With the prevalence of key-logging and password stealing malware along with the potential for man in the middle and man in the browser attacks, my tinfoil hat keeps tightening up more and more around my balding head. Friction, I tell myself, not male pattern baldness…
My confidence in all things online has eroded to the point where I only trust what a select group posts, and even then sometimes, I remain skeptical. I take such ridiculous precautions, wiping my personal workstation’s hard drives every 3 t0 6 months to ensure that it is clean of undetectable malware, 3 firewalls scattered throughout the house all protected by UPS backup, anti-virus software, behavior analysis software, IDS/IPS combination, monitoring and logging software running inline on a box invisible on the network, software integrity checking tools, backup and restore software. A special PC that I use for banking and financial transactions. It’s hardened and reverts to its last known good image on bootup. All of this to protect my identity and keep the information and money that belongs to me, mine. Is this all really necessary, or am I simply curing the symptoms of broken methodologies? What about root cause? Why not fix the problem, not the symptoms?
I think it is time for me to recreate my little lab, like the one I had before I got married. I worked for a fairly large company back then, and during one of the bubble years, they divested themselves of their old servers and networking equipment as they ripped out and replaced them with the latest and greatest. There was nothing wrong with the equipment, it had simply been written off of the books in 3 – 4 years, and there were faster, bigger, better things available. It was of no value to the company, so they offered it up for sale to employees cheap, with no hard drives and fully sanitized of course. I even bought one of their old racks, the “bolt a shelf on” type with smoked acrylic doors, as they opted for more modular solutions where the servers were “rack units” that bolted directly to the rack frame. No need for moving those pesky shelves every time you reconfigured.
That rack was one of the first things my wife had her eye on whenever we talked about gaining space in the basement, and one of the last things I owned to finally go to a new home. The servers died off one by one over the years, and I agreed not to replace them since I was getting out of the technical realm and entering the world of management and theory. No more protocol analysis, span ports, sniffers, and traffic pattern monitoring. No more penetration testing, honey netting, or malware analysis. I had drunk long from those fountains, and now it was time to walk in the desert. Virtual machines placated me for a time, but they require a substantial amount of RAM if you want to run several concurrently.
My attention was quickly diverted to creating 3D characters, plants, buildings and cars for the first person shooter games that I enjoy writing and playing. My workstation became all screen and little else. It’s puny by most standards, having only 2GB of RAM, a couple terrabytes of HD space, and 2-24″ screens. (One for typing code, the other for seeing the effects is how I got away with that one.) It is also plagued with many of the security applications listed above.
Sometime this year or next, I pledge to purchase a very grunty, multi-gigabyte computer, outfitted with a tiny little 14″ screen, but ready to connect to a SAN. As long as my lovely wife doesn’t read this post. I will run VM’s out the hoo-hah on it, and get back into the game of simulation, problem replication, IT troubleshooting, and security experimentation. Things have changed from a black art to more of a science in testing and proving exploitation. There are now real tools, and it will be fun and good sport to relearn the old lessons. It’s time to put on my tights and cape. The online world needs saving. Who better to do that than ME?
Now where did I put that old resume? This exercise is going to take a little funding… and some new tights…