del.icio.us

Discuss in Forums (5)

EH-Net Welcomes Newest Columnist and Experiment

RichM is a real person. Everything contained in this column is real. This evolving column will live and breath with RichM's daunting new job. Your feedback helps decide the direction the column will take. It may be a bumpy ride, but it will be educational. Let's call this experiment Reality Web 2.0.

Premise

RichM has recently accepted a position to helm a flailing network that has remained untouched for six years. The main issues include a porous firewall, non-existent documention and out of date software. Once a month he will share a new catastrophe and what he did to mitigate the risk.

The monthly column will cover a week by week breakdown of all vital details necessary to remedy the situation and hopefully serve as a model of CISSP/CEH principles in action. The column will uncover the current risk, offer details of the issues that needed to be tackled, and ultimately offer a resolution. When applicable, suggestions will be made that you can implement in your own environment.

But this will be a two-way street. There will also be a section in the forums dedicated to the monthly column. RichM does not pretend to have all the answers, but he will do his best to answer any questions that arise. Feedback and recommendations are encouraged, as this will not only enhance the effectiveness of the column but also his own learning and the overall network security of his enviroment. 

Purpose

The main goal of this column is to create a repository of information for IT Administrators tasked with addressing an organization's security from the ground up. Hopefully, it will show what it means to apply all that we learn in books to real world situations. RichM looks forward to writing this column and hopes that it helps to further everyone's understanding of network security and the CISSP/CEH curriculum in a practical manner.

Who I Am

RichM, is an IT professional with over 6 years networking/security experience. In addition to having an MCSE:Security+, he also holds a Master’s Degree in Information Security. He plans on sitting for the CISSP in mid-December and will then prepare and take the CEH in late spring, early summer.

Information Security is not just a job, but an unquenchable obsession for RichM. Most of his free time (on average 2-4 hours nightly) are spent learning or playing with all things related to information security. His ultimate goal is to be Chief Security Officer for a Fortune 500 company, which he hopes to attain within the next 7-10 years (if not sooner).

He apologizes in advance for the veil of anonymity, but documenting and discussing a network as vulnerable as this should be guarded as much as possible. If anything, the anonymity allows more details to be revealed and greater amounts of information to be shared.