If you have been following my website, which you probably haven't since I don't update often enough to keep it interesting, but anyway; I started to go back to school to get my Bachelors of Science degree in 2011. When I started I knew that the B.S. should only be the beginning, after all, I had been in the technology industry and career field for 18 years. So my intent was to complete the B.S. and go directly into an advanced degree. When I completed the first degree 17 months later in 2013, I wasn't sure which direction to go.
So last week, there was a hardware problem on the Amazon EC2 server that my websites were hosted on, and because I was using ephemeral storage for my home directories as opposed to EBS which I'm using for the root partition, I lost the images and style sheets for my sites as well as my friend's site ZestBakery.com. I was able to pull their style sheets out of my browser cache, but since I've not been visiting my own site for a while I did not have this information available for this site.
This morning when I logged into my workstation, I found that one of my putty sessions to my AWS server had gone "inactive", I looked at the content of what was on the screen and I saw:
Broadcast message from root@ip-10-166-###-### (unknown) at 10:08 ... The system is going down for reboot NOW! Control-Alt-Delete pressed
Some of the interesting news articles in regards to Information Security this week, read more for details
- XSS vulnerability in Skype could allow 3rd party to change passwords
- Undersea communications cables are cut every 3 days
- Apple iOS 4.3.4 release & Jailbroken
- FBI Arrest 14 in relation Anonymous / PayPal case
- Internet Activist Aaron Swartz Charged in M.I.T. Data Theft
- Anonymous Claims Hack of NATO, Sends Warning to FBI
- BING DNS hijacked? SANS says it looks like it
- Three pizza chains ATMs hacked
Government Technology website has an article about an information security challenge:
At 10:49 a.m. last Friday, Prof. Dan Manson cupped his hands over his mouth and shouted to seven teams of five eager people that they could begin a virtual Capture the Flag competition at the 2011 U.S. Cyber Challenge Summer Camp at Cal Poly Pomona.The players manned laptops and began the simulation in which they entered a network to infiltrate servers, conduct penetration tests, analyze attacks and contents of files, overtake control of networked services and crack passwords.
Today has been a big day for news in the Information Security. The Department of Justice has the news on their own website regarding "Sixteen Individuals Arrested in the United States for Alleged Roles in Cyber Attacks More Than 35 Search Warrants Executed in United States, Five Arrests in Europe as Part of Ongoing Cyber Investigations"
Today was day 4 of the GCIH course being taught by Mark Baggett. Things are going great and I'm learning stuff, I today we discussed SQL injection and cross site scripting.
Regarding prevention, the training it states to perform input checking and disallow/block the user from entering symbols or specials characters such the apostrophe (') or the semi-colon (;) or the percent (%), etc.
It's been a bit longer than I anticipated in obtaining this certification, and I learned or re-learned way more about some networking items I will likely never use again, and/or haven't used in years such as information regard hubs. Reminds me of the 10base5 or 4wireE&M telephone signaling that I studied while in the Air Force and never used while I was there or since.
Things are really starting to pick up on the Cornerstones of Trust web development front. The conference is on Wednesday, June 6th in Foster City.