With the recent news of Blue Security closing down after being dDoS’ed into the 1980’s, I can only sigh welcome relief my employer’s plans to move into dDoS mitigation never took off. Few people are qualified to move into this market but even less people recognise this fact!

People who want to take on “the internet bad guys” either 1) have to really know their stuff or 2) be sufficiently p’ed off with spam / spyware and have enough money to throw at the problem – calling Mr. Gates (and even he’s not managed to sort out the spam issue as promised).

I believe my company definately fell within 3 – the “don’t know enough” camp. I can safely say this because I set up a fair bit of the system!

It was a half baked concept (not mine) to re-coup some of costs of our £30k DoS protection system for our primary business, not the best reason to launch such a service.

Ironically Blue Security were flanked by spammer’s nuking their DNS hosts, this is exactly the weak point I highlighted in our own system but was assured ours could handle such an attack. I think this would have been an optimistic assumption given the size of the attack still bombarding Blue Security as I write this… it’s even reported Proxelic (their dDoS mitigation service) had trouble coping.

It’s a depressing outcome to see the bad guys win!

Not long now until I move positions from being a primary support developer to an in-house developer / Linux server admin / security guy. It doesn’t sound like much but I’m looking forward to dropping the day-to-day support element. When you’re deep in thought fixing a problem, a random support call about something completely off topic really begins to piss you off when it’s the 4th one that hour.

Food for thought:

The competent person is the last one you want to promote, because who then would get the work done?

Competent workers get promoted to be supervisors. Supervisors supervise less competent people and by doing so, less competent people become more competent, while supervisors are allowed to get even more competent.

The problem is the incompetent supervisors. Those supervisors are quick to detect competent workers, they fire them as soon as possible, because they can get replaced by them. Therefore all workers under incompetent supervisors are incompetent.

Taken from the Peter Principle, interesting reading.

I’m not a fan of early mornings, and I just had two in a row. That said this week has past reasonably quickly. On Thursday I attended a Sec-1 Applied Hacking & Intrusion Prevention course. It was a very broad one day course providing a taster of all the common security threats affecting most businesses, kudos to our instructor/lecturer, he REALLY knew his stuff.

There are some ‘hands on’ lab sessions where we got to have a go at using exploits and tools to ‘hack’ *shudder* an outdated Win2k server machine. Unfortunately, at the end of the course I couldn’t help but feel it wasn’t quite worth what was paid for me to attend (> £100/hr).

It opens your eyes to the ease with which you can penetrate an unpatched machine though. It also demonstrated how knowledgeable (and bored) elite black hat hackers are to find these exploits in the first place.

I’ve always hated the term hacking, the word instantly reminds me of the glamourised image movies always portray – which couldn’t be further from the truth. Real life hacking for anyone but your immature adolescent / hardcore socially inept nerd is extremely arduous and boring.

Why am I attending such courses? Well it seems the company I work for want to move into DDoS or Distributed Denial of Service. Can’t say I’m comfortable with this decision given the companies combined security knowledge; mine included.