Archive

Archive for July, 2009

BlackHat 2009 resources on-line

2009/07/30 Comments off

For those of us that are unable to attend BlackHat in person, the talk resources are now available online. Currently the video/recordings of the talks themselves aren’t uploaded but there are slideshows, whitepapers etc. available for each talk.

It’s a long list of good looking information, to the point I’m still struggling to decide what to look through first, and unlike looking through the line-ups of previus years there is very little that doesn’t spark my interest.

Get you fill of BlackHat material here

Andrew Waite

Categories: Uncategorized

CloudCamp sound bites

2009/07/30 1 comment

Same story as my previous post on the event; I’m still trying to fully digest all of the information and ideas presented. Whilst I research further I thought I’d share some of the comments and soundbites (mostly paraphrased) a took a note of during the event, which are currently bouncing around my head.

(If any of the speakers feel these are mis-quoted or out of context, please let me know)

Reading back through my notes, I find it interesting that most of these could relate equally well to any form of IT-based service, feeding back into my original feeling that cloud computing isn’t especially new but is simply the evolution of other shared IT frameworks (main-frames, multi-user systems, etc.). Which brings me nicely to my first quote:

The ideas and technologies behind cloud computing aren’t new; it is the billing model that is innovative and creating opportunities.

Use multiple cloud providers to ensure tolerance to failure

Balance the cost of a failure against the cost of mitigating the risk

Run a business/service expecting failures to happen, and plan accordingly

Contractual SLAs are not insurance against failure

Security issues related to Cloud computing aren’t new or worse than security issues within traditional architectures, they’re just more visible

Traditional systems don’t scale well within a cloud architecure

Todays archicture and system components will evolve to be more efficient with a cloud based environment

The cost of failure is often the biggest cost of IT systems

Traditional licensing models for OS and applications needs to evolve to match the requirements of cloud based services

And finally, which was said with a wry smile:

Cloud computing is good news for consultants

Andrew Waite

Categories: Cloud

Initial thoughts from CloudCamp

2009/07/29 1 comment

Tonight was the second CloudCamp event in the North East of England, and my first serious look at cloud computing. I really enjoyed the event and believe I recieved excellent value from attendence, so thanks to all those who helped run the event, presented and discussed aspects of the field with me during the breakout sessions.

My head is still spinning with new ideas and understanding as a result of the event so I’ll try to keep this brief and to act as a semi disclaimer for future postings regarding cloud computing.

Before the event my understanding of cloud computing was very cursory and I was very dubious of both it’s implementation and actual value to an organise. As such I attended the event in an effort to gain a greater insight into this new buzz word in service provisioning, either to join the bandwagon and take advantage of the Cloud’s potential, or to be able to better argue against adoption with a more reasoned argument than ‘I don’t like it’.

For this goal the event was perfect for my needs, as I know have a better understanding of what Cloud computing is (and isn’t) and have been able to answer some of my fundemental questions.

Short and sweet was the intention of this post so I’ll finish with a quote (paraphrased) from the event which has in some ways changed my outlook on Cloud computing, and more specifically the ability to secure a Cloud:

Security issues related to Cloud computing aren’t new or worse than security issues within traditional architectures, they’re just more visible.

Andrew Waite

Categories: Cloud, InfoSec

July SuperMondays Review

This months SuperMondays started of with the usual round of pre-event geek talk and networking. As a result I now definitely want to get myself down to Bletchley Park and I’m some-what gutted that I wasn’t aware of the Big Geek Day Out before it happened, sounds like those involved had a blast.

The event proper started off with an announcement from Mike at Orange Bus stating that they are currently hiring. If graphical work and web design is your thing give them a look.

The presentation proper was provided by John Colqulon, John introduced his project with Newcastle University aiming to provide aid to GPs and other medical practitioners to determine a patients risk to cardivascular problems. There are other applications that provide this level of support available, but this project goes one step further, by visualising the impact a mitigation and/or lifestyle change could have to that patients risk, using several underlying research models (who’s names I can’t remember, sorry)

I’ll admit that this wasn’t exactly my favourite of topics, but both John’s presentation and the debate raised in the questions section provided a good insight into the many different aspects that need to be considered to complete a complex IT system, from interface design to data protection issues. Although I personally struggle to understand the importance of using smiley faces to represent discrete mathematical figures, just not my field of expertise…

The second part to this month’s event was a first in SuperMondays history, no presentation just a group wide discussion of a selected topic, in this case encryption and ‘sharding’. Despite most people’s original understanding that isn’t a typo, sharding with a ‘d’. The concept is to break up meaningful files into smaller component parts (with each encrypted if the information warrents it) and scattering the shards to multiple locations. Theory is that if one location or server is compromised, the data it holds is useless without the other shards, or the blueprint information to rebuild the original file.

It certainly generated a lively discussion, with various weaknesses, trade-offs and mitigations being proposed and countered by differing group members, the wide array of different fields of expertise was within the attendees as different issues and factors where introduced from angles I had never considered. I enjoyed the format of the discussion and thought it worked well, although how well this was recieved if the topic was outside of your zone of interest and/or speciality I’m not sure. To counteract this it was proposed that it may be beneficial to move to a bar-camp type structure for similar setups to allow for multiple topics of discussion, allowing attendees to get involved in the topic that most interests them.

Rounding off the event was the announcement that Gavurin are also hiring (what credit crunch?), again if this is within your field and are looking for a new challange give them a look.

As usual, the event ended in the local pub for more highly geeky conversation over a drink, this time round I ended up in some interesting discussions on the legalities of accessing or operating an insecure wireless access point, support contracts for companies with (seriously) legacy systems and everyones ‘love’ of telco providers.

As I usually state, if you’re in the area and industry, and haven’t been to a SuperMondays gathering: Why Not? But it’s looking like this may get easier to attend, as SuperMondays is growing there are developments afoot to create an official not for profit organisation to take the group forward and to widen the location of events to across the North East, rather than just Newcastle itself.

See you all at the next event,

Andrew Waite

P.S. thanks to David Coxon who beat be to a review of the event, and made it easier to find some of the links I wanted.

Categories: SuperMondays

War-walking case

I’ve just complete work on a project I’ve had in mind for a while now, a warwalking case. As you can probably guess it involves fitting a war-drive rig (car excluded) inside a carryable case.

As I had one going spare I started off with a fairly standard CD carry case:

Case before modification - closed

Case before modification - closed

Bit of fun with a hacksaw and foam later and theres an alcove for my external Alfa wireless card:

War Drive case with Alfa card

War Drive case with Alfa card

The grooves cut into the central partition create secure compartment for my Acer AA1, both in transit and whilst running, (not sure about cooling ventilation yet, still a work in progress):

War Drive case with AA1 running Kismet

War Drive case with AA1 running Kismet

Finally, a groove in the edge of the case allows for external access for the omni antenna and GPS reciever. Complete kit below:

Complete War Walk rig

Complete War Walk rig

Now it’s complete I’m not sure whether this kit will actually get used though. It looks a bit suspicious and is now commonly referred to as ‘the bomb’. Not sure I’m looking forward to explaining to an armed response unit that I’ve got nothing more dangerous in the case than an up to date Metasploit install.

Andrew Waite

Categories: GPS, Tool-Kit, Wireless

Thank you Cisco

2009/07/23 Comments off

Several months ago I tried accessing a Cisco whitepaper (can’t remember which one or what topic) and was prompted to register for a prize draw. I was bored to so thought ‘what the hell’, couple minutes later I was done and forgot about it. Until the post turned up this morning!

I cracked the box open and found a rather shiny looking pen (see below):

Cisco Pen Boxed

Very shiny box for a pen, but it turns out that Cisco know geeks; the pen also includes a 1GB USB drive!

Cisco Pen Disassembled

Cisco Pen Disassembled

And the perfect finishing touch? The end of the pen also includes a laser pointer, which has given me great enjoyment watching the dog chase and try to devour the red spot on the carpet. Thanks Cisco.

Andrew Waite

Categories: Tool-Kit

VMware, Win7 & VirtualXP

2009/07/22 Comments off

<update-20091129>
Very grateful to Timmedin for pointing me in the direction of his recent work with the same issue. In usual form, Tim has even packaged up a powershell script to automate the workaround. Check his fix here, much cleaner and slicker than my own. If your still curious, read on for the backstory.
</update>

Since rebuilding part of my toolkit I’ve had issues connecting to my ESXi host server. I had originally thought this was a result of an upgrade from ESXi 3.5 to ESXi 4.0, and the resultant change from VMWare infrastructure client to the new vSphere client. After several hours and days fighting down a blind alley I found a forum post that highlighted Windows 7 as the culprit.

Further reading indicated that this is a widespread issue with no real solution. Best workaround appears to be to run the client within a sandbox via Microsoft’s Virtual XP environment for Windows 7.

After a couple of false starts the install process was fairly straightforward, found here. Simply select hardware architecture (32/64-bit), install a patch, then finally the Virtual XP image. Everything beyond this works as expected, a virtual XP machine. Once in the virtual environment install the vSphere client as normal to regain access your VMWare environment.

vSphere via virtualXP

vSphere via virtualXP

Knowing my preferences, observant readers may be wondering why not achieve the same results using a VMWare guest with the vSphere client installed. VMWare Server is already installed on my machine, and was one of my initial thoughts. However, Virtual XP and VMWare utilise virtualisation for different results. The Virtual XP client has several intergration features (can be disabled if prefered) that allow simple, native access of resources on the host machine (files, directories, peripherals etc) from within the guest. This makes working with either, and between, host and guess seamless. Obviously such intergration would be unsuitable for a lab environment as you want/need isolation, seperation and protection from the guest machines so VMWare still has it’s place. As usual, using the right tool for the right job is essential.

At this point I’m back in my lab, and the R&D rolls on, but the experience has led me to look more indepth and Virtual PC. I have started building a BackTrack4 guest with Virtual PC to run within my standard machine for everyday use. Having access to a Linux environment as simply as a double-click as per normal applications will hopefully be a nice addition to my usual working practice.

<UPDATE> BT4 works fine, but the X GUI fails to start. Guess I’ll need to polish up on my commandline kung fu </UPDATE>

Andrew Waite

Categories: Lab, MS Windows, VMware