that you would need.

Similar Posts:

Posted in DISA, Technical, What Works | 3 Comments »

Wiebetech MJ-1

Posted March 30th, 2007 by

It’s a USB stick that simulates a mouse and at regular intervals it jiggles the cursor.  This keeps the screensaver from coming on.  It’s pretty ingenious, and it effectively counters the GPO you pushed out to activate the screensaver after 15 minutes of inactivity.

I’ve seen it in computer magazines (Federal Computer Week) but it’s almost impossible to find a description on the Interweb.  I’m halfway thinking about forbidding this in a policy statement. =)

Similar Posts:

Posted in Technical | No Comments »

My System Environment

Posted March 28th, 2007 by

When you sit down and think about it, I have a really neat user community.  Since we’re an IT services company, all of the users on my back-end infrastructure are IT architects, engineers, or operations.  That means that they are all system administrators in one way or another.  My challenge is to keep track of all these sneaky people, which is different from the usual unskilled user community, where it’s a case of “you clicked on what link and now none of your applications work?”.

We used to have this very talented network administrator working in the NOC.  Not only did he know networks, but he was CISO-savvy.  When he wanted to change something on our core switches, we played a little game that went something like this:

Me: So what VLANs are you going to change?

J: I’m going to connect switch A to switch B and trunk over VLAN 25.

Me: So what is that VLAN used for?

J: It’s a NOC server VLAN.

Me: And what else is connected to switch B?

J: Some other switches.

Me: And what is connected to those switches?

J: Stuff.

Me:  And what would “stuff” entail?

J: Some routers.

Me: And what do those routers connect?

And we would go on like this for a couple of minutes until I felt comfortable with most what was going on.  The funny thing was that most of the time he was up-front with what he was doing, because he didn’t want to do anything bad, either.  It’s when he started to get non-detailed that I knew something was up.
Now the fun part of this is that I have 200 people like this to contend with.  It sounds worse to say it than it actually is, but it’s one of the threats that I live with.

Similar Posts:

Posted in Odds-n-Sods, Technical, The Guerilla CISO | No Comments »

CISO Trick: Know the Hiding Places

Posted March 27th, 2007 by

In my somewhat hazy job description, there is one additional duty that I have absorbed:  limited asset management.  As I tell people all the time, I’m not an asset manager, but I become one when I have to.  For example, I spent an entire month last year doing equipment inventories.  Not a thing to be really proud of, but at the time asset management was one of the chief risks that my organization faced.

My CISO trick for the week:  Know where the engineers hide the excess equipment.  Every NOC, SOC, and data center has the place where, when equipment is missing, that’s the place where you can go and find it.  In the NOC, it’s the closet in Eric’s office where he now has 6 managed switches and some other networking gear.  In the SOC, it’s their half-rack worth of lab equipment, including some spare firewalls and IDS sensors.  In the data center, it’s the top half of rack 1-2 where the engineers put equipment and lock it up so it won’t walk away.

Point is, most organizations have these hiding places, and it’s almost an unwritten duty description to find them.  Don’t point them out as I just did, but keep them as your little secret and when you need to either find something that is missing or absolutely need a piece of equipment, you can go check the usual places and see if you have one on-hand that is not being used.

Last week I told one of our projects that they could not open up some services across the Internet until they designed their connections right with a DMZ for the Internet-accessible servers.  We left the conversation with a logical diagram to build from and the need for a firewall and a small switch–loaner equipment to get them up and running right now and that they could replace with their own when they ordered replacements.  10 minutes later, the project team had a PIX and an older catalyst, all culled from hiding spots.

One final thought for today:  I call these places “Mike’s Happy Hardware Hunting Grounds”. =)

Similar Posts:

Posted in The Guerilla CISO, What Works | No Comments »

ISM-Community DC Chapter Meeting Announcement

Posted March 26th, 2007 by

The ISM-Community DC Chapter would like to cordially invite everyone to it’s first ever meeting.


  • ISM-Community DC Chapter
  • Michael Smith and Earl Crane, chapter leaders


  • Arrivals and Introductions
  • Concept of ISM-Community
  • Development of the ISM-Community FISMA Top 10
  • Future project ideas
  • Cookies and soda
  • Earn 2 CPEs!! for 2 hours of professional organization meeting


  • 3:00 to 5:00
  • Friday
  • April 20th, 2007


Administrativia:  Since it is a private club, there is a dress code at the City Club of Washington.  Jackets are not required, however jackets are still preferred.  Jeans, sneakers, shorts and collarless shirts are not allowed.

For More Information:

We would like to thank Potomac Forum for sponsoring this event.

Similar Posts:

Posted in ISM-Community | No Comments »

Spring Fever

Posted March 24th, 2007 by

It’s spring, I haven’t been fishing in a long, long time, up into the “months” variable.  When I start having dreams about either work or sniping people in Afghanistan, then I know it’s a time to get outside and throw some flies around.

For the spring, I got a good streamer line.  It’s a 4-foot mini sink tip, so it’s great for wading and throwing some zonkers or whatnot while I’m wading.

I think today is a good C&O canal day, just prospecting for sunfish and the occasional  bassie.  It’s more about getting out than it is about catching things.

Similar Posts:

Posted in Flyfish | No Comments »

« Previous Entries

Visitor Geolocationing Widget: