SANS Technology Institute: Security Musings
Welcome to the Security Musings on sans.edu. I'm Stephen Northcutt and like many of you I am a manager and leader with an information technology job. At the SANS Technology Institute, we are always striving to become more skilled and knowledgeable in computer security as well as the people side of the job. These security musings are an informal set of articles, book reviews and whitepapers, almost a blog, about security, information technology, and the computer security industry. As we learn more, ponder issues and research content for SANS Management 512, Security Leadership Essentials and the GIAC Security Certification, we will continue to add to this site. Our hope is for this to be a resource for the community and we would love to hear from you. Feel free to drop us a note at stephen@sans.edu.
Click here to subscribe to the Musings Article Feed
- Information Security Travel Guide >> View This Series Only
Stephen Northcutt, an Information Security Researcher, United Airlines 1k, Writer and Instructor, documents the struggles of the travel and hospitality industries as we all face rapidly increasing energy costs. He and his peers share their travel experiences and give you quick tips and short reviews of the companies they do business with as they travel. If you came across this article because of a Google search, what you want is probably here, just use find with your browswer (CTRL - F), it is easier than reading from top to bottom; however, you may get some useful tips if you stick around and read. Each major cluster of trips is documented in a separate file.
United Airlines News - Updated February 5th, 2010
By Stephen Northcutt
This United 1k traveler collects pertinent news and blog items about airlines, especially United Airlines.
Information Security Travel Guide Edition 15 - Stephen Northcutt - Updated February 9th, 2010
By Stephen Northcutt
In edition 15 of the information security tour guide we begin in Poipu Kauai, we will be attending the HICSS conference, then off island to New Orleans for SANS Security East 2010, and then on to Curacao and back to Richmond VA, and finally back to Kauai. We will document the hotels and restaurants we visit. We will also detail the struggles of travel after the Nigerian Islamic terrorist, Umar Farouk Abdulmutallab, tried to blow up a plane headed for Detroit on Christmas day. We will talk about information security, food, and similar things as well.
Information Security Travel Guide Edition 14 - Stephen Northcutt - Updated December 10th, 2009
By Stephen Northcutt
Stephen and Kathy Northcutt, your faithful infosec tour guides will be headed for a college business meeting in Bethesda Maryland. down to Richmond VA, off to London for SANS London 09, back to Richmond, then up to Washington DC for our Cyber Defense Initiative conference. Along the way we will talk about the joys and difficulties of travel since the Great Recession has caused so many amenities to be removed; we will also mention the restaurants and hotels we visit, maybe throw in a recipe or two; and, of course, a security tip here and there. At least, that is the plan for Edition 14 of the Information Security Tour Guide.
Information Security Travel Guide Edition 13 - Stephen Northcutt - Updated November 21st, 2009
By Stephen Northcutt
Stephen and Kathy Northcutt, your faithful security travel guides, will leave Kauai for New York City and a tour of Israel. We will talk about prepping to go, flying ultralights on Kauai with Big Sky Kauai, getting our new HP Minis set up; we will cover the places we go, what we learn, and any food we get to eat, and, of course, find a way to mention security along the way!
Information Security Travel Guide Edition 12 - Stephen Northcutt - Updated October 5th, 2009
By Stephen Northcutt
We will talk about security, safety, travel experience, and of course, restaurants. In this edition, Stephen documents his travels, beginning home on Kauai in preparation for a trip to Boston, Greece, VA Beach and SANS Network Security 2009 in San Diego.We end with a trip to the Navy lab where it all started, NSWC Dahlgren.
Information Security Travel Guide Edition 11 - Updated July 25th, 2009
By Stephen Northcutt
Stephen Northcutt, your infosec travel guide, begins edition 11 on Kauai. His next travels are Richmond VA/San Antonio TX for an onsite, then a couple weeks on Kauai and off to Baltimore MD for #sansfire09. And then down to Southern Florida for the sfissa.org conference. Finally after a week on Kauai, he is off to Denver, Tokyo, and back to San Antonio. Along the way, he will try to share about information security, a bit about the potential pandemic and any travel news that comes his way.
Information Security Travel Guide Edition 10 - Stephen Northcutt - Updated April 28th, 2009
By Stephen Northcutt
Stephen Northcutt, your Security Tour Guide, is preparing for his next trip, it will include a log management conference in Washington DC, some family time in Richmond VA, teaching at Tysons Corner conference, and then off to San Francisco for RSA 2009, before returning to Kauai.
Version 1.12Information Security Travel Guide Edition 9, Kauai to Frederick MD, Phoenix AZ, and back to Kauai - Updated March 31st, 2009
By Stephen Northcutt
Version 1.4I'm gearing up for travel to Fort Detrick near Frederick Maryland to teach Management 512 SANS Security Leadership Essentials. A big focus of the trip will be to prepare them for their 8570 GIAC GSLC exams. From there I'll head to Phoenix Arizona for a SANS conference. This edition will cover information security topics, travel tips, a word or two about restaurants and musings on life in general. Also, if you have time, please take a look at my United Airlines blog as well.
Information Security Travel Guide: February-March 2009, Kauai to Orlando, FL - Updated March 10th, 2009
By Stephen Northcutt
Version 1.3Stephen is preparing to go to Orlando for SANS2009, but he gets a chance to be home on Kauai for a few days before flying and take a look at what's happening in the world of information security, Facebook Google ad scams, and current affairs.
Information Security Travel Guide: January - February 2009, Kauai to Las Vegas NV, Richmond VA,Toronto ONT, and San Diego CA - Updated February 18th, 2009
By Stephen Northcutt
Version 1.5Stephen spent some time at home on Kauai during the holidays before their current trip to SANS Security West 2009 in Las Vegas. He was able to visit with family as well as catch up on recent information security news blogs and alerts.
Information Security Travel Guide: November - December 2008, Kauai to Italy, Washington DC and Richmond VA - Updated December 27th, 2008
By Stephen Northcutt
Version 1.4Stephen spent some time before their trip to Italy, London and beyond, to get caught up on all the latest information security courses, blogs and alerts, and he shares some recent trends in the airline industry that are important to frequent and casual travelers alike. And then, they are off and running in Italy, discovering historical sites, wonderful food, and breathtaking art; Stephen also has some great travel tips to share about getting around in Italy.
Information Security Travel Guide: October 2008, Kauai to Monterey CA and Richmond VA - Updated November 11th, 2008
By Stephen Northcutt
Version 1.4A two week trip to Monterey, CA and Richmond, VA has commenced for this instructor, and there are a lot of stories to discuss about information security, travel, airlines, and the hospitality industry.
Information Security Travel Guide: October 2008, Kauai to Houston - Updated October 22nd, 2008
By Stephen Northcutt
Stephen spends some time before his trip to Houston to offer some findings from his internet searches on airlines, travel experiences and information security. Then, safely booked at a hotel in the Galleria area, he shares some of the ups and downs of running a small MGT512 class at the Hilton Garden Inn, Galleria area.
Information Security Travel Guide: September 2008, Kauai to Las Vegas - Updated October 8th, 2008
By Stephen Northcutt
We will talk about security, safety, travel experience, and of course, restaurants. In this edition, Stephen documents his travels, beginning home on Kauai in preparation for a trip to Las Vegas and SANS Network Security 2008.
Information Security Travel Guide: August-September 2008, Boston, Richmond, Virginia Beach, Chicago, Branson - Updated September 23rd, 2008
By Stephen Northcutt
Version 1.4In this edition, Stephen documents his travels, including Boston, Fredericksburg Virginia, Virginia Beach, Richmond Virginia, Chicago, Branson MO and Chesterfield Virginia, including restaurants and products encountered. Lots of people say they want to travel; Kathy and Stephen are living the dream, working their way with writing and teaching across this nation and the world.
Information Security Travel Guide: July 2008, Quantico, Atlanta and Washington DC - Updated October 23rd, 2008
By Stephen Northcutt
Version 1.2A three week trip to Quantico, VA, Atlanta, GA, and Washington, D.C. provides this instructor with a wide range of travel and hospitality experiences. Hopefully you can glean some useful tips in this travel diary from a very frequent flier.
Information Security Travel Guide: Tips for Traveling - Updated November 22nd, 2009
By Stephen Northcutt
Version 1.3One of the readers of the SANS Information Security Travel Guide asked me to put all the travel tips in one place, so here is a consolidation of tips from my travel experiences and research.
- Excellent Conference Hotels >> View This Series Only
SANS is always looking for the best in conference hotels - Stephen Northcutt describes some of them.
The Hyatt Manchester is my favorite San Diego conference hotel - August 8th, 2009
By Stephen Northcutt
San Diego is blessed with many great hotels that can support a meeting, but the Hyatt Grand Manchester is my favorite.
What hotel should I choose in New Orleans - May 17th, 2008
By Stephen Northcutt
Hotel New Orleans.
The Marriott Wardman Park is my favorite Washington DC conference hotel - Updated August 8th, 2009
By Stephen Northcutt
If you are running a conference event in Washington DC, and you do not need the downtown convention center, consider Northwest DC and, in particular, the Wardman Park Marriott Hotel. Stephen Northcutt of the SANS Technology Institute looks at three conference hotels in Northwest DC from the event planner's perspective.
Ethics in Information Security - November 6th, 2008
By Stephen Northcutt
This is a response to an article by David Mortman that was posted on Search Security. Before, I go any further, I want to state that I agree with David more than I disagree with him, however, Seach Security needs to do more fact checking. I felt his earlier article also suffered from opinion over fact and contacted him to try to share information.
- Book Reviews >> View This Series Only
Here we are gathering book reviews on information and network security, management, and leadership.
Book Review: The New School of Information Security, by Adam Shostack and Andrew Stewart - October 31st, 2008
By Stephen Northcutt
Quoting another reviewer, Kevin Thompson, gives us an idea about this book on the information security profession: "Not to say that the rest of the book isn't valuable, but if you only had 30 minutes to get the point of the book, I would say read chapter 4."
Book Review: Crimeware, by Jakobsson and Ramzan - July 12th, 2008
By Stephen Northcutt
Version 1.1Jakobsson and Ramzan, set a new standard for security books with Crimeware; it is both eminently pragmatic and, at the same time, a scholarly work, I thought I knew a bit about malware, but I learned tons from the book.
Book Review: Dreams from My Father, by Barack Obama - February 4th, 2008
By Stephen Northcutt
Barack Obama's book, Dreams from My Father, is reviewed here by Stephen Northcutt of the SANS Technology Institute. Stephen feels that the book ends better than it begins; in fact, he believes that Mr. Obama was very generous to let so many strangers into his headspace.
Book Review: LAN Switch Security:What Hackers Know About Your Switches, by Eric Vyncke and Christopher Paggen - January 11th, 2008
By Stephen Northcutt
After reading this book by Vyncke and Paggen, you will never think about layer 2 the same way again. We quickly learn that, from a security perspective, a switch is neither a mindless toaster nor an insignificant appliance.
Book Review: Made to Stick: Why Some Ideas Survive and Others Die, by Chip Heath and Dan Heath - January 2nd, 2008
By Stephen Northcutt
The Blog digest version of Stephen Northcutt's book review for Made to Stick: Why Some Ideas Survive and Others Die.
Book Review: Geekonomics, by David Rice - December 27th, 2007
By Stephen Northcutt
Geekonomics, by David Rice, is a new book about the real cost of insecure software; this is not a book just for technical people, but every thinking man and woman should read it.
Book Review: End-to-End Network Security, by Omar Santos - December 6th, 2007
By Stephen Northcutt
If you are an intermediate to expert security practitioner and you want to page through the book to find security topics that you do not know about, that is a great use of Santos' End-to-End Network Security, but there is very little depth beyond that.
Book alert, Behind the Screen: Hacking Hollywood, by Mark Stone - November 27th, 2007
By Stephen Northcutt
As a computer security author, I am always interested in hearing about other authors and their projects. Here is one from Mark Stone and he has been working on a project called Behind the Screen: Hacking Hollywood. Who knows, he may be a household (SOChold?) name in a year or two.
Book Review: Linksys WRT54G Ultimate Hacking, by Paul Asadoorian and Larry Pesce; Raul Siles Technical Editor - October 31st, 2007
By Stephen Northcutt
If you are going to be installing wireless it is a good idea to read this book; a lot of the information applies regardless of what brand of equipment you select. And as for me, I don't think I will ever look at a Linksys router in the same way again; from now on I will be wondering just exactly what is going on beneath the hood.
Book Review: The Black Swan: The Impact of the HIGHLY IMPROBABLE, by Nassim Nicholas Taleb - October 27th, 2007
By Stephen Northcutt
A black swan is a surprising or virtually unpredictable event that can have a massive impact. Nassim Taleb's observation, in his book The Black Swan, is that, after the fact, we concoct a narrative to explain it. His book is hard reading and people are either going to like this book or hate it. I have a thick skin, I choose to like it. He made me work pretty hard to get through it, but the mind is a muscle, and I, for one, thank Taleb.
The Best Security Books to have in your library - October 25th, 2007
By GIAC Advisory Board
What are the best security books to have in your library? To find out, Stephen Northcutt polled the GIAC Advisory Board. (Students that score over 90 on their GIAC certification exams are invited to join the Advisory Board).
Book Review: The Age of Speed, by Vince Poscente - October 2nd, 2007
By Stephen Northcutt
Poscente creates an easy to memorize taxonomy of people and businesses: Zeppelins that can't achieve speed; balloons that don't have to; bottle rockets, fast, but misguided; and jets, which is what we want to be. It was a good start, but should have been developed more. The book is divided into 36 short essays that are usually about two pages long, yet a lot of the material is redundant.
Book Review: Virtual Honeypots by Niels Provos and Thorsten Holz - August 21st, 2007
By Stephen Northcutt
Stephen Northcutt discusses Virtual Honeypots by Provos and Holz, and he finds it to be the best security book he's read this year: a perfect blend of well researched information about honeypots as well as plenty of pragmatic how to do it.
Book Review: Seduced by Success by Robert J. Herbold - June 26th, 2007
By Stephen Northcutt
When companies are successful they tend to hire too many people which raises costs, fractures lines of communications and leads to being unable to respond to changing industry trends. This is the core thought of Herbold, a long time executive at Proctor and Gamble and a seven year stint as Chief Operating Officer at Microsoft.
Book Review: Selling Blue Elephants, by Moskowitz and Gofman - June 25th, 2007
By Stephen Northcutt
The premise on the cover is: "How to make great products that people want before they even know they want them," and the primary focus of the book is Rule Developing Experimentation (RDE).
Book Review of Snow Crash leads to Second Life - April 18th, 2007
By Stephen Northcutt
As business leaders, we do not want to repeat history and be like some of the late adopters of the web who were so ignorant of its promise they didn't even register a domain name. Upon reviewing the book Snow Crash, Stephen Northcutt's advise is to buy the book, read the book, visit Second Life andinvest $25.00 to understand this new concept.
Book Review: Miracle in the Andes, by Nando Parrado and Vince Rause - February 20th, 2007
By Gal Shpantzer and Stephen Northcutt
Version 1.1A colleague and former student of mine sent me a copy of this book to read with the following: The true story of an amazing journey of faith, teamwork and leadership ... and doing the impossible, over and over again.
Book Review - Information Security Law: Control of Digital Assets - February 19th, 2007
By Stephen Northcutt
This is the longest book on computer security law I have ever read. Every organization in the USA or that has significant dealings with the USA should probably have a copy on the shelves
Book Review - Cisco Network Admission Control - January 1st, 2007
By Stephen Northcutt
Cisco press was kind enough to send me this book for review and what great timing, I have been thinking about NAC a lot lately. It puts a useful network device management control in the hands of an information security manager and Cisco really does lead the market with their implementation.
Book Review: The Art of Software Security Assessment - December 19th, 2006
By Stephen Northcutt
This is one of those rare security books that has a chance to revolutionize the industry like Applied Cryptography, Snort 2.0, or Hacking Exposed.
Laptop Security - March 20th, 2008
By Ted Demopoulos and Stephen Northcutt
If there is one area of information security we need to make progress on, it is laptop security. They are small, easily sold, and valuable, and criminals are starting to understand the data they hold can be worth far more than the laptop itself. Here are some practical tips on physical security for laptops.
- Musings: Press Releases >> View This Series Only
This series will include press releases from The SANS Institute covering computer, network, and information security training.
Press Release: Management 512 Security Leadership Essentials for Managers now NIST SP800 Compliant - January 30th, 2008
By Stephen Northcutt
SANS announces computer security management training is now NIST SP800 compliant. SANS Security Leadership Essentials For Managers is now incorporating guidance from NIST Special Publications in the 800 series.
Press Release: MAC OSX now supported in SEC508 (Systems Forensics, Investigation and Response) - September 1st, 2007
By Rob Lee
Rob Lee announced today, "I am pleased to announce that my course now supports a student who wishes to bring a Intel Based MAC to the course. I performed a final live test with it this past week here in VA Beach with several students using a Intel Based MAC in the course."
Press Release: GIAC program change to all proctored exams - August 31st, 2007
By Stephen Northcutt
As GIAC moves forward with the ANSI 17024 accreditation process, all GIAC certification exams will be administered in a proctored environment. Administering all certification exams in a proctored environment will raise the credibility of the GIAC program and the certifications that individuals hold.
Press Release - SANS Partner Series Oct 15-19 SEC504: Hacker Techniques - August 31st, 2007
By Stephen Northcutt
SANS Partners with the State of Texas to teach Hacker Techniques, Exploits and Incident Handling Training at a substantial reduction in cost, October 15-19, 2007; SANS Partnership program is open to States, Law Enforcement, or Educational Institutions. What is particularly unique about this course offering is the pricing: SANS Partnership Series is an important way of delivering essential information security training at significant savings. The price for the upcoming class in Texas is $1150, about 1/3 of SANS regular pricing. You are eligible for this price if you are an employee of a state or local agency, a member of law enforcement at the state or local level, or a faculty or staff member from an accredited educational institution.
New Orleans and SANS Security 2008 - November 22nd, 2007
By Stephen Northcutt
The good news is SANS is going back to New Orleans, January 12 - 18 for SANS Security 2008. Let's take a look at what makes New Orleans one of the most unique cities in the United States and a great place to attend a conference.
Does GIAC need to create a HIPAA Certification? - October 31st, 2007
By GIAC Advisory Board
Recently, Stephen Northcutt was contacted by a former employee of HIPAA Academy telling him that GIAC needed to create a HIPAA certification. It seemed like a lot of work, but GIAC would be willing to do it if the world needed it. To get clarification, he asked the GIAC Advisory Board (students that score 90 or above on their exams are invited, and they are a pretty smart bunch of folks). Here are their thoughts.
GIAC Status Report October 2007 - September 19th, 2007
By Stephen Northcutt
As the Global Information Assurance Certification series enters its eighth year of operations and tenth year of development, I have been asked to update an article I wrote several years ago about GIAC. If someone told me in 1998 that one day I would run one of the most advanced technical security certification programs in the world, I would have laughed in their face. I had been given the offer several times, but flatly refused it because it sounded like a whole lot of work.
Is Civil Disobedience Ethical? - September 4th, 2007
By Stephen Northcutt
The current Hawaii Superferry controversy brings up important questions about the ethics of civil disobedience. Many of us are in fields that are governed by a code of ethics or
conduct. Let me encourage you to take a minute and take stock of your
own life and point of view. Under what circumstances might you
participate in civil disobedience, under what circumstances might you
withdraw?
Musings on Branding - Learning Tree - August 7th, 2007
By Stephen Northcutt
Stephen Northcutt examines the marketing materials created by Learning Tree in comparison to SANS branded materials, and he concludes, "...this package was
their ambassador and it did not move me. In the same way, our web page and our brochure
are our ambassadors. We need to make them as good as we can."
Is Tech Target deliberatly misleading with respect to Information Security Certification? - July 30th, 2007
By Stephen Northcutt
Stephen Northcutt of The SANS Technology Institute examines the premises and conclusions set forth by Robert Westervelt in a recent blog regarding current security certifications available to IT professionals.
Review of FISMA Certification and Accreditation Handbook by Laura Taylor - May 8th, 2007
By Stephen Northcutt
Laura Taylor's FISMA Certification and Accreditation Handbook is reviewed by Stephen Northcutt. The bottom line from Stephen: this book is complete, comprehensive, and accurate. He could not find one single example of the obtuse writing that tends to
show up in the NIST and other government documents, and he believes that the book gives you a real path
through the Federal certification and accreditation maze.
Is Wikipedia Appropriate for College Citations? - February 21st, 2007
By Stephen Northcutt
CT News Update lead headline story begins: Vermont's Middlebury College has banned the use of the online encyclopedia Wikipedia as an acceptable source of academic information for students, United Press International reported.
Introducing: Podcasts from PaulDotCom Security Weekly - January 22nd, 2007
By Stephen Northcutt
On January 12, we released an article titled CERT is doing podcasts? While doing the research for this article, we came across PaulDotCom Security Weekly, a weekly computer security podcast, or pre-recorded Internet radio show, that focuses on security news, vulnerabilities, research, and hacking. We find the show and cast very interesting.
Book Review - The 21 Irrefutable Laws of Leadership, by John Maxell - January 1st, 2007
By Stephen Northcutt
Leadership books remind me of cooking: there are a finite number of common ingredients that make up the majority of dishes, but there seems to be an infinite number of ways to combine and present these ingredients.
