Industrial Control Systems, Idaho Falls

Yesterday I participated in the Red/Blue team exercise of a simulated Industrial Chemicals Plant.  My team was tasked with defending the plant from attack, and maintaining production.  After a long, fun, and frustrating day the attackers were able to compromise our production for over an hour which led to our eventual defeat in the exercise.

A lot of the material presented so far has been review, although it's surprisingly fun to exploit systems in a simulated industrial plant.

We've discussed a variety of topics over the last few days:

• Network Discovery
• Windows/Linux Admin
• Device exploitation (metasploit, etc.)
• Basic IDS (snort)
• Vulnerability Scanning 
• Social Engineering

just to name a few.  The training is provided by US-CERT and INL, and I would highly recommend the experience to anyone interested in the topics above. I am definitely ready to come home though.

Desktop - February Edition

I'm with Coco!

Suh for Heisman

Fair and Balanced?

President Obama became the first sitting U.S. President to make an appearance on the Tonight Show last night. During the interview, he made an ill-advised comment regarding the Special Olympics, and immediately apologized after the interview. Stupid mistake, but is this really headline news material? I'll give you one guess as to which network is outraged and running the story as its headline story.

(All of these screen captures were taken within 1 minute of each other this morning)

To find the story on MSNBC, you would need to browse to the bottom of the page for a link. It's not even close to headline news.

The story is slightly more visible on CNN's site. You'll notice the quick blurb about it under the 'Latest News' section.

How about the 'Fair and Balanced' network?

Betcha didn't see that one coming....

WTF Citibank?

Really Citibank? I opened my account with you over a year ago because of promises of no ATM fees, no checking account fees, and decent savings rates. Fast forward to today and what do I have now? A closed account.

My hatred for Citibank isn't new (see my previous entry). Today, however, my annoyance level with these guys reached a new high. I received an automated call from some number stating that 'Your account has been overdrawn, blah blah blah". Interesting, considering that I haven't even looked at my account since June.

I proceeded to check my account balance online. My $1.00 balance had turned into -42.50. I look for the charges, and guess what I find:

1-26: MONTHLY SERVICE FEE $9.50
1-27: OVERDRAFT FEE $34.00

Really? My previously fee free, dormant, account now costs me $9.50 a month? Really? Doesn't Citibank have to notify me before a change like this? Regardless, I made a call to Citibank, and after a lame explanation that my 'fee waiver' expired on JAN 1, I told them to remove the fees and cancel my account.

Thankfully, after checking with his supervisor, Michael informed me they would zero out my account and cancel it. I should be happy right? Pffft. This is when I asked Michael when I would be receiving my check for $1.00 (the previous balance). After a What?! (disbelief I'm sure) He told me that I should call back on Monday after the account is actually closed to request the check.

Guess what I'm doing first thing Monday?

Google owns me

Google basically owns everything that I use on teh interwebs now, so I figured I might as well add my blog to that list too. As you can see, I've converted from Wordpress to Blogger. The response time seems to be a lot better, so I guess we'll see how it holds up over time.