just got 2 new certs.. - BMW Luxury Touring Community
 
LinkBack Thread Tools Display Modes
post #1 of 12 Old Apr 18th, 2006, 1:50 pm Thread Starter
Senior Member
 
mconlogue's Avatar
 
Join Date: Jun 2003
Location: Lewiston, ME, USA
Posts: 2,109
Cool just got 2 new certs..

CBCP: Certified Business Continuity Planner (formerly known as disaster recovery planning)

CEH: Certified Ethical Hacking (and Countermeasures)

The CEH class was a hoot! 5 days of training, doing SQL injection attacks, buffer overruns, writing viruses, back door trojans, and breaking Wireless encryption (wicked easy).

We each had a SQL server, and an exchange mail server that we had to defend against attacks, while attacking the other nodes on the network.

Mark Conlogue
MCSE, MCT
CEH (Certified Ethical Hacker)
CBCP


I take Life with a grain of salt......and a slice of lime and a shot of Tequila
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


20 grand & 2K miles don't make you a biker
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

I COULD TELL THEY WERE BIKERS,
IT SAID "LIVE TO RIDE" ON THEIR TRAILER

Last edited by mconlogue; Apr 18th, 2006 at 1:51 pm. Reason: spelling
mconlogue is offline  
Sponsored Links
Advertisement
 
post #2 of 12 Old Apr 18th, 2006, 1:53 pm
Senior Member
 
dshealey's Avatar
 
Join Date: Apr 2002
Location: Dandridge (Near Knoxville), TN, USA
Posts: 12,165
Quote:
Originally Posted by mconlogue
CBCP: Certified Business Continuity Planner (formerly known as disaster recovery planning)

CEH: Certified Ethical Hacking (and Countermeasures)

The CEH class was a hoot! 5 days of training, doing SQL injection attacks, buffer overruns, writing viruses, back door trojans, and breaking Wireless encryption (wicked easy).

We each had a SQL server, and an exchange mail server that we had to defend against attacks, while attacking the other nodes on the network.
You should not have told us, now we know who you are!

I don't want to achieve immortality through my work...I want to achieve it through not dying.

David Shealey
Dandridge, TN
EX: '01 Black LT, BAT BYKE (Totaled at 110,000 miles)
IBA SS, BB, BBG, 10/10ths.
No bike now, but maybe in the future.
dshealey is offline  
post #3 of 12 Old Apr 18th, 2006, 2:01 pm
Senior Member
 
mpillis's Avatar
 
Join Date: Aug 2004
Location: Union, Ky, USA
Posts: 834
Dna

they got me working on DNA - Distributed Network Attacks.

Marc Pillis- MSF Rider Coach
Union, Kentucky
2005 LT
2004 R1150GS Adventure
2013 DR650
mpillis is offline  
 
post #4 of 12 Old Apr 18th, 2006, 2:08 pm Thread Starter
Senior Member
 
mconlogue's Avatar
 
Join Date: Jun 2003
Location: Lewiston, ME, USA
Posts: 2,109
Dna

Quote:
Originally Posted by mpillis
they got me working on DNA - Distributed Network Attacks.
we learned about those, but did not actually do a hands on

Mark Conlogue
MCSE, MCT
CEH (Certified Ethical Hacker)
CBCP


I take Life with a grain of salt......and a slice of lime and a shot of Tequila
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


20 grand & 2K miles don't make you a biker
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

I COULD TELL THEY WERE BIKERS,
IT SAID "LIVE TO RIDE" ON THEIR TRAILER
mconlogue is offline  
post #5 of 12 Old Apr 18th, 2006, 2:27 pm
 
Join Date: Dec 2003
Posts: 1,752
So you have a white hat now? Congrats Mark!
gulfxray is offline  
post #6 of 12 Old Apr 18th, 2006, 3:20 pm
Senior Member
 
hawg's Avatar
 
Join Date: May 2005
Location: Newnan, ga, usa
Posts: 2,818
?????
hawg is offline  
post #7 of 12 Old Apr 18th, 2006, 3:42 pm
 
Join Date: Dec 2003
Posts: 1,752
Quote:
Originally Posted by DaveDragon
While analyzing out Web front end servers, firewalls, load balancers, etc; we found a major bug in Java 1.5.05 on Solaris and all others we tested.

Problem:
JAVA receives a socket kill signal from the application code, JAVA then sends the kill signal to the OS and the OS should kill the socket connection.

The problem I found was that the JVM was never sending the kill signal to the OS so all the socket connections continue to grow until the thread pool is depleted then the OS crashes.

I tested it with a small Java app that opens 150 connections to port 25 then closes the 150 connections.
Then it displays the Thread Count and the OS indicates 150 threads in CLOSE_WAIT Status.
Run the app again and now you have 300 in CLOSE_WAIT state.

This is a BIG PROBLEM for anyone that frontends their web presence with Java as it sets you up for a Denial Of Service Attack.

We contacted Java Support at Sun and detailed the issues we found along with the test app I used to verify the issue.
Sun cut us an Emergency 1.6 patch and we tested it then put it in production.

Sun will be releasing an emergency patch shortly based on this fix.
Good know... We are an MS IIS shop for now. but are getting a lot of pressure to pick some Apache/Java stuff - we're trying to decide how risky that is... Sounds like it'll be fun!
gulfxray is offline  
post #8 of 12 Old Apr 18th, 2006, 5:14 pm
Cat Herder
 
andy's Avatar
 
Join Date: Apr 2002
Location: Houston, TX, USA
Posts: 5,852
Quote:
Originally Posted by mconlogue
CEH: Certified Ethical Hacking (and Countermeasures)
Lissn Mr. EHacker

I'd have a server for you to hack into. I'd like to see how good I set my my countermeasures. Contact me offline if interested.
andy is offline  
post #9 of 12 Old Apr 18th, 2006, 5:16 pm
 
Join Date: Nov 2002
Posts: 1,706
Speaker fuzz, snort camera dirt, woolly bottom, paint kill. Lamp blue candleshift and laundry plate sky pickle. Unless of course you shot boojum, waxdart!


Yup, I knowz all about 'puters!


Keith is offline  
post #10 of 12 Old Apr 18th, 2006, 9:24 pm
Ted
Senior Member
 
Ted's Avatar
 
Join Date: Jun 2003
Location: Oxnard, CA, USA
Posts: 1,988
Talking

Mark -

It's cheaper if you use the same trojan for either front door or back door operations :-)

Ted

Camarillo, CA
2012 Ducati Multistrada 1200S - Red
2007 R1200S - Black - Sold
2003 K1200LTC - Silver - Sold
IBA# 16554

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Ted is offline  
post #11 of 12 Old Apr 19th, 2006, 7:32 am
 
Join Date: Jul 2004
Posts: 1,316
I took the hacker class offered by Foundstone (Poundstone?) some time ago and found it quite educational. I also found out how tight our monitoring was the next week when I got back to the ofice and tried out a few items. Our network nazis were not amused.
rixchard is offline  
post #12 of 12 Old Apr 20th, 2006, 1:27 pm
Senior Member
 
zippy_gg's Avatar
 
Join Date: Jun 2004
Location: Kennesaw, GA, USA
Posts: 8,115
Quote:
Originally Posted by rixchard
I took the hacker class offered by Foundstone (Poundstone?) some time ago and found it quite educational. I also found out how tight our monitoring was the next week when I got back to the ofice and tried out a few items. Our network nazis were not amused.
Yup, this can get you fired so you should get prior approval IN WRITING!!!

Gilles & Kathy
BMWMOA# 154719
IBA# 71594
2011 Ostra Gray RT
06 Mercedes-Benz E350 Estate (parts and people hauler)
2012 BMW X3 (parts and people hauler)
86 Porsche 911 Cabriolet (my "new" baby)



For her I climbed the highest mountain!
For her I swam across the deepest ocean!
For her I walked through the largest desert!
And then she left me... She said I was never home!!!


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
zippy_gg is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the BMW Luxury Touring Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in











Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome