Halloween Forum banner

1 - 16 of 16 Posts

·
Hungry For Death
Joined
·
729 Posts
Discussion Starter #1
Hello!

I figured there might be a few here. I would like this thread to be a Threat, recent vulnerabilities, Tips and Tricks, and just plain ol' Geek Talk here.

Just a quick background of me.
I am currently working for the US Navy Database, Information Security department. I hold an A.A.S in Network Systems Administration, 1 year left for my B.S. Information Systems and Cyber Security. Skilled in Forensics, Databases. Looking foward to gaining my Security+, and GIAC certs. (Also seeking new employment ~COUGH~) lol

Anyways, Any InfoSec geeks here like me? :D
 

·
His name is Roger Clyne
Joined
·
9,615 Posts
Well the folks at work like to believe I'm the IT person because I know how to "fix" certain things, like how to find that toolbar you dragged off the screen, or how to rearrange stuff in Word so it prints out correctly, or how to do this or that in Excel & oy vey don't get me started on the people that shouldn't ever go near or use our Océ copier or any piece of tech anywhere, but I don't get paid for that position & I certainly have not the first clue as to what all those letters & names you've put up there mean. I wish I did.

I'm sure there's a few here that will join in with this sort of thing so don't worry.
 

·
Hungry For Death
Joined
·
729 Posts
Discussion Starter #3
Haha Love it! Yea, what you are going through is exactly what Help Desk support goes through. I skipped that and went straight to being a Database Administrator (DBA).

I can completely concur with your "Some people just shouldn't go near any piece of tech". (Same goes for some drivers who get their licenses from Wal*Mart LOL).

A buddy of mine encountered a lady at his work that insists she has the best coffee mug tray around the office.... Ended up that she was using the CD/DVD tray xD
 

·
What Hump?
Joined
·
1,107 Posts
I'm a software engineer/system administrator.

I have a Masters degree in Computer System Security, but that is more of an administrative/management level degree than it is a nuts and bolts technical degree, and until recently, I wasn't doing security related work.

I have a security+ certification and am working toward a CCNA Security certification on the networking side.

That said, I'd much rather spend my days building props. :)
 

·
Hungry For Death
Joined
·
729 Posts
Discussion Starter #5
Fantastic Abunai! :)

I wish you the best of luck as you pursue your CCNA!

In regards to what you had said about the Masters degree. Even in my Bachelor's, it seems to be more of executive view of things. however, my classes do have a few Forensic, Pen testing, and hardening simulation. Now those are the ones I pay attention in :p

If ya dont mind me asking, what company do you work for? Industry?
 

·
Hungry For Death
Joined
·
729 Posts
Discussion Starter #7
Boeing?
Awesome! Great industry, especially for InfoSec

Are you sure?? lol I am debating if I want to bring my outside life into work... I have ask around the base and (After hearing I do my haunts and slide like monsters at Knotts Scary Farm) they said they want me to come in full costume... Not sure if the capt. would like that xD I would probably be stopped and questioned by the MP's.

Anyways, Back to IT. When did you take you security+? I keep on telling myself i will do it but put it off because I get busy with life or halloween :rolleyes:
 

·
Registered
Joined
·
557 Posts
I have an associates in Computer Forensics however right now I'm working in Security (and not the IT kind!)

I felt, going through my classes that my degree didn't have the right name...I spent most of my classroom hours learning about networking. And then never really learning how to apply the security aspect to the networking. Oh well.
 

·
Hungry For Death
Joined
·
729 Posts
Discussion Starter #9
I have an associates in Computer Forensics.
AH! that is my most favorite subject of all in the InfoSec Realm. What software did you use during your education?

I was taught Paraben P2 Commander, but self taught myself on Wireshark (for packet sniffing) and SANS SIFT Workstation (Unix Forensics toolkit)

I will be self teaching myself Kali-Linux. I heard this bad boy is the nector of the gods when it comes to Open-Source Forensics Toolkits (Apparently it also has tools to do Network Pen Testing, Vulnerability Scanning, and more!)
 

·
Registered
Joined
·
557 Posts
AH! that is my most favorite subject of all in the InfoSec Realm. What software did you use during your education?

I was taught Paraben P2 Commander, but self taught myself on Wireshark (for packet sniffing) and SANS SIFT Workstation (Unix Forensics toolkit)

I will be self teaching myself Kali-Linux. I heard this bad boy is the nector of the gods when it comes to Open-Source Forensics Toolkits (Apparently it also has tools to do Network Pen Testing, Vulnerability Scanning, and more!)
Mostly Encase but FTK as well.
I had to Google those because its been 4 years since I graduated and I couldn't remember. Sadly I think my degree is wasted. I don't feel comfortable enough to do anything computer related now.
 

·
Hungry For Death
Joined
·
729 Posts
Discussion Starter #12
Lol I graduated with my associates in Network Systems Adminsitration in '13 and 'technically speaking' it is already outdated and old. lol I am sure once you find a topic that is interesting, it'll all come back to you.

A colleague of mine had stated, "in order to never lose your education, always act as if your home network is your company....Hack It, Protect It, Sniff It, Own it"

I am starting to think he is right.
 

·
Hungry For Death
Joined
·
729 Posts
Discussion Starter #13
Hmm, let me revive this thread.

How do my InfoSec colleagues keep up with the latest vulnerabilities and events that occur?

What online security webinars or magazines you subscribe to?
 

·
Registered
Joined
·
401 Posts
I'm on a distribution for SANs and BankInfoSecurity, CSO, and a few others that escape me. Regarding the security webinars, SANs usually has a lot going on, and they'll have multiple 1 hr webinars on a monthly basis. A good way to get some CPEs.

I came across this site via a link on another forum, but this is some decent owasp top 10 training.

http://securitycompass.com/training/free/course-demos/
 

·
Hungry For Death
Joined
·
729 Posts
Discussion Starter #15
Awesome EviLEye!

I concur on the SANs webinars. I actually watched the friday seminar about the spec.js exploits on the webview in mobile applications. They always seem to have the top industry leading IT Professionals doing the presentation which is huge... Considering the fact that it is all free.

I went to US-CERT site and got on their immediate email list for any vulnerabilities that they have found and investigated.


Another idea, is joining the Information Systems Security Association (ISSA) chapters in your area. Where I live, I can be part of 3 Chapter. I.E., L.A. and O.C. chapters. They have monthly lunch meetings for both members and non-members, its great to go there and learn, but I mainly use it as a Networking tool. To increase my InfoSec contacts.

EDIT: Just noticed your in O.C., Have you been to the ISSA meetings? Maybe I have seen you lol only been a few times, but will make it my regular activity soon.
 

·
Registered
Joined
·
650 Posts
I'm a software engineer/system administrator.

I have a Masters degree in Computer System Security, but that is more of an administrative/management level degree than it is a nuts and bolts technical degree, and until recently, I wasn't doing security related work.

I have a security+ certification and am working toward a CCNA Security certification on the networking side.

That said, I'd much rather spend my days building props. :)
Then why cant the Hackers be caught and hung up by their short hairs and shot in the head????
 
1 - 16 of 16 Posts
Top