Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/google.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/slashdot.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/squidoo.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/tailrank.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/technorati.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/yahoo.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/bloglines.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/delicious.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/digg.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/facebook.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/feedmelinks.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/google.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/newsvine.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/reddit.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Warning: getimagesize(http://www.guerilla-ciso.com/wp-content/plugins/social-bookmarks/images/slashdot.png) [
function.getimagesize]: failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
in
/home/rybolov/www.guerilla-ciso.com/wp-content/plugins/csprites-for-wordpress/csprites/classes/SpriteImage.php on line
36
Posted July 30th, 2007 by
rybolov
I promised myself I would stop with the vendor bashing at least long enough to catch my breath. Well, sometimes in your life something comes along that you just can’t help but comment on.
Press release on how a network emulator can help with FISMA reporting.
This class of products is great–simulated network lag so you can test your network devices, software, etc. Every lab should have this stuff. I’m pretty sure that some of it is inside my building in the various replicas of customer networks that the engineers use.
But what does this have to do with information security management? Once again, it’s sprinkling the magic FISMA fairy dust and wishing that it makes your product a security device. Makes me had the”make it secure” wand (complete with star on end and ribbons) that one CISO I know of carries about just for the purpose of being able to wave it around and say “*Poof* It’s secure now.” I figure happy thoughts are in there somewhere, but I’m just not seeing the exact mechanism.
My friends have a theory that I should start selling SOX socks and FISMA underwear. I’m not so sure about that, but I figure if it works for all these other products, it might be a massive moneymaker for me. =)
Posted in FISMA, Technical, The Guerilla CISO, What Doesn't Work | 
1 Comment »
Posted July 27th, 2007 by
rybolov
Interesting news article about some of Boeing’s problems.
This is an industry problem, one that we don’t talk about too much, and the heart of it is that it’s hard to manage security in huge organizations. Sure, there is the infosec frameworks like 7799/27001, FISMA, etc. If you look at the fairly undeveloped pieces of security, you’ll notice some trends:
- At the tactical level, we know vulnerability scanning, exploit writing, and hardening standards.
- At the operational level (Army sense of operational–we’re talking brigades and divisions here), we have risk management, certification, and my favorite whipping-boy, compliance.
- At the strategic level, we have enterprise architecture, inventory management, and capital planning.
My opinion, and it’s purely opinion, is that as you progress up the ladder to strategy, there is less and less of a knowledge base and a higher rate of opportunity for charlatans. But then again, it echoes IT management in general–everybody knows how to build a fairly secure server, not a whole lot of people know how to manage IT infrastructure for 75K users.
Purely as a sidenote, ISM-Community is working to be a player in the operational and strategic area of security, I’m just trying to figure out how to get more people involved.
Posted in ISM-Community, The Guerilla CISO, What Doesn't Work, What Works | No Comments »
Posted July 26th, 2007 by
rybolov
Nominations for the Pwnie Awards are open until the 28th. It’s still not too late to get in that last-minute nomination for your favorites.
Award categories:
Note that they don’t have a “Most Loveable but Still Harmless Curmudgeon who Obsesses about Flyfishing, Zombies, and a Whole Lot More” category because I could win it hands-down. =)
Deep inside the site is this link: PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability complete with this song:
<Preamble>
Twas the night before Christmas, and deep in IE
A creature was stirring, a vulnerability
MS02-066 was posted on the website with care
In hopes that Team eEye would not see it there
But the engineers weren’t nestled all snug in their beds,
No, PNG images danced in their heads
And Riley at his computer, with Drew’s and my backing
Had just settled down for a little PNG cracking
When rendering an image, we saw IE shatter
And with just a glance we knew what was the matter
Away into SoftICE we flew in a flash
Tore open the core dumps, and threw RFC 1951 in the trash
The bug in the thick of the poorly-written code
Caused an AV exception when the image tried to load
Then what in our wondering eyes should we see
But our data overwriting all of heap memory
With heap management structures all hijacked so quick
We knew in a moment we could exploit this $#!%
More rapid than eagles our malicious pic came –
The hardest part of this exploit was choosing its name
Derek Soeder
Software Engineer
eEye Digital Security
</Preamble>
Posted in Hack the Planet, Technical | No Comments »
Posted July 26th, 2007 by
rybolov
Robert Scoble has an interesting interview with founder and demo of Plazes.
It’s such a strange concept to me because I have spent most of my adult life making sure that people either didn’t track $us or to allow $us to track other people and what they are doing. I just don’t buy off on the fact that people would volunteer their geolocation and current activity–I’m too much inclined to answer “Nun yo” if you ask where I’m at than I am to tell you the truth.
At this point about all I can do is shrug and say “Wow, the Web 2.0 kids are weird.” =)
Now all we need is for Al Qaeda to register and we’ll be golden. “I’m sitting at a teastand in Quetta, here is my GPS grid and I’ll be here for a couple of hours.”
Posted in Army, Odds-n-Sods | 2 Comments »
« Previous Entries
Posts RSS
Subscribe via Email
