Wednesday, April 17, 2013

SPC 2013 - Risk Management Haiku

We cannot eliminate risks.  We can only manage them.

We can also dazzle them with 5, 7, 5.

Risk Management Haiku

Identify risks:
Boulders cling to mountain sides.
Gravity calls them.

Entropy calls us,
Daring the brave to forget
To run the backups.

Like the beaver's dams,
The change control processes
Keep torrents at bay.

Posted by at No comments:
Labels: ,

Tuesday, April 16, 2013

SPC 2013 - Man In The Middle

This is a similar idea to the Shoulder Surf Sonnet, taking the perspective of the Bad Guy(tm).  Both are versions of social engineering attacks, though this one uses a bit more tech to steal the goodies.


Man In The Middle

Words and pictures are on the wind,
Secrets are floating by.
A confession to you that I have sinned
While waiting to get to the sky:

My flight, it was late, the crew they just shrugged.
They said it would take a few hours.
So I opened the laptop all day I had lugged
And searched for wifi net towers.

Once I had signal, I smiled a grin,
And I started a small packet capture,
Which let me sit in on chats between kin,
Someone stealing a cover of Rapture.

Another was there surfing websites for some porn.
(I looked around, wondered who did it!)
But then I saw something that tooted my horn!
When I put out some bait, someone bit!

For I stole the gateway and whatever connections
That traveled by SSL tunnel,
And I sent all their passwords in wrong new directions,
Down the spout of an account-stealing funnel.

I gathered them all, all the ones that I could,
Before it was our time to board.
I hugged my PC, I hugged it right good
For it held all my ill-gotten hoard.

The time passed so quickly, I was so entertained
At the expense of all those around me.
I saw what they did, what their small lives contained
And how easy it was did astound me.

And when I get home from my time in the air
Where the words and the secrets do fly,
I look forward to using all the logins I dare
And draining every bank account dry!
Posted by at No comments:
Labels:

SPC 2013 - Firewall

One of the tools in the infosec arsenal is the firewall.  Like any other tool, they can be used well and they can be used poorly.  When they are implemented incorrectly, they are an impediment for the good guys.  When they are implemented correctly, they act as a trusted sentinel for the good guys.

Here, I sing a song of praise for the well-designed and utilized firewall.


Firewall

Each packet tells a story,
A single thread in the vast woven tapestry
Of ports and protocols and payloads.

Each handshake, each broadcast, each multicast shout
Race by my eyes and ears.

I stand alone as judge and executioner,
Making no decision without guidance from my Maker,
But once I'm told right from wrong,
You cannot pass if I deny,
You only pass if I allow.

I've gotten smarter after years of tricks and feints,
Endless shadowboxing, jabbing probes and roundhouse floods,
But I don't tire any more quickly
Than the caffeine-fueled demons that drive the engines
Of DoS and phish and drive-by blasts.

I stand and watch them fall.
I guard and shepherd the bits of this world
That hope only to speak freely with their partners
On the other side of the wall.
Posted by at No comments:
Labels:

SPC 2013 - Shoulder Surf Sonnet

It's that time of year again.  It's time for another EDUCAUSE Security Professionals Conference.  We begin with a poem composed while in flight from home to St. Louis, the arch of my plane ride matching that of the great St. Louis Gateway.

I think I succeeded in writing this in iambic octameter.


Shoulder Surf Sonnet

I shoulder surfed to watch you type
Your passwords, logins to web sites.
You did not hide secrets from me,
And all you are is what I'll be.

But I don't like just what you are,
The boring texts, pics from the bar.
I think instead I'll change your fate.
You can't deny; it is too late.

Your Facebook's now a shrine to cats.
Your Twitter tweets only 'bout bats.
Your Tumblr posts are all just spam.
Your email's linked to naughty cams.

Next time you type, you must take care
And watch for snooping meanies there.
Posted by at No comments:
Labels:

Wednesday, April 10, 2013

Come At Me, Bro


BRO is a popular network analysis and monitoring platform among many higher education Security Offices.  Those who use it think very highly of it.  I dedicate this two minute play to them.


"Come At Me, Bro"

STAGE CENTER, BRO (MID-30S IT SECURITY PROFESSIONAL, BUSINESS CASUAL DRESS) SITTING AT A SIMPLE DESK WITH A LAPTOP HOOKED UP TO A MONITOR ON TOP.  BRO IS SEATED IN PROFILE, SO WE'RE LOOKING AT THE SIDE OF THE DESK AND BRO IS FACING STAGE LEFT.  SINGLE SPOTLIGHT SHINES FROM BACK OF THE HOUSE ON BRO AND DESK.

BRO (typing on laptop):

I see you.  (TYPING)  And I see you.  (MORE TYPING)  And you.  And you too.  I see what you are trying to do.

You there, the TCP packet with no state flags set.
You there, the spammer, sending with no regret.
From China from Russia from IPs in Bombay,
From Jersey, Seattle, San Francisco Way.
Your traffic flies by me, each bit hits my eye.
The gusts hit me hard, and I try not to cry.

BRO STANDS, CIRCLES THE DESK AND POINTS AT THE SCREEN

But I swallow my tears, my upper lip stiff.
I log it all down, then I start with a diff.
Then I pull out a regex and load my DB,
And the patterns that form are something to see.

BRO GETS PROGRESSIVELY LOUDER AND MANIC, YELLING AT THE SCREEN NOW

You think you can hide as you pop out of TOR?
You think you can 'sploit some hidden backdoor?
You think I won't notice when your DoSes ignite?
You think I will cower and run from this fight?

BRO GRABS THE MONITOR, YANKS IT FROM THE DESK, THE LAPTOP SCATTERS, HE'S NOW SCREAMING INTO THE FACE OF THE MONITOR AND SHAKING IT.

My name is Bro, and I'm on to you!
And I will be watching, whatever you do!
Go ahead, bring it.  I dare you to say,
"Come at me, Bro!" Oh, yeah.  Let's play!
Posted by at 1 comment:
Subscribe to: Posts (Atom)