Soylent and St. Louis.

So funny thing happened today. I’m in St. Louis visiting a couple of big clients for work. One of my Account Executives tried Soylent at my recommendation. Turned out it wasn’t for him. He had 5 brand-new bags of powder he didn’t intend to use, so he gave them to me. Score! More for me!
So I know what you’re thinking…this guy had an issue with TSA. Yes, but it got a little bit more complicated. So I already knew that TSA would flag the bag, so I had a small side-bag, detached with JUST the Soylent to help move this inevitable process along. I fly an insane amount for work, so “this isn’t my first rodeo”. Plus I was running a little behind and wanted to ensure I caught my flight home.
Everything’s going exactly as I expected until I see the testing device flash red and start making noises. Tested positive for explosives or something. I wasn’t entirely sure what it tested positive for. At that point, the TSA employee became much more assertive and by the book. Yeah, Soylent created a “Security Incident” at the airport.
I know my story sounded fishy. I can just imagine the TSA agents not believing my story of “I got these bags of powder from a coworker”. To be perfectly honest, it was pretty chill after that. I know I had nothing to hide. I was totally chill, let the TSA do their thing. I got the full pat-down, a detailed search of ALL my bags. I was carrying a TON of computer equipment with me so I know it was a lot of work for the TSA folks. They were all very professional. I know they’re just hard working folks trying to make a dollar, so why give them grief? (This is a happy story so please take the TSA-hating elsewhere. Thanks.)
The Eye-in-the-Sky was directing the agents as to what to do next. I was told I had to open the bags and inspect the powder first, then the TSA agent. He was apologizing to me the whole time because we had to break the seal of the bags. I told him it didn’t really matter, because they were a gift and didn’t cost me anything. “Still, this is your personal property, I feel bad we’re having to do this”.

I started to stress a little when time started to drag. I was already cutting the time closer than I wanted to. We finally got the ALL CLEAR from the Eye-in-the-Sky. I reconstituted myself and my belongings and hauled-ass across the airport to the gate home. Luckily, the flight was slightly delayed and hadn’t boarded yet. I made my flight.

I must say, this was an interesting experience. Everyone was very polite, professional, and courteous. It was not the horrible experience I was anticipating. I think there are some obvious lessons learned here for the next frequent-flying Soylent drinker. 🙂

TLDR: Moving bags of powder through TSA check-points is probably not a good idea.

Post-Tour Cool-Down

I survived the crazy 10 day, 6 city, 6 speaking engagement whirl-wind. Honestly, it really wasn’t that bad. I got to hang out with some really cool people. I got to see some really neat places, and I got to learn a bunch of crazy new things. You pick up a lot when you hang out at 6 different security conferences in rapid succession.

Here’s the PDF from the
LIVE HACKING DEMOS Presentation

One of the unfortunate things I struggle with is keeping a good work/home life balance. It’s a struggle I think I’ll honestly have to deal with my entire life. I tend to excel in one area of my life and drop the ball in others. I still struggle with this as I do have a tend to be pretty stubborn and I don’t accept failure in myself.  When I see this happening in other people, I tell them to check their priorities and to prioritize family over work. I tend to neglect my own advise. When that happens, I come back to this commencement speech from Shonda Rhimes. She’s a very strong and power-player in Hollywood. Her words in her commencement speech really struck a chord with me.

“Wherever you see me succeeding in one area of my life, that almost certainly means I’m failing in another area of my life.”

With all that said, I’m going to cut back a little on the travel, prioritize myself and my family and work on a few pet projects I’ve been thinking about. Looking forward to it.

Questions to Ask BEFORE a Public Speaking Engagement

Event/Audience Details

  • Date & time
  • Address and location
  • Name of the event.
  • Description of event.
  • Event agenda.
  • Talk duration (30/60 min?)
  • What the client want the speech to achieve
  • Who will introduce me?
    • Can I send them an intro or will they provide it?
  • If more information is needed, who is my point person? (get contact info)
  • How many people will be there?
    • Age
    • background
    • gender
    • occupation
    • etc
  • What’s their attitude toward my topic?
  • Will I be expected to mingle and socialize with audience before or after I speak?

Technical/Logistical Details

  • Will there be a podium? Is it solid or see-through (lucite/plexi-glass/etc)
  • Will there be a screen and projector? What video input (VGA, HDMI, etc)
  • How many video inputs are available (typical answer is 1)
  • Will I have a microphone?
    • What type? (lape, hand-help, attached to podium, mic-stand, etc)
  • May I arrive early to walk the stage and get comfortable about the equipment and venue?
  • Who is in charge of making sure things go smoothly before and during my speech (get contact info)

NTXISSA March 2018 Monthly Meeting – The Hackers Toolkit

I’m excited to announce that I’ll be speaking at the March 2018 North Texas ISSA chapter meeting. I’m planning on presenting the “Hacker Carpet Bomb” aka “Hacker’s Bag of Tricks” aka “Hackers Tooklit” presentation. This talk consists of nothing but live demos. Anyone who’s done IT presentations can tell you, live demos are dangerous. They rarely go right. Having a talk that consists of nothing but live demos is straight up insane. I’ve done this talk a handful of times. Not once has it ever gone perfectly, but that’s also the charm behind it. Exploits, even in perfect environments, sometimes fail. That’s part of it.  Here’s the demo’s I’m planning to present

Between now and then I need to find a device I can destroy on stage. If you have something you don’t mind literally going up in smoke, please let me know.

So please come out March 15th at 11:00AM. I’m sure it’ll be a fun and eye-opening event.

https://ntxissa.org/event/ntxissa-march-2018-monthly-meeting/

 

 

A Blast from the Past

This weekend, I took the wife and kids to my parents house to visit. They’re in the middle of a large home remodel. As part of the remodel, the construction crew had knocked down a wall in one of the bedrooms and found a small altoid tin stashed in the wall. My parents had no idea what to make of the contents. Simply a piece of paper with some notes scribbled on it. My father (bless his heart) asked me if it had something to do with drugs (LOL). He told me the story and asked me what the paper was all about. I took the box, opened it up and smelled it (just in case…). I opened the note and was instantly hit with a wave of 90’s IT nostalgia. Back before the internet, parents had no real idea what sort of trouble someone could get into with simply a computer and a modem. This was my BBS list! At the time, you had to be 18 years old to sign up and participate on Bulletin Board Systems. This was my 13-year-old boy attempt to create a fake persona and keep my late night shenanigans with my friends hidden from my parents. It’s funny to look back at a time before the Internet had taken over daily life. A time before you could summon a car or a bag of groceries to your door with a flick of your finger. It’s nice to look back and see phone number before the requirement to add the area code.

This took me back to a really cool point of my life when I would logon at 12:01am right when the timers to all the doors would reset. I would wait for my friend Lu to logon and we’d play Legend of the Red Dragon till 2-3am. I remember once, a bunch of people (whom some I still keep in touch with) all met at the Parks Mall to hang out. It was probably one of the first times I realized it was okay to be a bit geeky and to be yourself. There’s other folks out there just like me!

I wonder if any of these still exist. I guess it’s time to find out.

Rainmaker’s Book Recommendations

So before sobering up and leaving Dallas Hackers last night, I did a quick (and inebriated) firetalk on some of the books I’ve read recently and my thoughts. I will update this blog post with a summary of each book and my thoughts on them. However I wanted to get this post up before I hop this flight to Tel Aviv, Israel for a week. Here’s the list. Enjoy!

Read more “Rainmaker’s Book Recommendations”

Business Travel (aka Road Warrior) Packing List.

So I’m about to embark on another trip across the US to discuss Cyber Security controls with a bunch of different companies across the West Coast. I’m looking forward to it. However, I absolutely hate packing for trips like this. You never know what exactly life has in store for you, if the weather will cooperate, or if you might spill a ramekin of cocktail sauce down the back of your last nice shirt (true story). So anyways, I’m trying to make it easier on myself by keeping a “living packing list”. I’ll continue to update this list as time goes on with whatever need-to-have items I require while traveling. Anyways, here’s the list so far.
Clothing
[ ] Dress Shirts
[ ] Slacks
[ ] Dress shoes
[ ] Belt
[ ] Underwear
[ ] Undershirts
[ ] Socks
[ ] Swimsuit
[ ] Shorts
[ ] T-Shirts
[ ] Running Shoes
[ ] Baseball Cap

Toiletries
[ ] Toothbrush/Toothpaste/Floss/Mouthwash
[ ] Shaving Razor/Shaving Cream/Blades
[ ] Comb/Hairbrush
[ ] Hair gel/hairspray
[ ] Nail Clippers
[ ] Deodorant
[ ] Talcum Powder
[ ] Ear Plugs
[ ] Sleep Mask
[ ] Tweezers
[ ] Hand Sanitizer
[ ] Aspirin/Tylenol
[ ] Afrin Nose Spray
[ ] Benadryl

Business
[ ] Pens & Notepad
[ ] Laptop Charger
[ ] Laptop
[ ] Hacking Toolkit
[ ] Business Cards
[ ] Breath Mints
[ ] Dry Erase Markers
[ ] Wireless Mouse (Purposely Vulnerable)
[ ] VGA to HDMI Adapter

Misc
[ ] Sunglasses
[ ] Phone Charger
[ ] HooToo Travel Mate
[ ] Roku Stick
[ ] Amazon Dot
[ ] VR Headset
[ ] WifI Hotspot
[ ] Noise-Canceling Headphones.
[ ] Wired Headphones
[ ] Kindle
[ ] iPad
[ ] Watch Charger
[ ] Flashlight
[ ] Umbrella
[ ] USB Battery Pack
[ ] HDMI Cable

It’s a lot, but I’m able to typically carry this all in an average carry on and a brief-case or backpack. Free free to print this packing list as a PDF out as well for your own use.

New Script! – RDP Proxy Link Builder

Most of you know I work for a particular Privileged Account Security company. It’s sort of hard to unplug for your job when you really love what you do. With that said, sometimes when I’m off the clock, I’ll still work on some pet projects. This is one of them. In CyberArk’s Enterprise Password Vault version 9.7, they introduced a really cool new feature. Privilege Session Manager Remote Desktop Proxy. SysAdmins typically push back on any security control because they tend to introduce hurdles in their day to day operations. Security shouldn’t hinder operations as they’ll tend to be avoided or even worse yet, circumvented.  So PSMRDPP was developed to allow for Privilege Sessions to be initiated without having to authenticate and logon to the web interface. Using native RDP tools, you can access your privileged accounts. It’s really cool!

Anyways, I developed a script to build out the RDP links automatically that interface with the PSM Proxy server. It also works with Devolutions Remote Desktop Manager Sorry, only works in the paid version. They crippled the powershell functionality in the free version. Anyways, I’ve put the script up on GitHub. I’m going to continue to improve on the script, but for now you’re welcome to use it. It works great!

https://github.com/BinaryWasp/RDPProxyLinkBuilder

 

Hacker Conference Behavior

I’m heading to BSidesLV, DEFCON25, & Blackhat in Las Vegas this week. It’s going to be a great time and I’m really looking forward to it. Here’s some standard best practices I try to follow when attending a InfoSec related conference.

  1. Laptop Behavior
    1. Do not bring your laptop, unless specifically required. Try only using your your phone connected via VPN.
    2. Do not leave your laptop unattended at any time.
    3. Do not check-in your laptop as luggage.
    4. Turn off WiFi and Bluetooth.
  2. Printing, scanning, faxing
    1. Do not print from or scan to your laptops
  3. Internet access and connectivity
    1. Unless absolutely necessary for a job function, disable WiFi.
    2. Disable Bluetooth on your computer and phone.
    3. Disable NFS connectivity on your phone and computer.
    4. If Wifi is absolutely required, ONLY use your own provided wifi. I used a JetBack/MiFi and connect ONLY to that device.
    5. Always use a VPN as soon as you obtain WiFi access.
    6. Do NOT plug any network cable into the laptop.
    7. Do not plug any USB storage devices (hard drives, sticks, network adapters, Raspberry Pi’s, etc) into the laptop or phone.
  4. Document behavior
    1. Do not work on internal or sensitive documents in public.