Brian Baskin's Site (FWIW)

Last Updated on Friday, 18 December 2009 04:50 Written by Administrator Monday, 16 November 2009 14:09

There's often times in our lives where we spend extended time reflecting on our choices and decisions.  I had the opportunity to do just that recently, and wanted to jot some of my thoughts down. What I concluded was: even if you take the road more traveled, you can still find appreciation in the work you've completed. And, most of all, the Information Security field may be the best field to make your own job and write your own rules.

What got my head churning was remembering a recruitment message, sent to me over IRC in the late 90s, to join a very well known security company that did exploit research. It was a solid job offer and everything checked out. However, here I was, 18 and just graduating high school. The company was in Atlanta, GA, 800 miles away. The pay seemed great for someone just out of school. At the time, I was a member of a number of scene groups, had dabbled in software cracking, bots, and malware. But, the fear of possible legal trouble really turned me off from the scene. And so, I turned it down. As I did with a number of other offers that came down the road.

I loved the security world, and shared the secret joy when SATAN (later SAINT) was released, along with the other toys of the trade. But, there was no InfoSec community during this time. Hackers were evil people that were pillaging the elderly. And I wanted to do good things. The concept of white-hats was unknown at this time. And, yet, at one point I visited at 2600 gathering in Philly and was pretty depressed by the people who considered themselves to be 31337 hackers. And there was the crux. Your career options in the field at that time were extremely limited at the time. You were red or blue. I wanted to do the work, but I didn't want to be a "hacker". I turned down the job offer and not long after retired from the scene. I hung it all up and started my life as a basic network admin.

However, I eventually found myself in a position teaching digital forensics to federal/military law enforcement. I guess it could be called fate. Mentally, I started from scratch, and tried to bring a n00b perspective to the field. That changed when I had the chance ability to work alongside Johnny Long. He instilled in me that I shouldn't be afraid of my background, and should exploit it for good.  At the time, we were teaching network intrusion responses, with a 100% focus on forensics. With help from other passionate instructors, we started integrating a bit of hacking into the course.  We showed buffer overflows on vulnerable Solaris machines.  We let the students telnet in and do it themselves, then look for the forensic traces of the actions. But, it wasn't enough.

Johnny had the great idea of developing a two-day hacking class for the 2006 DoD Cyber Crime Conference. We designed the curriculum to be fairly high-level, yet modular to experience. We broke the class up four groups based upon their experience level, then started showing them scans and exploits. The advanced group in the back literally fried a 3com hub, and everyone loved it. We brought back the class each year thereafter, and there was a continual waiting list of people wanting to attend.

After a few successful runs, and numerous positive feedback from the conference, we broached the idea of a full, official hacking course to be taught to military investigators... and we got the green light. Thus was born the Network Exploitation Techniques (NET) course, for which I was happy to help design and develop. Early this year Johnny went to follow his passion and become committed to his charity work. We all decided to retire the 'Hacking Stuff' class that had been an annual staple.

Ultimately, there was a hidden lesson in the whole mix. I've taught hundreds of security individuals from all walks of life and from many corporations and government entities. And as every year went by, I noticed a greater range in the job titles and descriptions being used. And I had the chance to sit and talk to people at conferences and meetings, I found a lot of people with the same story as myself. They wanted in, but didn't want the label of 'hacker'. Through sheer determination and logical thinking, they were able to create their own jobs.  Having been through that, there is no better feeling that your boss sitting you down and saying "We need an XYZ and you're it. Write up a job description for yourself and give it to me by COB Friday." 

I wonder sometimes where things may have changed had I taken a different road in life, and then I realized that it didn't matter. If you have a passion and drive for what you do, it will all come full-circle. You will eventually find yourself happy in your work and life. If you have a passion for security, you will subconsciously find yourself implementing security into your current work. The same trials you face today will happen in other life streams, just in different weather and locations. So, find what it is that you enjoy and just do it.  And while it's been 10 years since I've sat down with a dissassembler (except for a few, simple small projects for fun), I know that there will be another day ahead of me where I will take up my old passions and put them to use again. 

Last Updated on Monday, 26 October 2009 05:59 Written by Administrator Sunday, 25 October 2009 15:50

An incident came to light this last week, when the new book Dissecting the Hack: The F0rb1dd3n Network was reviewed by Wesley McGew, wherein many occurrences of plagiarism were found. The issue went public very quickly, and the lead authors came out in defense of their work.  The issue arose in the technical reference portion of the book. To help complete the book, the lead authors, Jayson Street and Kent Nabors, allowed the technical editor, Dustin L. Fritz, to write the large technical portion.  It was this technical portion, written by Dustin, that contained the plagiarism.  I was shocked.  I've met Dustin, and even had dinner with him and his wife and others at TechnoSecurity this year. I met him through my personal friend, Marcus Carey, who brings together many experts in the Baltimore/DC area through his DojoSec meetings. I just wouldn't expect the great cardinal sin of technical writing to be performed by him on this project.

The end result is that the credibility of two great people in the InfoSec world has been tarnished over a labor of love that they've been working on for years. But, that can be fixed.

It's a bad situation, but it is being rectified.  Syngress, the book's publisher, has come out with their official statement and is working to correct the situation. Dustin L. Fritz will no longer be working on any Syngress project.  The cache of copies of the book will be destroyed and a new ISBN created.  The technical volume will be completely eradicated and redone with a group effort. The details are still being worked out, but Marcus Carey will be leading the charge to interview the authors of the tools and methodologies used in the book.  I will be the technical editor on this portion to ensure that it is relevant, accurate, and fresh material.

You can review the latest happenings with this book project at its dedicated community site.

I'll do whatever I can to help make this book the best it can be.  How?  Well, here are some of my credentials. In my day job, I'm the Deputy Technical Lead for the Department of Defense Cyber Crime Center's Training Academy (DC3 DCITA).  I spend much of my time overseeing various research projects into incident response, forensic analysis, and network intrusions.  I am part of the review cycle on over two dozen technical reference guides on cyber crime that our organization produces for its training courses.  The issue of plagiarism has come up before.  I've seen blocks of text: paragraphs or even page-long blocks, uncited and copied from other sites.  If you know how to find it, it's actually very easy to see.  We've been able to see these issues and stop them before they ever make it into the book, and provide additional training to the developer that made the mistake (which, many times, are purely by accident). I've been writing forensic technical manuals for nearly ten years, so I'm pretty good at what I do.

I've also authored and co-authored five books with Syngress. One of the chapters I wrote was republished into a best-of book, so I claim six books :)  Book authoring is a very difficult and time-consuming job.  For most of the books I've worked on, I was brought in by Syngress as "the closer". If a book was getting behind on its schedule, and a chapter needed to be done quickly to get it back on schedule, I would be brought in.  I wrote the three chapters of my first book, Securing IM and P2P Application in the Enterprise in a month. The third chapter was written in a 24-hour period of no sleep. It was also an eye-opening chapter, as I originally wasn't planned to do it. Instead, someone else wrote it and the technical editor (Marcus Sachs) found material in the chapter plagiarized from his own works. Since Syngress caught it early, the original author was stricken from the contract and I re-wrote that chapter.

Syngress has a great niche in the service they offer. The Information Security field is filled with really bright individuals that need an outlet to let their genius flow. Syngress provides this. With their new staff of editors, including Angelina Ward and Rachael, they have my full faith in making the best of this situation.

Last Updated on Sunday, 25 October 2009 17:55 Written by Administrator Thursday, 22 October 2009 15:27

On Tuesday, 20 October, my second son was born into this world at 1139.  It was... an interesting experience.

Early in the pregnancy my wife had decided that she didn't want to know the gender of the baby, and no one should either.  I won out and found out that it was a boy from the ultrasound tech and tried to keep it a secret for many months.  We had girls' names all picked out, but none really for a boy.  Yet, I couldn't push the issue as that would give away the gender.

 My wife had me stay home from work on this Tuesday, as she was two days past the due date and feeling like it would come soon.  We had already planned on a homebirth with two midwives coming to assist in the delivery.  However, the entire "hard" part of labor was less than two hours and the midwives didn't arrive in time.  Meaning, that I had to catch the baby.  The midwives arrived just 7 minutes later.

Tristan Blaise Baskin, 8lbs 14oz, 21 1/4", was born very healthy and strong.  And it was a very strong family moment for us to deliver the baby with just our family, and our five year old cutting the cord.  No overbearing "hurry so we can free up the room" hospitals, no over-trained doctors that want to make it interesting for their own sake; just a nice, natural birth.

Last Updated on Sunday, 25 October 2009 15:49 Written by Administrator Saturday, 16 May 2009 21:35

In a pretty dramatic move, I've decided to sell the Lightning.  The first thing people ask is why.  Here's why:

• Another child on the way and a larger vehicle is needed (such as a minivan)
• We really need to consolidate our cars down to just two. So, the Lightning and the Volvo are going up for sale to buy a single, newer, vehicle.
• I don't get as much happiness out of the truck now.  At most, I drive it an hour a month due to other obligations. I don't see that getting better in the near future.
• Also, I find myself wanting a more plush ride.  Mid-life crisis?  I find myself considering taking the truck last, after all my other cars.  I'm loving my Volvo right now, but it's getting up there in mileage (236K) and is almost a high-mileage ride.

To get this done, I've had the truck put through Maryland Safety Inspection, which is required in Maryland for all title transfers.  It was about $600 in repairs for that: new windshield, some new wiring, new rear leaf hanger, and other minor things.  I just had the rear end rebuilt, new rear brakes, and fixing up a ton of minor issues. 

She's about to go back in this week for another small item: putting the factory transmission pan on.  I've had tons of leak issues, and come to find out it was the new Derale cooling pan I bought from Summit.  There's a kink in the corner that's leaking fluid out at a slight rate. But, on my inclined driveway, sometimes it comes out fast.  That's getting fixed finally.

So, there it is.  If you want to see more information, check out my other domain, which I've changed to be a selling site for her: www.mdsvt.com

Update: But, it's already sold :)  In July the new owner came along and bought her up.