Archive for Security

Firewall video and software – Systm and IPCop

{ September 5, 2008 @ 7:47 pm } · { Linux, Network Administration, Security, fun, hardware, networking, software }
{ Tags: , , } · { Comments (2) }

I was surfing around looking for tools to help me learn more about networking and TCP/IP packets and I came across Systm.    It is a DIY show for geeks that has a bunch of shows on how to setup “geeky” stuff, like a home NAS and Media Center and yes, Firewall.  So after listening to the show on firewalls I decided that my very next project will be to setup an IPcop firewall system at home for testing and learning.  I understand from the show and by looking online that there are many people out there using it, so I should be able to setup it up and get help and learn a few things as well. 

Now if I can just dig out a complete system from my closet at home I will be all set. . .

Just Finished My First SANS Training Event

{ September 2, 2008 @ 7:13 pm } · { Career, Network Administration, Security }
{ Tags: , , } · { Leave a Comment }

I just finished a week of SANS training in beautiful St Louis, MO and am still digesting all of the information.  I also want to hold off a full assessment until after I have actually taken the test for the GIAC certification in October, but I did want to share some general impressions.

I attended a SANS Community event, which is one of their smaller events that usually consist of just a couple of classes in a given city.  I attended the Security 401:  Security Essentials Bootcamp and got exactly what I expected from it.  I am fairly new to IT Management and even newer to IT Security and I found this class to be an excellent beginning source of information.  I have honestly found it hard to know where to start often in getting training and laying some network and security foundations, and this class did just that.  It was a very wide, or top-level view of IT Security.  I found that I learned a great deal, and came away with some tools that I am learning and will eventually use in my environment.

I was also pleasantly surprised at the knowledge level of our instructor.  I have been to many IT training classes where I have felt that the instructor did a quick reading of the material and knew only a bit more than I did on the given topic.  That was not the case with the SANS Instructor we had.  He definitely knew his material backward and forward, and had used it in the field at a consulting level and on the job.

I will know for sure how well the information was presented when I sit for the GIAC Security Essentials (GSEC) test in a couple of months, so I will post again at that time.  I will be studying for this for the next couple of months by going over the printed material that was handed out at the bootcamp in addition to going over the on-demand class material and taking the practice tests.

Malware Fighting Fun – IE-AV

{ August 14, 2008 @ 4:02 pm } · { Internet Explorer, NAV, Security, software }
{ Tags: , } · { Leave a Comment }

Have spent a full day this week tracking down and getting rid of some crap one of my users got while watching videos online.  I wanted to document where I found help for this as it may help others and I don’t want to forget what I did.

The problem was that everytime my user (let’s call him John) went to the internet. . he could get a site, but if he tried to click on a second link, he was directed to a bogus website that told him he needed to install the ie-av program.  John had Norton, so I ran that and it found nothing out of the ordinary, so I then did a quick install of Ad-Aware and Spybot.  They found lots of things, but didn’t really help my problem much.  So it was off to Google and a search for IE-AV which led me to a great site where there was ample information and instructions.  NOTE:  I found the comments at the end of this blog most helpful in getting this off John’s PC.

It turns out, that all I really needed to do was uninstall the .dll files that had been dumped in the WINDOWS\System32 directory.  Now, an interesting if not disturbing sidenote is that, when I went into the \WINDOWS directory and the \System32 directory it popped up IE and the same annoying site.  For me, I had three files (g2tool.dll, gtool~1.dll and Gtool.dll) that I needed to delete, and I did have to go into Safe Mode to delete one of them.  A reboot and all was good.

I still want to rebuild that computer, as I am not at all convinced it is “clean” but for now, John is happy and thinks I do great work. . .today a Hero. . .tomorrow?  Who knows?

I’m Going to Community SANS!

{ June 18, 2008 @ 2:53 pm } · { Career, Network Administration, Risk Assessment, Security }
{ Tags: , } · { Comments (1) }

I am going for training finally.  I have only been in my current position for a year and a half now slugging my way through, figuring everything out on my own for the most part before finally getting approved for training.  To say that I am excited really is an understatement.

I did think that my first training would be Microsoft Certification training of some sort, but it turns out it will be SANS Institute training, and I am sooooo jazzed about it.

I will be attending the SEC401: SANS Security Essentials Bootcamp Style, which looks pretty intense, but does cover a bunch of topics that I have been trying to study and work on for the past year and a half.  I am going to be a facilitator at this event, which is really exciting and is honestly the only way my small company can afford to send me.  I will help the instructor and the people at SANS for a reduced tuition price.