Can’t connect to this network? Here’s the fix.

Can’t connect to this network? Here’s the fix.

After upgrading to Windows 10, when I unhibernated my laptop the next morning, my wifi connection didn’t work. Forgetting the network and reconnecting didn’t help–I’d get the message that Windows 10 can’t connect to this network.

The problem seemed to be in the power management.

Read more

Do I have enough CISSP work experience?

It seems like about once a month an aspiring coworker asks me how to get enough CISSP work experience. I think this shows a misunderstanding of the requirement, so I’m going to try to clear it up.

You don’t have to get your five years of work experience in one big lump. And that’s a good thing, because that would be hard to do. Sometimes you can get a security job without a cert and work your way toward it, but a lot of employers want you to come in with the certification already.

But that’s OK. As long as you’re doing something more than selling computers at retail, odds are you have some security experience that can count toward the requirement.

Read more

Estimating the value of a Marx train

One of the most frequent questions I see or receive directly about Marx trains is what a Marx train is worth, or the value of a Marx train. Of course without seeing the train, it’s nearly impossible to give a good estimate, but there are some general rules that you can follow, either to protect yourself as a buyer, or to keep your expectations realistic as a seller.

Read more

Password management advice from CSO Online

Over at CSO Online, there’s a nice war story about tracking down and resetting 300 passwords.

I could pick nits at a few of his details, but that’s annoying and counterproductive. His overall advice is very good–manage your passwords, set them to something random, keep in mind that some sites just won’t allow for a very strong password so do the best you can, and protect your main e-mail password and your password management system password with all the diligence you can muster.

Read more

Change a headline, go to prison

A former journalist whose track record includes being fired from the Tribune Co. and from Reuters is facing two decades in prison for giving the hacking group Anonymous credentials to log into a Tribune web site and change stuff.

Anonymous changed one headline, and it took about 40 minutes for someone at Tribune Co. to notice and change it back.

It reminds me of something that happened at the newspaper where I used to work.

Read more

The difference between a vulnerability scanner and a SIEM

I heard an interesting question the other day: What’s the difference between a vulnerability scanner and a SIEM? Qualys and Nessus are examples of vulnerability scanners. Arcsight and Splunk are examples of SIEMs.

To a security practitioner, the tools couldn’t be much more different, but not everyone is a security practitioner.

On a basic, fundamental level, a vulnerability scanner deals in what’s missing in the environment and what could happen as a result of those things that are missing. A SIEM deals in what actually has happened and is happening.

Read more

The most valuable IT skill you can learn in 2015: Splunk

Whether you want to move to security or just get a lot of job security and raise potential while staying in infrastructure, probably the best thing you can do for your career is to learn Splunk.

What’s Splunk, you ask? Well, my t-shirt says “Weapon of a security warrior,” but it really does a lot more than that.

I think of it as a centralized logging and alerting system, but really, because it can log and alert and draw graphs, it can replace almost any piece of management infrastructure. I asked, only ten-percent joking, why a Splunk shop needs to run anything else to manage itself.

Stand up Splunk, let it collect your logs and your performance data, and when something goes wrong, you have one place to look for the data you need to figure out what happened.

Fortunately, unlike many enterprise tools, you can run Splunk at home for free. Splunk offers a well-written 200-page book for free in all of the common e-book formats that provides a good introduction and a set of data to play with, and you can download the software itself from Splunk’s front page. You can then pull your logs from all of your desktops, and if you run DD-WRT, you can pull those logs as well, then practice learning what you can from that data beyond what’s in the book.

You will undoubtedly find some things when you start poking around, so even if you’re not able to get going with Splunk in your current role, you’ll end up with the war stories you need to get a Splunk-related role for your next job. Even if all you do is catch HD Moore and Robert Graham scanning you, your interviewer will be interested in hearing how you saw it and managed to figure out it was them.

Hacktivism is real, and getting more dangerous

Lost in the stories of last week was a story I really don’t want to talk about, but I have to: Planned Parenthood got hacked, and a database of its employees was stolen.

I don’t want to talk about it because the risk is this story becoming about abortion rather than about security. But it brings up a real problem: Now we know that political activists have the desire and the ability to hack into organizations they disagree with.

Read more