The National Cryptologic Museum

I finally got a chance to visit the National Cryptologic Museum yesterday, on the way back to BWI to fly home after SANSFIRE and a few day's family vacation (including 2 Red Sox games at National's Park).

The museum was a real treat, far exceeding my expectations. The had all the classic crypto gear, including a set of Jefferson Disks, an original Confederate cipher disk, multiple Japanese Red, Jade, and Purple machines/analogues, American Sigaba, an original Hebern Machine and multiple Enigma Machines. I really enjoyed the VENONA exhibit.

A really nice touch were the 2 fully-functional Enigma Machines, freed of their cases, with pencil and paper next to each, with instructions on how to encode and decode a message.

With the wheels set to '414' (in honor of SANS Management 414), 'CISSP' encodes to 'DCNXK'. As you click each typewriter key, the wheels turn, and the ciphertext letter illuminates. To decode, turn the wheels back to '414', type 'DCNXK', and 'CISSP' illuminates.

I was also impressed with how kid-friendly the museum was. The kids were handed the pictured cipher disk, and a 'Cryptokids Challenge' score sheet, which included 14 numbered stations. As the kids reached each station, they were presented with a cipher disk setting, and ciphertext to convert back into plaintext. They both successfully decoded all 14 ciphertexts, and were presented with prizes for their handiwork.

The kids had a blast, and both declared the Cryptologic Museum 'the best museum in the DC area, tied with the Smithsonian National Air and Space Museum.' High praise from my young cryptanalysts!!

Visualizing Network Attacks

Greetings from friendly Calgary, Canada.

As promised, here is the link to my Visualizing Network Attacks paper.

The scripts, etc. are here.

Waking Sleeping Dogs: Information Security Ethics

My paper on ethics has been posted: Waking Sleeping Dogs: Information Security Ethics. I wrote it for Management 421, as part of my MSISE program at the SANS Technical Institute.

It's a true story.

SANS Management 512 in Taunton, MA

My good friend Thom Daley is leading Management 512: SANS Security Leadership Essentials as a Mentor-lead session.

My SANS teaching career began as a SANS Mentor, and it was a fantastic experience. Spending 10 weeks in a peer-lead format works very well. The age old advice of 'network, network, network' is true, and the mentor format makes that easy.

Thom is a deeply talented professional with loads of hands-on experience.

Conficker.C

The Internet Storm Center posted a Conficker update, mentioning that the folks at SRI International updated their excellent analysis of the Conficker.C worm.

This worm is highly advanced, and it's peer-to-peer update capability allows it to operate in networks where botnets do not typically thrive. Conficker-infected hosts will attempt to download new functionality April 1st.

Blogging from SANS 2009 Orlando

I'm hitting day 5 of MGT 414 at Sans 2009 Orlando.

Jason Andress, A student of mine, wrote a great paper on IPv6, a topic we discussed during telecom.

Geek Christmas

I was a good geek this year, and received a framed Mt. Xinu 'Death Star' poster. 4.2 > V!!

For students of Unix history, this poster is an all-time classic. Featured in the Jargon File (now in print form as the New Hacker's Dictionary, by Eric Raymond).

From the 'Death Star' Jargon File entry:

The AT&T corporate logo, which bears an uncanny resemblance to the Death Star in the Star Wars movies. This usage was particularly common among partisans of BSD Unix in the 1980s, who tended to regard the AT&T versions as inferior and AT&T as a bad guy. Copies still circulate of a poster printed by Mt. Xinu showing a starscape with a space fighter labeled 4.2 BSD streaking away from a broken AT&T logo wreathed in flames.

I received this poster as a young Unix geekling in 1991, when, inspired by the Jargon File, I wrote Mt. Xinu and requested a copy. They were kind enough to send one.

Miraculously, 2 apartments and 1 house move later, I still have it, and asked to have it framed this year for Christmas. Marty Braun did a great framing job. I recently had my home office renovated, and it will make a fine addition.

'4.2 > V' refers to the fact that Unix purists believe that BSD is the one true Unix, and is superior to System V Unix, hence '4.2 > V'. Mt Xinu (which is 'Unix TM' backwards) ran the 4.2 BSD kernel.

I also had a copy of a '4.4 > V' poster (by BSDi, if I remember correctly), but it has gone missing. If anyone has one, please let me know. I'd be happy to make an offer and add it to my collection.