Joseph McCray (@j0emccray) is someone who I have been listening to and watching videos of for a while now. I first saw him at Defcon. He is “The only black guy at security conferences”. With the growth of the security industry, there are “experts” coming out of the wood work. I had to put experts in quotes because it seems like everyone has an opinion. There are more certification tags floating around tacked on to peoples names than I can believe. In this world where everyone has gone through “training”, training to pass a test, it is hard to find the people that truly have a passion and dedication to true security.
So this comes to why I want to go. For a while part of my job has been in security. I have written policies to tell people what to do and what not to do. I have help guide companies in “best practices”. I have helped people gain access in to systems that they got locked out of. And I have done more of the old school hacking. This type of hacking involves taking things a part to see how they work and how they can be made better or defeated. This is a lot of my daily job as a systems engineer. Working in the corporate world has taught me that everyone sets things up differently and sometimes you need to reverse engineer how they configured things to know how to make it work. So why would I want to go? Because I don’t know enough. There is so much out there that I don’t know. Going over the list of topics that are covered strikes a little fear in me. Topics like Metasploit, Maltego, Nmap, Nikto, IDS, HIDDS, NIDS, SIEM. I will need a translator just for the names and acronyms.
This type of training is the type I truly enjoy. You are completely immersed in to the training. With you being away from work and in an environment with your peers and instructors. You end of living the training and bouncing the ideas off each other. While doing some activity, a conversation will strike up about a topic and you send the next hour working through ideas. In the CyberWar class, you get to attack fully patched newer OS (Windows 7, Server 2008R2, and Linux) with all the intrusion detection tools turned on. You get to see the logs and alerts that are generated. You don’t just go and learn about tools, you learn why these tools work and what effect these tools have on the systems. This is how training should be run!
Hacking In Paradise 2013
DEFCON 17: Advanced SQL Injection
DEFCON 18: Joseph McCray – You Spent All That Money and You Still Got Own
I love Splunk. The way it simplifies my job has been completely changed due to Splunk. The number one resource I use is the Quick Reference Guide. You can print one out and then it makes it easy to just quickly grab it to complete your searches. I don’t know how many times I have used it. I have worn out two of them.