A Mini-Review of "The Practice of Network Security Monitoring"

NSM book coverRecently the kind folks at No Starch Press sent me a review copy of Rich Bejtlich’s newest book The Practice of Network Security Monitoring and I can’t recommend it enough. It is well worth reading from a theory perspective, but where it really shines is digging into the nuts and bolts of building an NSM program from the ground up. He has essentially built a full end to end tutorial on a broad variety of tools (especially Open Source ones) that will help with every aspect of the program, from collection to analysis to reporting.

As someone who used to own security monitoring and incident response for various organizations, the book was a great refresher on the why and wherefores of building an NSM program and it was really interesting to see how much the tools have evolved over the last 10 years or so since I was in the trenches with the bits and bytes. This is a great resource though regardless of your level of experience and will be a great reference work for years to come. Go read it…

A Very Late Book Review


I have to start off by apologizing for how very late this review is, an embarrassing long time ago, the kind folks at No Starch Press very kindly gave me a copy of “Super Scratch Programming Adventure” to review. Scratch for those that aren’t familiar is a kids oriented programming language designed by Mitchel Resnick of the MIT Media Lab, the same team that developed the programmable bricks for Lego Mindstorms.

The book is in manga format and very entertaining and I enjoyed it thoroughly. It was so much fun, that when my then ten year old asked to learn how to program with the long term goal of writing his own minecraft mods, I handed him the book and asked him what he thought. To say he whipped through the book is an understatement. He actually finished it in one reading and immediately asked if he could start playing with Scratch on the family laptop.

Over the next few days he worked his way through some of the programs in the book and put the book aside for a long while. Recently we were talking about an upcoming Lego robotics class he had coming up and he remembered that he had the copy of “Super Scratch Programming Adventure” in his room. He dug it out and this time he worked his way through all the programs quite quickly.

I asked him what he thought of the book and said it was very good; that he really liked the comic book format and that he wished more books were done that way. At this point he’s excited enough that we’ll either dig deeper into Scratch together or we’ll switch to a games oriented text like No Starch’s “Realm of Racket” or possibly Sweigarts’s “Invent Your Own Computer Games with Python”.

Regardless of what we decide to do however, I can highly recommend ““Super Scratch Programming Adventure” as a great introduction to programming for kids or even non-kids who want a first very friendly exposure to programming. And again, my apologies to the folks at No Starch Press for taking so long on this review.

A flame about flame

CNET ran a truly ridiculous article last week titled
“Flame can sabotage computers by deleting files, says Symantec”. And if that’s not goofy enough, the post opens with

The virus can not only steal data but disrupt computers by removing critical files, says a Symantec researcher.

ZOMG! A virus that deletes files! Now that is cutting edge technology! It’s shit articles like this that reifies the belief that the security industry in general and the AV industry in specific is filled with people who are completely out of touch with the rest of the world.

“These guys have the capability to delete everything on the computer,” Thakur said, according to Reuters. “This is not something that is theoretical. It is absolutely there.”

ProTip to Symantec and Reuters, viruses have been doing this since at least the 80s. Are you really that desperate for yet another story that this is the level that this is the sort of thing you feel is worthy of a press release and news article. How about you save that time and effort and instead focus on making a product that works better.

Book Review: Cloud Security Rules

A while back, Kai Roer graciously sent me an electronic copy of the book Cloud Security Rules that he co-authored with an all-start cast including luminaries Wendy Nather and our very own New School’s Alex Hutton. All in all, it’s a solid read covering the gamut of topics from Risk and Compliance to technology versus the human factor and finishes nicely with a section on business models. A few chapters about more about security without being a particular focus on the cloud(tm), but that’s not particularly a problem.

My only real complaint about the book is that with so many authors, things don’t always flow as smoothly as they could when moving from chapter to chapter. This is however made up for by the general high quality of the work. In particular, un addition to the authors mentioned above, you’ll also want to make sure to read the sections by Lori MacVittie, Brian Honan and Kevin Riggins.

This book is targeted at decision makers, managers and othesr who need to understand cloud from business view, so if that’s you, I encourage you to read this book. Definitely worth the price.

Chocolate Waffles

Too good not to share (inspired by: Chocolate-Hazelnut Waffles with Frangelico-Brown-Butter Syrup)

Ingredients :
6 oz. (1-1/3 cups) fresh ground whole-wheat flour
2 oz. (2/3 cup) natural cocoa powder
1-1/2 tsp. baking powder
1/2 tsp. baking soda
1 tsp. kosher salt
3/4 cup granulated palm sugar
2 large eggs, at room temperature
3 oz. (6 Tbs.) unsalted butter, melted
1/3 cup yogurt
1/2 tsp. pure vanilla extract
3/4 cup warm water

Directions:
Pre-heat waffle maker.

Mix the flour, cocoa powder, baking powder, baking soda, and salt in a medium sized bowl and mix thoroughly.

In a large bowl, whisk the sugar and eggs until smooth. Stir in the butter, yogurt, and vanilla until smooth. Mix in the warm water until smooth. Add the dry ingredients to the wet and fold until just mixed. It should still have some lumps.

Cook in waffle maker and serve warm.