This is a question I get all the time from clients and students. I tell them a "zero day attack" is when a vulnerability is discovered in an application or an OS and is unknown to the vendor or general public and a patch has yet to be released to fix it. The term zero day indicates basically that the attack could happen anytime because the system does not have a patch to fix the vulnerability.
Zero day attacks are the worst situation for security folks because we just do not know when said attack will happen. We are left in kinda of a limbo wondering if and when the attack might happen to our systems.
Here is a current example:
1) Microsoft has a known vulnerability in IE 8 for certain OS's. The vulnerability may allow an attacker to create a cross site scripting (XSS) attack to gain access to a system. Microsoft has not issued a patch but is investigating the issue. link:
2) Vuepen Security has confirmed that this is a vulnerability. link:
3) Metasploit also has included this vulnerablity and the actual code to exploit it in there latest release of Metasploit as well. link:
(By the way if you are not familiar with Metasploit check out my video. link)
The only good news is that we can use Metasploit to test if our systems are vulernable to the attack, the bad news is hackers can also use Metasploit to attack a system. This is what makes a zero day attack so dangerous.
Only time will tell on a zero day attack.
My take on Network IT Security issues and events.
Thursday, December 23, 2010
Monday, November 8, 2010
Now is the time to start thinking about 2011 goals for the year
As we approach the end of the year, its that time again when when we all look back over the year and see if we accomplished our goals for the year. What goals did you set for yourself? What goals do you want to accomplish for next year?
I am hoping in the next few weeks myself to get my 2011 business plans ready as well as some of my personal goals.
Good luck...Tom
I am hoping in the next few weeks myself to get my 2011 business plans ready as well as some of my personal goals.
Good luck...Tom
Friday, September 17, 2010
Remote Training: The Training Solution You May Be Missing Out On - An instructors point of view. http://bit.ly/cMGzwy
Remote training has changed over the years. Come read about it from an instructors point of view.
Saturday, September 11, 2010
Security+ - Do you really need this certification?
In the past year I have been asked a couple of questions regarding the Security+ certification. "I already have experience, why do I need to get Security+ certified? or "Is the Security+ certification worth anything anymore?" The answer to both questions is a definite yes.
Over the past 10 years security has become a very prominent part of IT. The need for well qualified individuals in security has increased. There is not not one company that is not thinking about security. Security has come to the forefront of IT due to the increased exposure to networks. The exposure comes from the internet. With all of this exposure comes the need to protect our personal and company assets.
So, how does the Security+ certification play a role helping protect our personal and private networks? Knowlege knowledge and more knowledge. That is the answer.
IT security is not just limited to single area of knowledge. It actually encompasses all areas of IT. Think about all the different systems, applications and OS's your company has running? All of those have different needs for security. So to be in security means to be knowledgeable in a lot of areas of IT.
Security+ certification provides you with exposure to all of the different areas of security for different systems, application and OS's. No, it does not mean you will be an expert in security for all of these systems, but it does mean you will have exposure and an understanding of what it means to secure these systems.
Security is a journey not a destination. There is not one person who knows everything about security. Security knowledge comes from knowing how to defend your systems against different types of threats.
However for some, network defense comes from knowing how a system or OS works.
Security+ provides that base knowledge for security, network defense and hardening systems. You could say it is a mile wide and a 2 inches deep. Once you have the exposure to this knowledge then you can go into one of many areas of security such as: ethical hacking, firewalls, IDS, IPS, security policies, Cisco routers and switches or internet security.
As for the question is the Security+ certification worth anything? Just ask anyone in the military or government who has to work on a secure system. They are now required to be Security+ certified to work on said systems.
So if you are looking to get into security or need to start getting certified in security for other areas. The Security+ certification is the place to start.
If you have any questions about Security+ certified, please feel free to contact me.
For more information on Security + click here.
Over the past 10 years security has become a very prominent part of IT. The need for well qualified individuals in security has increased. There is not not one company that is not thinking about security. Security has come to the forefront of IT due to the increased exposure to networks. The exposure comes from the internet. With all of this exposure comes the need to protect our personal and company assets.
So, how does the Security+ certification play a role helping protect our personal and private networks? Knowlege knowledge and more knowledge. That is the answer.
IT security is not just limited to single area of knowledge. It actually encompasses all areas of IT. Think about all the different systems, applications and OS's your company has running? All of those have different needs for security. So to be in security means to be knowledgeable in a lot of areas of IT.
Security+ certification provides you with exposure to all of the different areas of security for different systems, application and OS's. No, it does not mean you will be an expert in security for all of these systems, but it does mean you will have exposure and an understanding of what it means to secure these systems.
Security is a journey not a destination. There is not one person who knows everything about security. Security knowledge comes from knowing how to defend your systems against different types of threats.
However for some, network defense comes from knowing how a system or OS works.
Security+ provides that base knowledge for security, network defense and hardening systems. You could say it is a mile wide and a 2 inches deep. Once you have the exposure to this knowledge then you can go into one of many areas of security such as: ethical hacking, firewalls, IDS, IPS, security policies, Cisco routers and switches or internet security.
As for the question is the Security+ certification worth anything? Just ask anyone in the military or government who has to work on a secure system. They are now required to be Security+ certified to work on said systems.
So if you are looking to get into security or need to start getting certified in security for other areas. The Security+ certification is the place to start.
If you have any questions about Security+ certified, please feel free to contact me.
For more information on Security + click here.
ISC2 - CISSP Exam - Kansas City
The CISSP exam has been put on the schedule for Nov 6, 2010. This is great news because I will be teaching a CISSP review course at Centriq Training the week of Oct 25th.
If you are thinking about trying for the exam this fall, this will be your last chance for the exam to be Kansas City this year.
Monday, August 23, 2010
Checkout my new Centriq Blog
Geotagging - what should you know
http://centriq.blogspot.com/2010/08/geotagging-be-careful-of-your-pictures.html
http://centriq.blogspot.com/2010/08/geotagging-be-careful-of-your-pictures.html
Monday, July 19, 2010
CISSP Exam – August 7th - Kansas City – 5 Tips For Success
The ISC2 CISSP exam is schedule for August 7th in Kansas City. Usually the Kansas City area schedules this exam twice a year. Well it’s that time, most people have been studying for a few months for this exam date and are now coming down to crunch time. Here are my 5 tips for success for the exam.
1. In the last few weeks of studying you should be going over the questions on the CCCure Quizzer. You can either do the free questions or pay $39.99 for the 6 month subscription. The pay option is well worth it.
2. Create a testing plan that will allow you time to take little breaks in between questions. You have 6 hours for the exam with no scheduled breaks and all breaks count against your test time. Using all of you allotted time is beneficial. Allowing yourself a 5 or 10 minute break after so many questions allows you to keep on schedule and not get behind or go to fast. Also remember to bring little snacks and something to drink which you can put in the back of the room during your breaks.
3. Do not cram the night before. In fact put all of your studying aside and have a quiet evening doing something you enjoy. Go to bed early and get a good night’s rest.
4. The morning of the exam, don’t drink a lot of caffeine and eat a little something for breakfast for energy. You do not want to waste too much time going to the restroom several times during the exam.
5. Remember to bring your certification ticket and two forms of ID. You will not be allowed in with any of these items.
Good luck on the exam.
1. In the last few weeks of studying you should be going over the questions on the CCCure Quizzer. You can either do the free questions or pay $39.99 for the 6 month subscription. The pay option is well worth it.
2. Create a testing plan that will allow you time to take little breaks in between questions. You have 6 hours for the exam with no scheduled breaks and all breaks count against your test time. Using all of you allotted time is beneficial. Allowing yourself a 5 or 10 minute break after so many questions allows you to keep on schedule and not get behind or go to fast. Also remember to bring little snacks and something to drink which you can put in the back of the room during your breaks.
3. Do not cram the night before. In fact put all of your studying aside and have a quiet evening doing something you enjoy. Go to bed early and get a good night’s rest.
4. The morning of the exam, don’t drink a lot of caffeine and eat a little something for breakfast for energy. You do not want to waste too much time going to the restroom several times during the exam.
5. Remember to bring your certification ticket and two forms of ID. You will not be allowed in with any of these items.
Good luck on the exam.
Thursday, March 18, 2010
Hope you are ready today!
IT aware of bandwidth issues caused by NCAA
http://www.bizjournals.com/sanjose/stories/2010/03/15/daily19.html
http://www.bizjournals.com/sanjose/stories/2010/03/15/daily19.html
Monday, March 15, 2010
Department of Defense recquires CEH training
http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=223101209
What is DoD 8570?
Department of Defense Directive 8570 (DoD 8570) provides guidance and procedures for the training, certification, and management of all government employees who conduct Information Assurance functions in assigned duty positions. These individuals are required to carry an approved certification for their particular job classification. GIAC certifications are among those required for Technical, Management, CND, and IASAE classifications.
Who is affected by DoD 8570?
Any full- or part-time military service member, contractor, or local nationals with privileged access to a DoD information system performing information assurance (security) functions -- regardless of job or occupational series.
* Office of the Secretary of Defense
* Military Departments
* Chairman of the Joint Chiefs of Staff
* Combatant Commands
* Office of the Inspector General of the DoD
* Defense Agencies
* DoD Field Activities
* All other organizational entities in the DoD
DoD Directive 8570 requires:
* 100% of the IA professionals in DoD and DoD contractors must be certified within the next 3 years
* 40% must be certified by the end of 2008
* All IA jobs will be categorized as 'Technical' or 'Management' Level I, II, or III, and to be qualified for those jobs, you must be certified.
What is DoD 8570?
Department of Defense Directive 8570 (DoD 8570) provides guidance and procedures for the training, certification, and management of all government employees who conduct Information Assurance functions in assigned duty positions. These individuals are required to carry an approved certification for their particular job classification. GIAC certifications are among those required for Technical, Management, CND, and IASAE classifications.
Who is affected by DoD 8570?
Any full- or part-time military service member, contractor, or local nationals with privileged access to a DoD information system performing information assurance (security) functions -- regardless of job or occupational series.
* Office of the Secretary of Defense
* Military Departments
* Chairman of the Joint Chiefs of Staff
* Combatant Commands
* Office of the Inspector General of the DoD
* Defense Agencies
* DoD Field Activities
* All other organizational entities in the DoD
DoD Directive 8570 requires:
* 100% of the IA professionals in DoD and DoD contractors must be certified within the next 3 years
* 40% must be certified by the end of 2008
* All IA jobs will be categorized as 'Technical' or 'Management' Level I, II, or III, and to be qualified for those jobs, you must be certified.
Friday, January 15, 2010
Monday, January 11, 2010
2010
Well we are off to a new year and things are going great. It appears that I will have clients going to Windows 7 and security is in the mind of a lot of folks. I am also looking into several ways to optimize IT for business processes to ensure maximum efficiency within companies.
Tuesday, January 5, 2010
New Year....New Start
Well I am off to a pretty good start to the new year. The key to changing is 3 things. 1) You have to want it. 2) You have to change exchange bad habits with good habits. 3) You need to start slow and take it one day at a time.
Subscribe to:
Posts (Atom)