Title says it all.

Download here

Who do you work for? and how do I get a job? 

Humv,

thanks for the update, one thing that has always concerned me about taking an 'online' style course is the facilities provided by the organisations labs. Are the SANs labs providing you enough opportunity to test and play with what you are learning or are you still finding the need to play with your own environment?

Thanks,
RR

Thanks for the link Don,

I'd been trying to get a way to view these over the pond to see what all the fuss is about.

Depends on your local branch I'd guess. I've been a member for around 4 years and have been to around a dozen events. Just depends on your interests and who they've got to speak. Had a really interesting debate when the head of BCS did a talk on professionalism in the industry and basically got attacked very lively debate.

From the perspective of specialist groups, for me they help me keep semi-upto date but the events are all London based (I'm definitely North of the M25 ) so I don't have a great opportunity to attend so can't comment.

The forums (especially security) are, imo, fairly weak. Anything that gets discussed I've usually known about for a while and/or most comments are a re-hash of either the Daily Mail or /. But it's been a while since I've looked, they may have improved recently.

In terms of return on investment, the BCS newsletters/emails usually have a good article or two and I get a free copy of Computing every week. The discounts and special offers have never really helped me, but the new online library could be interesting as it expands.

Biggest benefit I've gained from it is the CV aspect, one more plus I've got over another applicant.

Your mileage may vary, but I'd at least suggest keeping an eye on the websites for your local branches to see if there are any interesting talks. Most are open to non-members anyway.

Google. This has been answered multiple times in multiple places. A bit of research is all you need.

Most solutions assume that you have physical access to the box, but this shouldn't be a problem as it is your server, right?

I'm guessing so. The information I've read about the attempt stated that tere currently isn't (wasn't) a record. Therefore it should hold the record if only off the back of your 3 downloads

You sure? Personally I'd check with my legal department. This may not be universally true.

Dale,

I'm stuck in the same situation, there doesn't seem to be much going on in the UK.

As you mentioned InfoSec it's not an event I've been to so couldn't comment on it's quality.

Eusec West is usually hosted in the UK, from reading archived news sites 2006 was Edinburgh; 2008 was London but I only found out about the event the day it started so missed it. I'm going to keep an eye out for the next ones.

I've been to several decent security related events with the BCS (Newcastle Branch). In particular I witnessed a brilliant demonstration of the capabilities of EnCase and forensics in general. If you're not a member I'd suggest taking a look at your local branches.

Speaking to other people from EH-Net in the UK, security conferences are usually poorly publicised and in several cases invitation only. Hopefully the situation will improve as the industry matures.

Sayonara.yoga,

if this is the case then you may be able to contact Google direct to determine if your confidential information is there, but I suspect you may need smoking gun evidence and possibly a police warrant.

Alternatively if you have information related to a specific individual you may be able to contact them directly and request that they show your their account. They may subscribe to 'nothing to hide....', of course if they are smart then any evidence will be deleted so access to their gmail account will not be of any use.

Finally even though it is a corporate network and corporate information I would advise reviewing your policies and/or contracts as it may still be illegal to sniff the passwords from the network. This could potentially get both your self and your employer into a whole heap of trouble.

As others have said, gmail should be encrypted therefore merely sniffing the traffic on your proxy may not be sufficient. I do not believe this is the most logical, legal or practical approach, but without knowing your environment better it is difficult to suggest a better course of action.

If it is causing problems and data leakage then you could/should review corporate policy and block access to gmail et.al. just be aware that in this day and age a sufficiently privileged insider will usually be able to find some way of removing data from safe storage. Often improving the audit-trail capabilities of your environment is enough to stop insiders doing unwanted activities as it increases the prospect of getting caught.

Hope this helps.

RR

  simple. use a packet sniffer. Next

Billy786,

looks promising, might make a nice base for a project I've had in mind for a while. Thanks for sharing.


I'd suggest this could be left as 'an excercise for the reader'. As Billy states this is good for beginners trying to grasp the basics, too many advanced features may just confuse matters (aka me )

umm, 10 hours in the office seems like a holiday at the moment. Several 20+ shifts recently are starting to take their toll.

Might try your list out, I think my missus may thank you for it (although I did manage to take the hound for a walk before checking to see if I had any new mail [or EH posts ] tonigh, which is an improvement for me)

Still might, I'm the product of watching hackers too many times as a kid.

I think those young enough to find films like these give them inspiration will fall into two catagories:

• those that a hit with the bug
• and those that get bored 5 minutes after finding out that GOD isn't the password to every system the try

In general it may not hurt to promote security / insecurity awareness within a wider audience, even if it does need to be wrapped up in Hollywoodisms

Same here, close to home.

But I think a lot of what you said was truthfull so no-one can really complain that much. From my perspective I listened through the 'techies are hard to live with' part, and the first thing I did was hit re-wind as I called my better half up stairs for a Budweiser true, true moment.

The talk hit a lot of right notes with me and I feel I got a lot from it, both retrospectively and looking to the future, thanks.