ecklerwr1 · Sr. Network / Systems Architect · ✭✭✭✭✭

Isolated and large.

We build WIN-T.

EOC, NPM, NTA, SAM, and VMan (VCOps as well) plus splunk seems to get the job done for me. Also OpNet for DPI but I'm looking into using new NPM DPI to get rid of it maybe.

My next cert is going to be Certified Ethical Hacking v9. 2600 was also the name of a very popular hacking magazine: 2600: The Hacker Quarterly - Wikipedia

It nice to not have to use agents but have the option if you need them for some reason.

We're investigating the newer Azure O365 cloud for higher classification level traffic... it requires the direct connection to the cloud. Currently there's on POP in Virginia and the other in California. We're really hoping because MicroSoft has said they are opening a new one in Phoenix which would be ideal for us to…

I read many of those but... BH and DEFCON usually aren't on my list of events to attend. I attend more local and some training to maintain my CPE's for CISSP and soon CEH.

I wonder why you don't hear more about google's cloud... often AWS and Azure are always mentioned but not much is said about googles cloud?

Makes me think about Security Event ID 4656 and handle manipulation. When security policy is enabled it can blow up your security event log collector. So in this case such a small change in secpol ends up almost bringing the collection of Windows Security Event Logs to it's knees. I'm still working on way to capture the…

Event Correlation is where the real tricks and magic can happen but it's also a difficult problem and it why you don't see much of it done well.

Scooby Snacks FTW!!!

Easy choice... War Games. Don't get me wrong TRON was big when I was in school with all the SIGGRAPH computer graphics things going on at the time. If you don't know what it is it's part of the ACM: dl.acm.org/.../siggraph War Games was THE movie that reminded me of myself sitting at the Apple ][+ with my 300 baud modem…

And maybe your resume' if a big enough fine comes down on the company.

D&D you had me there! Bill

I like meatball sandwiches!

How much storage space they're taking up for sure is important!

They come up with some neat names for the botnet version at least... https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/spam-campaign-enlists-victims-botnet-… “The encrypting malware then goes on to connect to a number of hard-coded IP addresses whose purpose is to enroll the affected…

Looks like a perfstack month to me! And look at SolarWinds on Gartner! I'm not sure why they aren't moving SolarWinds further to the right yet though!

Between the shift to RMF and these new clouds certified for processing classified information (AWS, Azure) there is a LOT going on right now in the Government with IT change right now. It's a lot to take in and attempt during 2018. This next year is going to be busier than 2017 I'm pretty certain.

I suppose you really don't want the network failing on someone in intensive care for sure.

I think the new continuous multiple factor the DoD is working on is really neat. One of the main factors is your gait.

To me it's just an abstraction layer on top of another architecture.

I wish they'd find and prosecute the leakers at NSA and CIA!

Awesome thanks @"KMSigma.SWI" !

Did you fly a helicopter?

Down in Texas Bandwitdth Hogs are getting so bad even the dogs are freaking out! A plague of Pigs in Texas! A Plague of Pigs in Texas | Science | Smithsonian Some of the hunting dogs like this one wear kevlar vests!!!

Seems like the NTM - the network traffic mapper might help with this. I don't yet own this module but I'm going to test it out. Hopefully the new network atlas in NPM will also be improved soon.

I'm more a fan of H.P. Lovecraft but you're right Leon Poe is also decent and in the same vein.

The Del's looks good!

that would work well here in the desert!