18 posts in this topic

The CHANI Knowledge Base is a Board where CHANI members are welcome to come ask questions of other CHANI members, who through education, research, employment or personal or professional experience, have gained what would be considered advanced & helpful knowledge in a particular, or multiple, fields of interest. These members have been invited, or have volunteered to assist other CHANI members by sharing the knowledge they have.
Each participating member have been asked to provide a small introduction about themselves and the fields/topics they feel comfortable to take questions on.
I'm honored to have these members on Chani so please keep your questions and comments respectful and civil at all times.
 
WIldcard has a popular thread on Chani discussing Cyber Security issues: http://forums.thechaniproject.com/topic/4059-cyber-security-101-information-thread/
 
So without further ado here is Wildcard's Introduction:
 
INTRODUCTION:
 

I work for a Major ISP, I have been in telecommunicaitons since 1995, IT since 2005 and spcialized in cyber security since 2009.

I hold the following certs

Security+

CCNA -- Certified Cisco Network Analyst (not admin, common misconception)

CISSP-- Cirtified Iformation Security Systems Professional

CEH-- Certified Ethical HAcker (well I will after 10/25/2013)

I am currently enrolled and studying for a CHFI (Certified Hacking Foresnsics Investigator)

I plan on getting my ECSA (Certified Securtiy Analyst) in 2014

(look em up if you wish)

I cannot per company regs list the actual systems that we use but they are all public companies and used by both private companies and Gubymint/military and honestly not hard to find out, (hint do a search for SIEM products, we use several in the top 10) plus what we have devoloped in house

FYI My dept REQUIRES all of us to do 40 hrs of training per year that they pay for. So I do on average 1-2 certs and or continuing trainign per year)

I am a Security Analyst, network intelligence analyst, Cyber-security Analayst depending on who ya ask :)

My dept actually falls under the Legal Dept. umbrella since we monitor internal company systems and employees

I have had extensive training and experience at thinking analyically which comes natuallly to me. (most people need to be trained to think this way (police, lawyers ect.)

I speak 2 languages English and 101010(which pretty mush means I speak all languages if ya think about it)

I catch hackers, nefaroius employees and compromised systems for a living, I am intimatly aware of what it takes for large scale data collection (250,000 empoyees, contractors, and vendors produce a crap ton of data per day!) I am pretty well versed in the legal aspects of using data against a person and have had to give expert testimony on crimminal and corporate cases...sometimes even for the defense!!

I read multiple cyber security publications and blogs daily just to stay up to date on current and latests threats and security responses (the stuff you dont get in MSN)

 

I'm a "skeptical" conspiracy theorist..which means I dont believe every singel crap pot theory I come across (though I do love the juicy one's that people put alot of time in and read like a Agatha Christy novel), I actually and activly SEEK proof and or corroberation even so far as going to certain location (dulce, NM most recently)

I have seen a UFO or two and KNOW they exist, just not sure WHO is flying them since I have never seen a E.T pop out and ask direction or for beer!

I have seeen alot strange stuff, I used to be truck driver in my 20's so I used to travel alot and went to places that are supposed to be "hot spots for various things....

 

6 people like this

Share this post


Link to post
Share on other sites

wow wildcard you got your own Expert board, may I ask what areas are you knowledable of , so that I ask you any questions that is up in your alley. sorry i forget to read the post up above.

Share this post


Link to post
Share on other sites

Hey Wildcard, welcome, now for the tale about the wild cursors. .thinking I am truly in deep water here, so will allow someone else to ask the questions.

1 person likes this

Share this post


Link to post
Share on other sites

Can any of you computer boffinse suggest a software or tool I can use to download/capture a complete thread with all its pages into a file, preferably a pdf or html file even a zip file will do?

I have threads on the old forum from bluecoat, ashamed and celtec etc which I was asked to remove while AIM got their bots sorted out. I now want to put those threads back on chani in the form of a pdf.

I've tried converting and importing the threads from the old forum(smf) to our new forum (IPB) but it's giving me to many errors.

Share this post


Link to post
Share on other sites

Hi Wildcard,

 

What can you tell me about GFDs you have seen, used or heard of?  Has the technology matured significantly or diminished with protocol and hardware security improvements?  

 

I am out of the hacking circuit 15+ years now and have blissfully lost track, but always curious.

 

edit: Yeah, my terminology is definitely out of date.  Particularly I am thinking of network level 'GFD's. I remember seeing listings for several of these hardware devices back in the mid nineties and being very curious.  As I understood it they offered superior ways of manipulating IP traffic and data similar to how pcap works to snoop local internet traffic.  I always wondered how they worked and how advanced that tech actually is / can be.

 

Thanks

1 person likes this

Share this post


Link to post
Share on other sites

Hi Wildcard,

 

What can you tell me about GFDs you have seen, used or heard of?  Has the technology matured significantly or diminished with protocol and hardware security improvements?  

 

I am out of the hacking circuit 15+ years now and have blissfully lost track, but always curious.

 

edit: Yeah, my terminology is definitely out of date.  Particularly I am thinking of network level 'GFD's. I remember seeing listings for several of these hardware devices back in the mid nineties and being very curious.  As I understood it they offered superior ways of manipulating IP traffic and data similar to how pcap works to snoop local internet traffic.  I always wondered how they worked and how advanced that tech actually is / can be.

 

Thanks

I had to go lookup GFD, the latest thing I found was from 2004 {https://www.ogf.org/documents/GFD.36.pdf‎}. I read the introduction and just hazarding a guess, I think from the description GFD is now called BIG Data.

Which is the latest and greatest blah blah blah  :)

1 person likes this

Share this post


Link to post
Share on other sites

What is your take on these quantum virus bugs that can transfer between computers not connected to Internet? Also if not too hot territory do you believe there exists many other stuxnet, flame, etc we haven't even discovered yet?

Share this post


Link to post
Share on other sites

What is your take on these quantum virus bugs that can transfer between computers not connected to Internet? Also if not too hot territory do you believe there exists many other stuxnet, flame, etc we haven't even discovered yet?

Ill answer your quesitons, I have lots of thoughts on this but, I am currently at work and ....cant right now. I will try to login tonight from home, barring that it will be thursday when I am off that I can speak freely

2 people like this

Share this post


Link to post
Share on other sites

@ Wildcard --

 

  Hello, have not seen you around lately hope you're ok  --

 

Have you heard of "blue jacking" or "blue snarfing" using ACER device control software, (Smartphone to Laptop)  hi-jacking a laptop and causing all kinds of havoc to Win8 pc settings, not to mention DLL's that run video and audio. Other than removing the Bluetooth stack, what can be done to foil these kind of attacks. Have been tracking events and reversing damage after the fact and want to put an end to this asap!  Help

1 person likes this

Share this post


Link to post
Share on other sites

Hi, Wildcard,

 

just to report what recently occurring in my area. My home router and consequently pc and smartphnes had Google DNS changed and consquently always redirected to a page which ask for money. Tipical ransomware. I'm asking how can we prevent such attacks.

Share this post


Link to post
Share on other sites

Sorry been out of pocket so to speak for the last week or so.

First off you need to setup your routers security, if you have documentation great, if not then send me a pm on brand and type but basically you want to change the default SSID then set it to NOT broadcast, what this does is make the router not tell everyone and their momma its name (SSID)

next you need to change it from the rediculously easy to crack WEP to WPA2 and set a STRONG password (IMNSHO at least 12 characters) here is an example of a 20 char password fE6fK0J7YBdY,'bq/ggV

now your wireless portion will be alot better off, personally I do all the above AND setup MAC filtering, your router should allow this, if need be I can walk you thru it just let me know.

You also MUST MUST MUST change the default login to your router, depending on make/model it is probably somethin like

User: Admin

password : whatever the manufacturer sets it as...

Change the user to a name you will remember

change the password to atleast a 12 char password with upper/lower/numbers/special characters.

As for the DNS, It will depend on your routers make/model, also its a really good time to look at your routers logs, this should be in the advanced settings and see who is connecting to your router

you also need to check your browsers setting and make sure that any changes require your approval

 

A good password generator and storage with encryption that I use at work and at home http://keepass.info/

2 people like this

Share this post


Link to post
Share on other sites

@ Wildcard --

 

  Hello, have not seen you around lately hope you're ok  --

 

Have you heard of "blue jacking" or "blue snarfing" using ACER device control software, (Smartphone to Laptop)  hi-jacking a laptop and causing all kinds of havoc to Win8 pc settings, not to mention DLL's that run video and audio. Other than removing the Bluetooth stack, what can be done to foil these kind of attacks. Have been tracking events and reversing damage after the fact and want to put an end to this asap!  Help

Follow the steps in the link below, Its all a matter of preventive security. if still have an issue PM with the device info

 

http://www.ehow.com/how_2107256_prevent-bluejacking.html

http://www.ehow.com/how_2093082_prevent-bluesnarfing.html

4 people like this

Share this post


Link to post
Share on other sites

Thank you Wildcard

Share this post


Link to post
Share on other sites

Thank you! I've alredy done half the things you suggested after recovering the system. Now i'ill have some fun digging in the advanced settings and properly set the 'hot dog heater'.

 

CS19733-40.jpg

 

DSL - 2740R

Share this post


Link to post
Share on other sites

ey Wildcard

 

ever googled tree of life wallpapers ?

check em' out 

Share this post


Link to post
Share on other sites

ey Wildcard

 

ever googled tree of life wallpapers ?

check em' out 

mmmkay, I can always do with more wallpapers

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now