Posts Tagged ‘security’

…transmitting live from Willbrook Platinum Business Center (“conveniently” placed near the SIE – External Intelligence Service). The most expected technical security conference on the local Romanian market, organised by Provision, the largest security distributor in .Ro.

We have here CheckPoint, Websense, FireEye, Radware, Riverbed, SafeNet, McAfee, Qualys and many more. I was pleasantly surprised to find here Ixia, one of my former employers, presenting their security testing solution (largely made out of BreakingPoint).

I usually dread these conferences, because I know the huge amount of work the organisers put in (I was helping one out a couple of years ago), and due to the fact I should wear something nice. Buut, let’s look at the bright parts:

1. I’ve got my personal Websense demo: Web Security, Email security, DLP and Mobile Security

2. Spent time with people from Ixia, who traveled all the way from Israel to join this event. I loved to hear their stories and catch-up on the “old times”

3. Got the chance to talk to techies from CheckPoint and FireEye and ask about mobile security in telcos

4. Attended CheckPoint, Skybox and a couple of more presentations and looking forward to the Risk Assessment & Strategy “Round the table” session with CISSPs and CISOs from McAfee and one of the largest Romanian banks

5. What is the most beneficial part in any conference (besides the lovely complimentary drinks and sweets) is meeting people and catching-up with people. Whether it is my PhD Thesis coordinator from the Military Technical Academy, pentesters from KPMG Romania, old Master colleagues, former colleagues or just people on the Romanian security scene that I know, it is awesome to spend time with them and catch-up, hear what’s going on in Bucharest in the past years – industry-wise, not research-wise for a change.

Thank you, Provision !

…just a couple of pictures I managed to take, before an actual presentation started

IMAG0202 IMAG0203 IMAG0204 IMAG0205

http://wipkip.nikhef.nl/events/OHM/video/d4-t2-04-20130103-1400-sim_card_exploitation-karsten-nohl.m4v

note of the day

Posted: September 4, 2013 in technical, thoughts
Tags: ,

this is the most straight-to-the-point paragraph I’ve read today

quote

I have just had a series of talks the past weeks with a good friend of mine. He is a Security Architect for a large company up north. I’m curious about what he is doing there, so initially I was thinking of organising our discussions as some form of an interview. Later on, my proverbial laziness got the best of me, so I downgrade our nice chat to a short blog post (this one).

Bottom line: I’ve asked him what it means to be a Security Architect. It went somewhere along these lines:

What are you doing there? Is it cool? Is it nice? Do you do cool stuff? Cristina being a bit of a chipmunk at this point

You won’t find it that cool, most probably. I don’t get to dig into the GTPv2 as you do.

Absolutely unsatisfactory – I say. Nevertheless, our discussion digressed into an interesting side-area: security frameworks and how to do network architectures security assessments. I asked for a framework to do these assessment.

Ok I will recommend something – but I don’t usually stick to frameworks, as it depends on the assignment and other stuff more to me. Like experience. So I go by from my head – yueah I know it sounds bad, but it works for me, as long as I remember to include all the areas.

Again, completely unsatisfactory – I say. Still, continuing the discussion, I realise the guy is right: it _actually IS_ about experience. Whatever “framework” is just a nice area checklist to help you with not missing out on stuff. This guy has too much experience to use any frameworks at the moment, but I need something to start learning this stuff. I did find something, and my friend corroborated my findings. Fortunately, his examples and details from his experience nicely matched the framework that I also liked for my research: ITU-T X.805.

(more…)

Wiley – they are some of my favourite publishing houses, alongside Springer, Academic Press and Prentice Hall. Latest book I’ve read from Wiley is actually an old one. Somehow, it has slipped my reading list.

It is Security Engineering: A Guide to Building Dependable Distributed Systems

Mr. Ross J. Anderson has a nice profile on University of Cambridge website and advertises the second edition of his Security Engineering book almost 3 years ago.

The structure of the book follows like this:

Part I
1. What is security engineering?
2. Usability and psychology
3. Protocols
4. Access control
5. Cryptography
6. Distributed systems
7. Economics

(more…)

Some time ago I was writing about how proud I am to see Romania as the leader in IPv6 adoption. We, Romanians, are majorly geeky when it comes to technology. Of course, that does not mean we get the security part always right, but, hey, no pain, no gain!

Also some time ago I started a quick look into the IPv6 security, more precisely the SeND feature. Unfortunately, things happened and I didn’t have time to continue the series.

Up until some time ago, when I looked more closely into what IPv6 security actually means. This is how I ended up purchasing the IPv6 Security book from Scott Hogg and Eric Vyncke. Hogg is the Director of Advanced Technology Services in GTRI, while Vyncke is a distinguished engineer at Cisco. The book is published by Cisco. The guy’s references have some weight, though by my stressful and painful experience with Cisco CCIE Security personnel kindly forcing me to use Aggressive Mode, while I wanted a Main Mode S2S and RA config on the same firewall some years ago, I would not credit Cisco with way too much when it comes to security. But this book is good.

(more…)

http://www.youtube.com/watch?v=M-ooPfZcuGQ

Boy, I’d so very much love to work with this guy!!

Background: he explains (among others) how his team optimized the computation and the retrieval of values in a rainbow table, in order to break the A5/1 stream cipher used for GSM encryption.

I know, it’s an old video, but I had a LONG todo list 🙂

http://www.reflextor.org/trac/a51/wiki/TableStructure

https://media.blackhat.com/bh-ad-10/Nohl/BlackHat-AD-2010-Nohl-Attacking-Phone-Privacy-wp.pdf

 

IPv6 CGA

Posted: July 25, 2012 in technical
Tags: , , ,

Better later than never 🙂

I really liked this session:

http://www.brighttalk.com/webcast/288/49937

and the guy (Joe Klein) also has a nice blog:

http://scientifichooligan.me/

http://tools.ietf.org/html/draft-arkko-send-cga-00

From Cisco:

Cryptographically Generated Addresses in SeND

Cryptographically generated addresses (CGAs) are IPv6 addresses generated from the cryptographic hash of a public key and auxiliary parameters. This provides a method for securely associating a cryptographic public key with an IPv6 address in the SeND protocol.

The node generating a CGA address must first obtain a Rivest, Shamir, and Adelman (RSA) key pair (SeND uses an RSA public/private key pair). The node then computes the interface identifier part (which is the rightmost 64 bits) and appends the result to the prefix to form the CGA address.

CGA address generation is a one-time event. A valid CGA cannot be spoofed and the CGA parameters received associated to it is reused because the message must be signed with the private key that matches the public key used for CGA generation, which only the address owner will have.

A user cannot replay the complete SeND message (including the CGA address, CGA parameters, and CGA signature) because the signature has only a limited lifetime.

wishlist that will probably not come true, at least not this year

https://www.blackhat.com//docs/bh-us-12/training/bh-us-12-Training-April11_Matrix.pdf

papers on security testing

Posted: April 10, 2012 in technical
Tags: , ,

http://www.cigital.com/resources/papers/

specially those from mister G. McGraw 🙂