Thursday, August 28, 2008

Starting to study for Security+

As per DOS 8750, it looks like I'll need to get certified. I'm considered Technical II, so I need to get either Security +, SANS GSEC, SCNP, or SSCP. I last took the SANS GSEC in 2001, but in 2005 I did not recertify. Of course, in hindsight, I wish I had.

So, it's time to start studying for another exam. I had started studying for this exam a long time ago, but I put it aside when I prepared for the GCIH. It looks like it is back to the drawing board.

And, if I end up becoming a Technical III, I'll have to sit for the CISSP.

Wednesday, August 20, 2008

A little housekeeping

For those of you keeping score at home....

I updated my links section with the blogs I follow in Google Reader. Most of those blogs I read on a daily basis, an believe me; I've learned a TON from reading them. I encourage any reader to follow those blogs, as some they represent some of the brightest names in our field.

I'll try to keep the list current, as I discover more blogs.

Tuesday, August 19, 2008

Windows Vista - and Gold Disks

Two things.

Work got me a new laptop. It came in with XP Pro installed. As I was joining to the domain, the backup security officer mentioned that the IT steering committee decreed that all newly provisioned laptops are to have Vista (Enterprise) and Office 2007. So, it was back to the drawing board as I re-installed an OS and Office.

I must say, Vista (Enterprise) has run without any hiccups despite what I had previously read and experienced. I have a Vista machine down at my own office to run the accounting software for my own company. That machine is a Home Basic machine, and I think it runs like crap. But, my Vista Enterprise laptop has been running fine. The only issue I see so far is that the group policy for automatic updates does not seem to be working. I've run gpupdate to force the policy, but I still have the option to change the automatic update settings. And, I don't think that is correct.

Secondly, does anyone know if there are DISA Gold Disks that address Vista? Vista's been out for a while so I'm surprised not to see those disks. When I read the checklist for Vista, the checklist ONLY talks about reviewing a system manually. Is there a specific reason for that? Just wondering as I start to get into the new job.

Saturday, August 16, 2008

Yahoo mail spam vs. Gmail mail spam

I've had a yahoo mail account for years, and it is what I use for my primary personal mail address. At one point, Yahoo was going through some growing pains, and I opened a Gmail account. I think I sent mail to four or five people before I realized it was a pain to have to check two email addresses just to read personal mail. So, I abandoned it. However, I check it from time to time, maybe once a week. The last time I checked it, I found 400+ spam messages. 400+. I barely used the account, and barely received much mail. I just don't understand why the account gets so much spam; especially since I never publicized the email address.

Either way, the spam looks like it might contain lots interesting messages to investigate. I'll have to send them to one of the work addresses for further analysis.

But, if anyone can shed some light as to why that account gets so much spam, I would love to hear it.

Monday, August 11, 2008

First Day

First days. Uggh. What a long day.

First up was the weekly status meeting. 40 people in the room, and the only person I knew was the Security Officer. Then I got a tour of the place and learned 40 new names. Slowly, but surely, I'll get all the names down.

Next up was the new-hire conference call. That's when I was ready to slit my wrists. The new hire package that was sent to my house gave me instructions on what to do. Yet, the HR person felt it was her duty to read the entire package back to us word-for-word. I really can't complain, though.

I received my loaner laptop at lunch time. And after that it was time to start working on the security clearance form.

And that was the rest of the first day.

At least tomorrow I'll have a computer to work with. As I understand it, there's not too much I can do until I get my clearance.

Friday, August 1, 2008

Springsteen induced zombiness

I would love to post something today, but I'm a walking (typing) zombie. Fortunately, I did not have a client scheduled for today. I had the good fortune to attend the Springsteen show last night at Giant's stadium. Phenomenal show, as always.

However, a tanker truck flipped over and spilled propane shutting down exit 16W on the turnpike and creating a traffic nightmare. I applaud the Springsteen camp for starting an extra hour later, especially as I didn't miss a note of the concert. (I got to my seat just at Summertime Blues was starting.)

However, the Meadowlands complex has serious parking issues; it took us over an hour just to get out of the parking deck. That's not good. Especially after paying $20 to park.

Catch the tour at a remaining venue if you can get the opportunity. It's worth it.