Ogenstad.net

Security Stories and Help with Network Documentation

Once upon a time this used to be my blog. For current updates head over to Networklore.

About / Stories / Contact

The Broken NDA – Part 4

by 1 Comment

midfr0st sat on his balcony, digesting what he had overheard earlier that evening. The smoke filled his lungs and he was starting to get stiff from the cold. But that was of no concern to him. The music from his iPod just vaguely touched his mind.

He had gone over the plan in his head several times and after doing a quick risk analysis he knew it was a very dumb idea. Still, those security consultants were very stupid. In some strange way he didn’t feel he could reward that kind of idiotic behavior by not taking action.

Thomas and Hans had said they were handing over the security assessment report on Wednesday at 10:30 am, which gave midfr0st just under 80 hours until DiMavia would start addressing their security problems. From what he could tell the consultants had just installed a new firewall, and even if he didn’t hold those people in high esteem they might be monitoring the freshly installed box and it would be a bad idea to start pounding it. The time factor made social engineering the best approach, however, lack of information prompted a physical visit. The mere thought of it made midfr0st uncomfortable.

It intrigued him that he hardly found any information about the company on the web, aside from their website which claimed they offered some sort of financial services. He found a few people at LinkedIn who had worked there in the past.

Damn it’s cold, he thought and left the balcony. Compared to the restaurant his apartment looked like a total mess, there must be around twenty boxes here. midfr0st switched on the lights and suddenly was disgusted by all the dust, he missed the harmony from the restaurant where everything was so clean. Though he had enjoyed the music while dining, he picked up his Sonos controller, soon Satyricon was screaming through the speakers.

The cleaning will have to wait some more, midfr0st opened up OneNote and made a list. Tomorrow he would visit the DiMavia office and scout for cctv cameras, if he saw a single one he would back out. He almost hoped he would spot one, if he didn’t it would be time to go shopping.

The Broken NDA – Part 3

by 4 Comments

Just sitting there enjoying the atmosphere made midfr0st question his life in solitude. The wine was probably the best he had ever tasted, the starter had been excellent and now he was waiting for the main course.

My office back home seems like a prison in comparison. He missed being out meeting people. midfr0st’s gaze swept through the restaurant, he couldn’t see any other table hosting a single guest; all of the other tables had at least two people around them. He tried to think of a single person he could have dined with. Aside from the girl next door he came up blank. The realization made him order another bottle.

As he was sitting in all the chatter from the surrounding guests, he heard it clearly, just as if someone had shouted his name.

“vpn”

He almost dropped his glass, the online world came rushing back.

“nat traversal”

Who is speaking?, quickly he tried to focus on the conversation and shut off the other noise.

“Install a Blue Coat. Before we came along they didn’t even have a security policy.”

It’s the two guys just next to me!

midfr0st tried to concentrate on the conversation, he realized he was a bit drunk.
“Here’s to DiMavia” one of the guys raised his glass, “I mean, they paid for this.” They both laughed.
midfr0st’s food had started to get cold, he was entirely captivated by the conversation. Time after time the one named Thomas did his impression of what midfr0st assumed was their client.
“Money is not a problem”. They would always share a toast after this comment.

“Would you like some dessert,” the waitress asked. Midfr0st looked up at her, stunned.
“No, thank you but I’m not done with my meat,” he grabbed the fork again, “it tastes great.” He put down the fork again when she walked away. He wished he had something to take notes on.

“But the best part was that girl in finance,” the guy named Hans said.
“She was quite a looker, wasn’t she!” Thomas made a gesture indicating large breasts.
“Yeah, that too, but do you know what she used for password for their economy system?”
“Some cat?” Thomas guessed.
“The subject name of her certificate!”
“Well, you know how it is with the bean counters.” They both laughed.

midfr0st just smiled, drank some more wine and tried to remember as much as possible of the conversation he had overheard.

Fake Email Slashes Apple Stock by $4 Billion

by Leave a Comment

If you read any of my stories, sorry for not being so active on that front, you might remember A Stock Bubble of His Own which I wrote last year.

You want a real world example? Head over to TechCrunch and read about a fake email to Engadget which made Apple’s stock drop. Engadget quickly posted an update saying it was a false alarm.

This might have been just a prank or someone going after some quick cash, I would guess that a lot of people lost money too. With systems selling stock automatically if it drops below a certain point this can get nasty.

Interesting reflection from TechCrunch; “I do not believe Engadget will have any liability here. Apple may, if the email did originate from its servers)”

The Broken NDA – Part 2

by Leave a Comment

“Sorry for the delay” the girl smiled at him, “It’s been busy around here lately.”
“Oh, don’t worry.” midfr0st hoped he didn’t sound too annoyed. Feels like I’ve been waiting since bloody Christmas, I hope it’s worth it.

“Do you have a reservation?” The girl asked.
“Yes it’s that one,” midfr0st said and pointed at a line in her notebook. He felt uneasy with his name printed in plain view like that. Stop being so freaking paranoid, he thought, hoping his chills were from the weather outside instead of a product from his demons.
“Will you be dining alone?” midfr0st removed his finger from her reservations list.
“Just me, but you’re welcome to join me.”
Her smile grew a bit, “your table will be ready shortly.”
“The bar it is then.”
“That way sir,” she said pointing in the direction of the bar.
“Thanks!”

The place was fairly crowded so there was a buzz of chatter blended in with some classical music.
“What can I get for you sir?” the man behind the bar asked.
“Red wine, I’ll have that bottle,” midfr0st said pointing to a brand he knew of.
“Excellent choice,” the bartender poured him a drink.
You would have said that regardless of what I drank, midfr0st thought.
After his second glass his table was ready.
“I´ll just bring the bottle if that’s alright?” midfr0st asked not really waiting for the answer. They seated him in the corner of the room where he had a full view of the restaurant. He smiled; it was the table he would have chosen for himself. No one would be able to sneak up on him from behind. If I don’t get too drunk that is.
midfr0st was flipping through the menu trying to figure out what language the meals were written in. At the table next to his a waiter was explaining to two men what they had ordered and how the meals had been prepared. I wonder if that was the French word for road kill?

Soon a waiter was ready to take midfr0st’s order.
“I’ll have number fourteen as a starter and number thirty seven as my main course.”
“Ah, the foie gras and the steak, wonderful. Have you decided on a dessert?”
“I’ll see if I want one later.”
“And what would you like to drink to that?” she asked, midfr0st caught her looking at the empty bottle.
“What can you recommend?” midfr0st asked.
“That’s not really my area of expertise, wait a second and I’ll fetch our wine expert.”

The waiter ran off and a few minutes later a short guy came rushing to midfr0st’s table.
“Good evening, sir” he saluted and opened their wine list.
“What price range were you aiming for?” he asked glancing at the bottle on the table.
“Well if the wine is older than me it’s probably too expensive,” midfr0st confessed.
The man launched into a wild discussion, mostly with himself, about the different wines the restaurant had to offer. It sounded like he had an intimate relationship with the lot of them. In the end midfr0st didn’t really know what it was he had ordered, just that he had probably never paid that much for a bottle of wine before.
I should have a sommelier when I live in a mansion, midfr0st mused watching the guy walking away from his table. But mine won’t be gay as a meatball.

No I’m not CAN Certified

by Leave a Comment

During the week I wrote a certification exam for Cisco, before the actual exam I was presented by a survey where they ask questions like background and experience. One of the questions was for which existing certifications I held.

From the Novell camp they had listed CAN, CNE and MCNE. I archived my CNA status in 1998 but haven’t really thought of pursuing the CAN certification. Since it isn’t listed on the Novell page for certifications, I’ll give you a hint on how to reach your goal.

If you already have the CNA status you’re ready to go, otherwise just follow the guidelines provided by Novell  before you start. Then when it’s time to write your CV just open up a word processor which has automatic spell check and write about your trophies hopefully the program will replace CNA with CAN, voila!

I haven’t seen that many CAN’s in the real world although I noticed one of the authors who writes for Syngress has it, good for him!

I would also guess that a lot of happy jobseekers have listed the CAN certification in their resumes. 🙂

[tags]certification, spell check[/tags]