Some Photos Of Slides From The NOC (Network Operations Center)

Here are a few photos of the presentation by the NOC at Def Con 27 (2019).  But first here is may favorite non-focused photo as it says a lot:

DSC01331-ANIMATIONSquirrels? 

DSC01334Some WIFI User Tracking

DSC01339Some Traffic Analysis

DSC01341High-Level Network Diagram #1 For 2019

DSC01345High-Level Network Diagram #2 For 2019

DSC01348Previous WIFI Architectures (Rio)

DSC01350Yuck! #1

DSC01354Yuck #2

DSC01356Bathrooms Make Great NOCs!

Other photos!


DEF CON 26 Notes & References

ComboHere are my DEF CON notes from the sessions that I attended in 2018 for DEF CON 26:

Please fell free to do what you want with these notes.  I go to sessions so you don't have to.

Here some quick links to notes from previous years: 25 (2017)24 (2016)23 (2015)22 (2014), 21 (2013), 20 (2012), 19 (2011), & 18 (2010)

I plan on attending DEF CON 27.  Follow along real-time on Twitter @technewsradio.

 


Review Of The Acer C720-3605 Chromebook

Acer-cromebook3picts
Last summer (2014) I picked up a Asus C720-2802 Chromebook and posted a review on TechNewsRadio.com.

I recently updated to a newer version (same form factor) -- the Acer C720-3605.  I had originally ordered the Acer C720-3404  (which is the Canadian version), but ended up with the U.S. version: C720-3605.  They appear at least on the specification pages on Acer to be exactly the same other than model number (PDF spec analysis). I might have missed something so if there is a difference then please let me know.

The main reasons for upgrading:

  1. Improved Performance (faster processor with dual-core)
  2. Additional RAM (4-GB vs. 2-GBs)
  3. Better HDMI output (for hooking up to a large monitor @ my home desk).
  4. More Local Storage (32-GBs vs. 16-GBs -- excellent for watching more digital content)
  5. Needed a another computer @home for my daughter to use

Here are some stats using Octane 2.0 test:

OctaneTestBetween2AcerModels

While I wasn't having any real performance issues with the 2802-series, I've found that I can experience the difference in browsing and streaming media with the 3605-series.  The hardware updates are definitely an improvement in real world usage from my perspective.

All-in-all I have been very happy with Chrome OS and these two Chromebooks (the old one is now my daughter's main system).  For me the key selling points: great battery (more than 8 hours); excellent small form factor; responsive & comfortable keyboard; integration with Google services; and the simple OS updates & patches.

I look forward to using it again as my main note taking system for DEFCON 23.

 You can order your own via this Amazon Acer C720-3605 link or this Amazon Acer C720-3404 link.  Prices seem to be all over the board so make sure you are comfortable with ordering the right model number at the right price.


TECH NEWS RADIO PODCAST #373 | 2014-08-02 | NMAP #DDOP

 Listen! (Size 2.12 MBs, Running Time 2m10s)
 
Today's podcast is inspired by the Dog Days Of Podcasting (#DDOP).  It is a single focus recommendation on why I have NMAP in my security toolkit and why you should consider it.

Feel free to follow along with Steve Holden at: Twitter and/or Google+.  For technology news only updates follow TechNewsRadio @ Twitter.


DEFCON 21 (and 20 oops!)

Defcon-21-badge+stuffDEFCON 21 was in Las Vegas, NV from August 02-04, 2013 and we were there.  Our real-time posts, references, and links are available over on @Technewsradio on Twitter.  

We have a detailed report (PDF) from the sessions attended if you are interested.  Just drop us an email to get the full report or a request via message on Twitter.  A podcast summary is planned but not promised at this time.

Things that we are "worried about" from an Enterprise computing perspective:

  • Social Engineering against users is like a hot knife cutting butter. Only defense seems to be training and awareness. Traditional information assurance (IA) protections: virus scanning, IDS, firewall, etc are not effective.
  • You can't secure what you don't manage.
  • Basic system administration tools and infrastructure services in the Microsoft Windows world can be used for evil: PowerShell, .NET, DNS, browsers, PKI, and SCOM.
  • USB is not your friend.
  • Mobile computing and Bring Your Own Device (BYOD) are really not your friend.
  • Cloud computing could be your friend but probably won't.
  • Developers writing code for an organization without a security focus is just asking for trouble.
  • If you think your stuff is secure just because you have it behind a lock and a key you are in denial.
  • In a year or less, penetration testing is going to include inexpensive mobile assault options via semi-autonomous very-small drones and robots.

P.S. x 1: We were also at DEFCON 20 and have that report available if you are interested. Just drop us an email or message on Twitter for a link.

P.S. x 2: There are also DEFCON 18 and DEFCON 19 reports.  They are surprisingly still relevant IMHO -- same bat channel.


DEFCON 19 Podcast Review

Defcon19-podcasts

DEFCON 19 was in Las Vegas, NV from August 4-5, 2011.  This yearly computer network security and hacker conference is full of cutting-edge research, detailed demos, awesome presentations, and a lot of partying. The podcast coverage was pretty good also. Here are my recommendations:

If you are interested in hearing my thoughts about DEFCON 19 then check out the PaulDotCom.com podcast (08-11-2011).  I am the boring "IT Guy" trying to avoid the topic of "hot" women visiting the PaulDotCom.com booth.  If you'd like to see a copy of my notes (13+ pages) then drop me a personal email to: "s h o l d e n @pobox.com."

Here is a Picasa collage from the Network Security Podcast meet-up at DEFCON 19 that was "infected" by Paul & Larry @ Pauldotcom.com's little red balls from one of thier sponsors:

DEFCON19-PodcastMeetup-2011-08-06


Another Week Of Recommended Podcasts Worth A Listen


Podcast-recommendations-01 Looking through my listened to podcast list for this past week, I'm going to recommend the following as potentially interesting:

 


TECH NEWS RADIO PODCAST #372 | 2011-08-20 | Browser Phishing, National Cyber Range & Microphone Hijack

 Listen! (Size 2.9 MBs, Running Time 2m57s)

Today's podcast examines three stories about computer network security:

Feel free to follow along with Steve Holden at: Twitter and/or Google+.  For technology news only updates follow TechNewsRadio @ Twitter.


@technewsradio Roundup Posts for May 7th, 2011

The following is a summary of @technewsradio posts to Twitter:

  1. ASIS Bookstore (security pro organization) has announced over 26 new books via their online store
  2. SWFTools is a collection of open source utilities for working with Adobe Flash files (SWF files)
  3. Amazon online cloud services has a bunch of demos available - including Travel Log (Sample Java Web Application)
  4. Google has fixed a SketchUp 8 "dreaded shadow bug"
  5. Franklin Covey's PlanPlus for Outlook (version 7) is now on sale for $80 (vice $100) 
  6. Looking for a open source mind mapping tool?  Then check out Free Mind
  7. Microsoft Press has announced 3 more books in their Step By Step series: Microsoft Word 2010, Excel 2010 & Project 2010 
  8. Wired.com has an interesting article "Wired—Geek Power: Steven Levy Revisits Tech Titans, Hackers, Idealists"
  9. Listening to "A Witness to a the Egyptian Revolution" by Doug Kaye (Executive Director, The Conversations Network) via http://bit.ly/i35GC7Delete
  10. Per Kevin Devin at FriendsInTech.com - A good tool for finding Creative Commons (CC) images on Flickr is here http://bit.ly/gOtgMPDelete
  11. the Microsoft & Nokia deal seems to leave HP WebOS, BlackBerry, and Intel out of the loop with Apple (#2) & Android (#1) being top dogsDelete
  12. red5 is an open source audio/video (FLV & MP3) server that also supports H.264 
  13. Steven Levy's classic "Heroes of the Computer Revolution" has a new 25th Anniversary Edition

TECH NEWS RADIO PODCAST #367 | 2010-07-09 | Amazon's Improving Cloud of Computing

 Listen! (Size 3.1 MBs, Running Time 3m04s)

Today's podcast is a couple of tech tidbits that examine recent news from Amazon S3 with regards to:

Feel free to follow along with Steve Holden at: TwitterFriendFeed, and/or Delicious.  For tech news only updates follow TechNewsRadio on Twitter.

This podcast is sponsored by SCOTTEVEST and Amazon.