Posts

Showing posts from July, 2018

W5-3/3 The Importance of Friendliness in Office Culture (7/26)

    On Thursday I attended a lunch break with some other workers and I was given some sound advice. Advice that I really needed to hear and something that I feel like I have really been missing in my workplace skillset. When it comes to professional environments a lot of times, I am far too formal and stiff. I was told that for the most part I would have a good chance to be hired for a job in the computer science field except that I am not too personable and that could hurt my chances as employers might think that I would not fit in well with office/corporate culture.        I have always had a very strict face when it comes to more formal matters. My father’s family is formal to a ridiculous extreme that I have never seen anyone else even come even close to rivaling and it is of course a very grave matter to that side of my family. When I played football (from kindergarten to my senior year of high school) formality was also very, very important. Tak...

W5-2/3 Internships Are Not The Beginning of The End, They Are The Start of The Beginning (7/24)

    On Tuesday I learned how to complete some tasks using a data aggregation and analysis tool. I was looking at various machines just to make sure things were up to date. I would just check if certain things were present and whether it had been updated recently. I found it to be somewhat like what I did on the tool I used on Monday. A lot of the work was rather simple. Some people may have been annoyed or bothered doing such work, but I didn’t have any problem using it nor was I bothered by it. I think a lot of people expect too much out of internships and come into internships expecting bad outcomes and exploitation for cheap/free labor. That isn't to say that students shouldn't be weary of exploitation via bad internships but that students shouldn't allow this to feed and compound unto the expectations of what level of work they should be doing. They should be working around an entry level position at the establishment they are interning at. I will admit that some int...

W5-1/3 The Potential of Data Science (7/23)

   On Monday, I was showed   a vulnerability dashboard that allows system owners and security officers to understand their cyber risk posture at a glance   and how to do some statistic reports using it.  I had done similar work with my radio job when I had to do spin reports (how many times a song has played). It’s funny to think of how similar tasks can happen across fields. Then again, some tasks are very universal and thus such experience is good to have in general. One should not overlook tasks that may seem mundane, they may come in handy in the future     This reminds me of my post on the importance of soft skills. In general, one should be thankful of any skill that one has under their belt. Data science is a very important to cyber security as you can keep numbers on a variety of subjects (e.g. number of breaches, number of hosts vulnerable to current Common Vulnerabilities  and Exposures, and possibly a time chart of internet usa...

W4-3/3 The Significance of Soft Skills (7/19)

On Thursday I attended a meeting between two different faculties. I had attended meetings of faculties in the past but never one between two different faculties at two different locations so this was an interesting experience. Interfaculty meetings are quite a bit different considering it is a meeting between “teams” instead of a meeting between two “teams”. The meeting was more formal and was centered on compromise between the two teams (which is quite a bit different than compromise between “team mates”). It was a whole new experience of office culture for me. Meetings and presentations are where soft skills (speaking, presenting, etc.) really come into play. This is why soft skills have such utility in the office environment. Soft skills allow you to understand and communicate things with fellow employees/clients. I think this also a case in which liberal arts colleges hold an edge over universities/vocational schools. I personally feel like liberal arts colleges require more...

W4-2/3 PowerShell ISE (7/17)

 On Tuesday I tried out PowerShell ISE (Integrated Scripting Environment, similar to an IDE like Spyder but with a scripting/interpreted language instead of a programming/compiled language).  PowerShell can perform administrative tasks both on local and remote window systems via Windows management instrumentation and component object modeling), systems communication and analysis of management information (via web services-management and common information modeling), manage Linux systems and network devices (using WS-Management and CIM as well), and its runtimes can be embedded into other applications (which is commonly used in data analytics for graphical representation).  I was sent some scripts to look over which came with examples of commands using said scripts. I also browsed around the command list and tried out a few things. I still need more experience with it and scripting languages in general (I am alright with Bash, but I could stand to improve my sk...

W4-1/3 Responsibility of Employer Property (7/16)

On Monday I went to work on another floor. The team of people I worked with was focused on networking, both domestically and abroad. One of their biggest responsibilities was testing networks and their security, as well as managing networks and their security; not just the software and virtual side of networking but also the hardware/infrastructure. They would often go on site to different facilities and do network/network security assessments. An employee showed me a device for network testing and talked about it for a bit. The device can do automated health checks (network functionality), active performance testing, and network related data analysis and documentation. It’s made to be deployed rapidly and keeps up to date with all the newest tech. The employee let me try it out for a bit just to have a quick look at its interface and selection of tools. I was connected to a very limited network, so traffic was very limited. I just explored around the various tabs and look throug...

W3-3/3 The Balancing Act of Cyber Security (7/11)

    On Wednesday I took some quick mandatory courses. One of those courses that I took was Cyber Security Awareness. This was a good reminder to me on why cyber security is so important in today’s world. Cyber breaches are still a common threat of today, any establishment or person could become a target of a malicious actor. Even with the greatest of resources and defenses an environment can still be compromised. There is a constant and ever-changing meta within cyber security.  As cyber security advances so does hacking to keep up with it. The most capable hackers attack the most vulnerable weaknesses: human error/trust (social engineering) and unforeseen weaknesses (zero-day attacks). I think my favorite thing that I have noticed about cyber security is that it is so strategic.            Cyber security is a balancing act in more than one way. Generally, when configuring and setting up a network greater vantage leads to gre...

W3-2/3 Lua (7/10)

   On Tuesday I decided to study up on Lua. I thought that it might help me gain a greater understanding of Wireshark or at least using its filters. I was still playing with Wireshark but this time around I was mostly just worried about writing filter commands. Lua is quite a nifty little programming language as its syntax is very minimalist and is flexible enough to be written in a variety of styles. I found out the Lua can be used to write dissectors (protocol parser), post-dissectors (used to add items to a dissection tree after all the dissectors have finished), and taps (a script meant to catch data from frames). Though in general it is preferable to use C to write dissectors because it is faster due to better available debugging tools, however one might find some use in prototyping dissectors in Lua.             I would play around with mixing aliases and standard values. I was basically trying to see how many different ways...

W3-1/3 Wireshark(7/9)

   On Monday I was told to explore Wireshark and just mess around with it to get a basic feel of the program. Wireshark sees a lot of use throughout the computer science industry. It’s a free open source cross-platform packet analyzer that is good at trouble shooting and actively monitoring network traffic; it’s basically tcpdump with a GUI and some extra bells & whistles. Due to it being free and easily accessible it is a tempting tool for any user who needs to analyze packets.  Thus, experience with Wireshark can be quite useful on a resume and a good skill for anyone doing network analysis. Wireshark is great to use for incidence response and firewall testing. My previous post on application identification in network traffic can easily be applied to Wireshark.      First a user could check using a display filter command (tcp.port == 20 or tcp.port==21 or tcp.port == 23) for any traffic among those forbidden ports I mentioned previously 20, 21, ...

W2-3/3 Mass Introduction (7/6)

  Friday seemed to be the emptiest day for the office yet, with little to do an employee decided it would be good for me to talk to a bunch of different employees and to introduce myself. Thus, I went around to a lot of different employees within my department and related to my department and introduced myself. In general, most talks were just brief introductions. I would maybe talk about my major but rarely much else. I was asked by one employee my hobbies and interests. Other than that, I did little more than introducing myself as an intern and shake their hand. I thanked them for their time.     Once I finished my introductions, I had a better idea of the overall layout of everything and a more detailed feel for the office culture. I feel like everybody is very nice and inviting in general. People seem to really be courteous to me as an intern and I really appreciate it.     In my previous internship I was just a place holder and courtesy were ...

W2-2/3 Network Mapping (7/5)

On Thursday we covered network mapping. The process of network mapping usually consists of four phases: identify the space of IP addresses you are monitoring and partition the space into different categories (1). Examine the IP space (2), identify blind and confusing traffic (3), and identify clients and servers (4).    During phase one the mapping of the inventory is undetermined and remains to be IP space. A security inventory should monitor every resource's address (that it is able to) on the network (i.e. anything within or on the network an attacker can access), what resources a service is running on, at the very minimum. During phase two cyber security personal should also consider enumerating roles to make searching easier; identifying VPNs, NATs, DHCP, and proxies; keep centrality or volume metrics (e.g. monthly ephemeral summaries); per-host white lists; and monitoring the versions of all services on a particular resource. Ask what addresses make up the network?...

W2-1/3 Identifying Applications in Network Traffic (7/3)

The 2nd week has been kind of slow due to the fourth of July. Many people are taking off the entire week or at least the rest of the week. Because of this the week was not very eventful, none the less it still included good experience and lessons related to cyber security.    On Tuesday I learned about identifying applications in network traffic. There is a number of ways to identify applications in network traffic. Identification can occur via port numbers (1), banner grabbing & OS fingerprinting (2), by behavior (3), and by ancillary site(s) (4). Softwares like NTA and Wiresharks allow a user to watch network traffic activity and look over incoming packets. Traffic should be monitored and possibly recorded in cases of investigation and data analysis. Network analysis is really important to understand the norms of a network and its evolving ebb and flow due to various changes that can occur (addition/removal of previous equipment, lack of employee traffic, increased...