In a recent CEH class I taught, a group of students had an unusually broad background and motivation for taking on the course. One thing that impressed me a great deal was how well they seemed to understand this even before meeting each other. Everyone had healthy expectations, and were looking toward realistic outcomes, but at the same time I felt it was a challenge to make sure I could both fit the course for them and stay within the scope of the curriculum. We needed to pass the exam, not conduct an improvised 5 day Q and A session, though I was tempted to do exactly that.
This got me thinking a bit about something that recent trends I have noticed has brought to light about the way students and training programs evolve together.
I often say that "there are entry level info sec classes but info sec is not an entry level topic". I think the reality however is that as IT assignments branch out, security becomes an efficient solution for bridging and broadening a persons understanding of IT no matter what their background. Sometimes people take infosec classes not so directly for security information, but for the unusual point of view. It is very unsanitized, imperfect at times, philosophical, and demands critical thinking.
CEH paired with CISSP is in a sense, a way to be exposed to an encyclopedic knowledge of all of the basics, from techie to management, from data to packets, and from apps to hardware. Being a mile wide is perhaps harder in some ways than being a mile deep. These classes are incredibly challenging for precisely this reason. Every student will find one chapter, module or domain that they think has been simplified into silliness. They will also encounter a portion of the class that is so unfamiliar it may seem the instructor has begun to speak a martian language. Yet to those who work in that area, it is as simple silly as the other aspect of the course was.
The first step is figuring out the difference, the second step is reconnecting the dots.
As any technology advances a compression phenomenon occurs. What once took a career to learn and master eventually becomes required basics just to attend a 5 day bootcamp. "Assumed knowledge" at this point to even enter the discussion of information security is more than many people even care to know in what would be gained in a lifetime of experience in IT.
The goals of technical training therefore needs to adapt to this. Bootcamps such as what we offer are designed to demonstrate key ideas that help the disparate parts of day to day experiences come together. Its like finding the one piece of a jigsaw puzzle that helps connect too other vary large assemblies. Sometimes however, a student grasps this catalyst, but has to wait until some time down the road to realize why it is important.
One thing we can absolutely guarantee is that all of the effort placed toward this goal will become useful at some point. No knowledge in info sec is wasted, no matter how unrelated it might seem to a current assignment.
Friday, June 26, 2009
Monday, June 22, 2009
Putting off the exam (reconsidered).
In a recent ECSA/LPT class a concerned student wondered if he really had to take the exam that week and asked for advice. My response was short "If you take the exam in two weeks instead, what will change?"
There was a still pause for a moment. He thought about work, schedule, distractions, other projects. He knew he took the bootcamp specifically to step away from those things for 5 grueling days to knock out this challenge. Then he said "Nothing will change, I see that I should just give it a shot on Friday then"
He realized it was unlikely that he would make time to study, and that once this training was over, the endgame was to be able to move on; not let it linger around for weeks and months. This is something everyone should consider before they attend a bootcamp. It is why it is so important to prepare your schedule to minimize interruptions and get pre-study materials to read up on topics before coming to class. You want to think about the follow through, the idea that the training will start a new process for your career, it is not the end of one.
When the week is over it is important to be able to move on.
There was a still pause for a moment. He thought about work, schedule, distractions, other projects. He knew he took the bootcamp specifically to step away from those things for 5 grueling days to knock out this challenge. Then he said "Nothing will change, I see that I should just give it a shot on Friday then"
He realized it was unlikely that he would make time to study, and that once this training was over, the endgame was to be able to move on; not let it linger around for weeks and months. This is something everyone should consider before they attend a bootcamp. It is why it is so important to prepare your schedule to minimize interruptions and get pre-study materials to read up on topics before coming to class. You want to think about the follow through, the idea that the training will start a new process for your career, it is not the end of one.
When the week is over it is important to be able to move on.
Saturday, June 6, 2009
The mobile workforce and hacking (cont...)
Udpate post;
On 6/03 I talked about getting a netbook and dual booting both Windows and Ubuntu. I was willing to swap out drives; being in the habit of days of old that meant having the drive bay with the plastic tray thing and the stack of 5.25 drives.
Nowadays that has been replaced with 8g SD cards that can be purchased for a few dollars a piece (I cannot wait for the day when a tube of them costs $4.99) The old is forever new and we are still running OSs from floppies (in essense, USB stick and SD Cards are just higher capacity floppies).
I knew this netbook thing could be done for some time, it is important to say that this technique isn't "news". Maybe it was a professional obligation to buy a netbook just for this reason. My budget manager wasn't buying as she knows I am on a 12 step for gadget problems. Students kept bringing them in with sh!t eating grins on their faces.
In less than 10 minutes I created two OS swap outs using UNetbootin(1). The major problems arose in getting certain OSs to like the Atom processor and the screen resolution of the netbook display. These are all things that will get worked out.
For the Ubuntu task I used "EasyPeasy"(2) which is optimised for netbooks and worked perfectly on the first try. It auto mounted the partitions on the drive with my netbook allowing access to all of the data. Essentially the only thing that would make this a better solution is if the netbook had two SD card slots so I wouldn't have to give up the one. (I like not having a USB key dangling off the side or having yet something else to carry around and keep track of. Mobile form factors should be as all inclusive as possible or they aren't mobile).
I digress; so what does all of this have to do with InfoSec? If you are asking that question keep reading this blog. This topic will be brought up alot mixed in with the other topics we have planned.
Some netbooks have wifi chipsets that support sniffing(3), but not yet packet injection it seems. Operating systems and tools can easily be stored on mini sdcardsg (the size of your fingernail) and carried around ready to boot on the right hardware. Google "wave" will likely change mobile collaboration forever(4). Skype and so on ..... what I am asking is that you take a moment connect the dots and imagine the possible scenarios..
The only thing left is cheap Internet everywhere all the time, and we all know that is coming one way or the other. Thats enoough for now, I need to change a diaper (not mine), but stay tuned for updates.
(1) http://en.wikipedia.org/wiki/UNetbootin
(2) http://www.geteasypeasy.com/index.php?menu=download
(3) http://clipmarks.com/clipmark/AB945FA1-6A1F-48CD-A12A-B962CB229572/
http://forum.eeeuser.com/viewtopic.php?id=13673
(4) http://wave.google.com/
On 6/03 I talked about getting a netbook and dual booting both Windows and Ubuntu. I was willing to swap out drives; being in the habit of days of old that meant having the drive bay with the plastic tray thing and the stack of 5.25 drives.
Nowadays that has been replaced with 8g SD cards that can be purchased for a few dollars a piece (I cannot wait for the day when a tube of them costs $4.99) The old is forever new and we are still running OSs from floppies (in essense, USB stick and SD Cards are just higher capacity floppies).
I knew this netbook thing could be done for some time, it is important to say that this technique isn't "news". Maybe it was a professional obligation to buy a netbook just for this reason. My budget manager wasn't buying as she knows I am on a 12 step for gadget problems. Students kept bringing them in with sh!t eating grins on their faces.
In less than 10 minutes I created two OS swap outs using UNetbootin(1). The major problems arose in getting certain OSs to like the Atom processor and the screen resolution of the netbook display. These are all things that will get worked out.
For the Ubuntu task I used "EasyPeasy"(2) which is optimised for netbooks and worked perfectly on the first try. It auto mounted the partitions on the drive with my netbook allowing access to all of the data. Essentially the only thing that would make this a better solution is if the netbook had two SD card slots so I wouldn't have to give up the one. (I like not having a USB key dangling off the side or having yet something else to carry around and keep track of. Mobile form factors should be as all inclusive as possible or they aren't mobile).
I digress; so what does all of this have to do with InfoSec? If you are asking that question keep reading this blog. This topic will be brought up alot mixed in with the other topics we have planned.
Some netbooks have wifi chipsets that support sniffing(3), but not yet packet injection it seems. Operating systems and tools can easily be stored on mini sdcardsg (the size of your fingernail) and carried around ready to boot on the right hardware. Google "wave" will likely change mobile collaboration forever(4). Skype and so on ..... what I am asking is that you take a moment connect the dots and imagine the possible scenarios..
The only thing left is cheap Internet everywhere all the time, and we all know that is coming one way or the other. Thats enoough for now, I need to change a diaper (not mine), but stay tuned for updates.
(1) http://en.wikipedia.org/wiki/UNetbootin
(2) http://www.geteasypeasy.com/index.php?menu=download
(3) http://clipmarks.com/clipmark/AB945FA1-6A1F-48CD-A12A-B962CB229572/
http://forum.eeeuser.com/viewtopic.php?id=13673
(4) http://wave.google.com/
Friday, June 5, 2009
Google operators work in GMail too
For those of us that are letting Google record our lives by saving our emails, calendars, documents and blog postings; being able to search email using operators has a lot of potential. The following article provides some great examples
http://gmailblog.blogspot.com/2009/06/tip-slice-and-dice-your-mail-with.html
While you are at it, fans of the GTD (Getting Things Done) system who would like to adopt a Zero Inbox" policy might want to take a look at this:
http://www.43folders.com/izero
...and please have that inbox empty before coming to class :)
http://gmailblog.blogspot.com/2009/06/tip-slice-and-dice-your-mail-with.html
While you are at it, fans of the GTD (Getting Things Done) system who would like to adopt a Zero Inbox" policy might want to take a look at this:
http://www.43folders.com/izero
...and please have that inbox empty before coming to class :)
Wednesday, June 3, 2009
Software addiction is not just about security toys
In the CEH class we get about 13Gs of fun stuff to play with. My goal as an instructor is to make that class as hands on as possible. I think the basic skill of working with unfamiliar tools is vastly underrated, and over the years I have seen that time and time again this needs to be addressed as a real-world skill.
Security hacking tools are just part of it. There are many other reasons to collect "tool packs" of usefull, simple utilities. Not just because many of these tools are free of cost (easier on the budget) but they can also have a tendancy to do just what you want and no more, install easily, be portable and leave small footprints. It depends on the criteria you select.
I just broke down and got a "netbook". I have been eyeing them for awhile, and always thought as cool as they were it was a gadget I didn't need. Then my eReader quit and left me stranded on a 4 hour flight, that was a mixed blessing because now I had my excuse to purchase a netbook.
Battery life is my single largest criteria for this hardware. I ended up with an Asus model that promises 9 hours. I was tempted to go the Ubuntu route, and I will likely one day pull out the drive and replace it with one I can install Ubuntu on and have an easy way to switch back and forth, but for now its Windows because that is what most of my customers use and will want to know about.
In order to remain within the spirit of portability, and I am going to try to meet as close to 100% of my portable computing needs on strictly USB portable software. This way I really never have to worry about restoring the system and spending a weekend reinstalling and licencing applications. (Yes I know, had I went with a Ubuntu model that capability would already exist simply by using apt)
As I compile the list, and have more experience with the netbook format, I will post updates to this blog. Eventually we will have the "Intense Toolkit" made available. I just don't want 4 different of the same tool, I want one each on a checklist of things that need to be carried.
Given this netbook is about the same size as the daytimer I used to carry around, and that with Skype support is is essentially either a small computer or a very large cellphone (whose battery lasts longer than the G1, sadly) depending on you you see it, So far I am very impressed. The potential for these things as hacking devices is only limited by the Atom processor, but in a year or two that will no longer matter.
In the meanwhile, check these two utility packs that offer a one-stop download for a collection of software you can start using now.
Google Pack
http://pack.google.com/intl/en/pack_installer.html
Lifehacker Pack
http://lifehacker.com/5271828/lifehacker-pack-2009-our-list-of-essential-free-windows-downloads?skyline=true&s=x
Security hacking tools are just part of it. There are many other reasons to collect "tool packs" of usefull, simple utilities. Not just because many of these tools are free of cost (easier on the budget) but they can also have a tendancy to do just what you want and no more, install easily, be portable and leave small footprints. It depends on the criteria you select.
I just broke down and got a "netbook". I have been eyeing them for awhile, and always thought as cool as they were it was a gadget I didn't need. Then my eReader quit and left me stranded on a 4 hour flight, that was a mixed blessing because now I had my excuse to purchase a netbook.
Battery life is my single largest criteria for this hardware. I ended up with an Asus model that promises 9 hours. I was tempted to go the Ubuntu route, and I will likely one day pull out the drive and replace it with one I can install Ubuntu on and have an easy way to switch back and forth, but for now its Windows because that is what most of my customers use and will want to know about.
In order to remain within the spirit of portability, and I am going to try to meet as close to 100% of my portable computing needs on strictly USB portable software. This way I really never have to worry about restoring the system and spending a weekend reinstalling and licencing applications. (Yes I know, had I went with a Ubuntu model that capability would already exist simply by using apt)
As I compile the list, and have more experience with the netbook format, I will post updates to this blog. Eventually we will have the "Intense Toolkit" made available. I just don't want 4 different of the same tool, I want one each on a checklist of things that need to be carried.
Given this netbook is about the same size as the daytimer I used to carry around, and that with Skype support is is essentially either a small computer or a very large cellphone (whose battery lasts longer than the G1, sadly) depending on you you see it, So far I am very impressed. The potential for these things as hacking devices is only limited by the Atom processor, but in a year or two that will no longer matter.
In the meanwhile, check these two utility packs that offer a one-stop download for a collection of software you can start using now.
Google Pack
http://pack.google.com/intl/en/pack_installer.html
Lifehacker Pack
http://lifehacker.com/5271828/lifehacker-pack-2009-our-list-of-essential-free-windows-downloads?skyline=true&s=x
Subscribe to:
Posts (Atom)
Posts
