Fwd: Drupal Web Developer opportunity

From: David White 
This is in Knoxville.

I'd love that referral fee if someone on this list wants to apply
(i.e.would you consider letting me refer you?)
---------- Forwarded message ----------
From: "Sal DiGennaro" 
Date: Sep 20, 2016 9:36 AM
Subject: Drupal Web Developer opportunity

Good Morning,
> I wanted to touch base and see if you would be or knew anyone who would b=
> interested in this long term contract opportunity. This position is locat=
> in the Knoxville, TN area and will require someone to be onsite (no
> remote). This is with a R&D facility and although a security clearance is
> not required for this position, a background check is.  Let me know if yo=
> are interested or can refer me someone who would be, I would pay a $250
> referral bonus to you if you send me someone who I get hired for this
> opportunity. Dont hesitate to call or email me with any questions and I
> look forward to speaking with you soon.Good Morning,
> I wanted to touch base and see if you would be or knew anyone who would b=
> interested in this long term contract opportunity. This position is locat=
> in the Knoxville, TN area and will require someone to be onsite (no
> remote). This is with a R&D facility and although a security clearance is
> not required for this position, a background check is.  Let me know if yo=
> are interested or can refer me someone who would be, I would pay a $250
> referral bonus to you if you send me someone who I get hired for this
> opportunity. Dont hesitate to call or email me with any questions and I
> look forward to speaking with you soon.
> Drupal Web Developer/Analyst

cybersecurity road trip?

From: Rod-Lists 

----- Forwarded Message -----
From: "Optiv" 
To: "Rod-Lists" 
Sent: Monday, August 29, 2016 5:01:47 AM
Subject: Join us on September 8 for a Cyber Security Leadership Exchange

If you have trouble viewing this email, read the online version.

Join this open panel discussion and learn more about today’s modern threat landscape.         


"Cyber Security Leadership Exchange"                                                             

U.S. Secret Service Featured Speaker!
Attackers today do not just use one channel to launch their targeted attacks - they use all of them. Email, social media, networks and endpoints are all part of the modern cybercriminal's arsenal, and many of these attacks are invisible to traditional security tools. 
Join us  and learn more about today’s modern threat landscape and gain visibility into the new forms of sophisticated cybersecurity threats targeting organizations.

Thursday, September 8, 2016
11:00 AM – 1:30 PM

Registration 11:00 AM
Presentations and Lunch 11:30 AM
Q&A 1:30 PM 
Ruth’s Chris Steakhouse
8521 Leesburg Pike, Tyson’s Corner, VA 22182
Tel: 703-848-4290 

REGISTER NOW                                                                                                 

For more information, please contact Michelle Patterson at mpatterson@proofpoint.com  or 214.682.8284 .                     

Connect:                                                                         Contact:                        

Has anyone ever heard of SiteLock?

From: Jonathan Calloway 

I got an email and my ‘customer’ got a phone call from a security analyst and SiteLock.  They claim that my site has been infected with malware.  They’ve placed a text file on the server that shows all of the files that are supposedly infected.

When reviewing the files and comparing them to a recent backup, I noticed two things:  1)They didn’t exist before (at least within the last 2 weeks) and 2) They’re all the same; 98 lines of stuff like this:  

formalization= 'd'; $diffusing='d';$democrats= '$';
$gregor= 'a)EP

[OT] iPhone for sale

From: asg 
I have two iPhones with cracked screens a 5s and 5c. A DIY screen repair =
is $129 and I don=E2=80=99t want or need to spend the money to repair =
them. If anyone wants them, make me an offer. The 5s is 16G and the 5c =
is 8G.

Stephen Haywood
Owner: ASG Consulting

OT: Network Admin Job

From: Nick Smith 
My employer is looking for a good network admin.

If your interested or know someone who is, get your info over to me.

Normal job description below:

=E2=80=A2 Responsible for designing, organizing, modifying, installing, and
supporting a company's computer systems. Designs and installs LANs, WANs,
Internet and intranet systems, and network segments.

=E2=80=A2 High school graduate with some college course work in computer sc=
=E2=80=A2 Considerable (5 years) and current experience as an Administrator=
 on a
medium sized network of servers, desktop systems and communications devices
using current technologies.
=E2=80=A2 Cisco Certified Network Associate (CCNA) a plus.
=E2=80=A2 Previous work with financial institutions a plus.
=E2=80=A2 Working knowledge of LAN and WAN topologies and architecture, inc=
Multi VLAN architecture. Must be able to construct, operate and maintain
LAN and WAN Networks. A complete knowledge of Gigabit and Ethernet topology
interfacing with network IP phone systems. Must be able to research and
solve associated problems
=E2=80=A2 Must have knowledge and experience with network firewalls. (Cisco=
 ASA is
=E2=80=A2 A strong knowledge of DNS and DHCP.
=E2=80=A2 Extensive experience with VMware, vCenter Virtualization of Serve=
Certifications and SRM experience a plus.
=E2=80=A2 Some working knowledge of Linux, Windows and associate OS-Level n=
IP configuration. Midrange system knowledge of i5 OS a plus.
=E2=80=A2 Excellent communication skills and ability to interact with other=
s to
solve problems.
=E2=80=A2 Good organizational skills.
=E2=80=A2 Ability to adapt to emerging technology and learn new skills as n=
=E2=80=A2 Ability to maintain composure in stressful situations.
=E2=80=A2 Ability to perform heavy lifting.
=E2=80=A2 Ability to work flexible hours including occasional weekends and =

=E2=80=A2 Install and support LANs, WANs, network segments, Internet, and i=
=E2=80=A2 Install and maintain network hardware and software.
=E2=80=A2 Maintain integrity of the network.
=E2=80=A2 Maintain data security in a financial environment.
=E2=80=A2 Manage additions and changes to DNS and DHCP systems.
=E2=80=A2 Develop and maintain disaster recovery strategies as it pertains =
to the
network and the bank.
=E2=80=A2 Responds to banking office and/or department requests for assista=
nce and
installations; accurately documents such requests and their resolutions
though the IT work order system; regularly communicates with benefactors of
open work orders until resolution.
=E2=80=A2 Troubleshoots a variety of problems and resolves immediately when
possible; refers unsolved problems to appropriate third party vendors;
monitors problems through ultimate resolution.
=E2=80=A2 Maintains effective working relationships with a variety of outsi=
vendors and Bank employees.
=E2=80=A2 Within the areas of assigned responsibility, maintains the integr=
security and continuity of Bank computer systems though careful attention
to the following details:

Stringent Security Administration, Patch Management and System Upgrades,
Routine Systems Maintenance, Performance and Availability Monitoring,
Detailed Deployment Documentation, Routine Procedures Documentation,
Testing and Verification of Complete and Reliable Backups

=E2=80=A2 Maintains an acceptable level of expertise within the areas of as=
responsibility; participates in scheduled training as well as seeking
continuous self-education though any available IT and banking industry
resources; utilizes knowledge and experience by training other IT team
members as required.
=E2=80=A2 Maintains orderly work and storage areas; ensures the accessibili=
ty of
supplies, tools, parts and equipment, software masters and other IT
resources by returning these items to secure organized repositories when
not in use.
=E2=80=A2 Maintains a working understanding of, and complies with, applicab=
banking regulations, operating procedures and security guidelines.
=E2=80=A2 Regular and predictable attendance.

=E2=80=A2 Prepares non-standard management reports as requested.
=E2=80=A2 Recommends constructive improvements to procedures.
=E2=80=A2 Performs other duties as assigned.
=E2=80=A2 Maintains a working understanding of, and complies with, applicab=
banking regulations as well as internal policies and procedures.

=E2=80=A2 Valid driver=E2=80=99s license.

Employees may experience the following physical demands for extended
periods of time

=E2=80=A2 View computer monitors
=E2=80=A2 Keyboarding
=E2=80=A2 Motion of fingers/hands/wrists/elbows
=E2=80=A2 Sitting
=E2=80=A2 Working from ladders
=E2=80=A2 Stooping and bending
=E2=80=A2 Use of power tools
=E2=80=A2 Lifting computers and related equipment weighting up to 50 pounds=
=E2=80=A2 Travel to other locations.

Employees in this job are required to travel to banking office locations,
other company divisional locations and vendor office locations. Some travel
may require planned or unplanned overnight stays.

Work is performed in an operational office environment. Occasional
situations may require installation and deployment work in areas under
renovation or new construction.

Nick Smith
nick at nicksmith dot us

Kaspersky for Mail Server Antivirus

From: David White 
Does anyone have experience running the Kaspersky KLMS (Kaspersky Security
8.0 for Linux Mail Server)?

According to official documentation, the software requires a minimum of 2
GB of RAM and 4GB of swap. That seems utterly ridiculous to me.

I just finished installing a trial version of it into a CentOS 7 machine
inside Virtual Box with 1GB of RAM and no swap. Granted, this VM doesn't
have any users, but I can confirm that all of the various kaspersky daemons
and such are running, and there's still no load.

Given that my mail server infrastructure has very low volume (at max on a
busy day, it probably handles less than 500 legitimate emails in a given
day), I'm thinking I'm going to give it a try.

I just recently became a Kaspersky reseller, so have access to 1 year of
free licensing. Would probably be better than ClamAV.

David White
Founder & CEO


*Develop CENTS*
Computing, Equipping, Networking, Training & Supporting for small
businesses and nonprofits
Providing: Web Hosting, Technical Support & IT Consulting

*Signup to our Newsletter at

Anyone at BSides Knoxville?

From: Bret McHone 
The subject says it all. Is anyone here at the BSides Knoxville cyber
security conference?


Chattanooga cybersecurity job opportunities

From: Know Juan 
My company is currently recruiting for a few full time cybersecurity
positions that are open in my group.

Competitive compensation and pretty solid benefits.

If you're interested, or know anyone who might be - please contact me off
list for full details.

Docker Question

From: "Kite, Mike" 

  I have a close friend who's recently widowed and her hubby was a web developer.  He was hosting several websites, we think using Docker.  After his death, a couple of power-failure events knocked all of them offline.  I have to think they were being manually started.  And I think they're hibernating on his iMac.  He was too good at security, so getting this much info took me too much hacking, which is not my forte, nor are web-apps, I'm a sysadmin.

So, anybody got advice as to how to find these docker-ized web apps?  Start them?  Move them to another host?

Thanks all!

OT: Security Analyst Job in Nashville

From: Stephen Haywood 
I've got a friend looking for a Security Analyst in Nashville, details are


   - 4+ year=E2=80=99s work experience
   - 1+ years as Security Analyst
   - Experience in Linux administration
   - Basic understanding of TCP/IP networking, such as: IP addressing,
   subnet masks, basic IP routing, TCP/UDP
   - Strong understanding of security operations concepts: perimeter
   defense, BYOD management, data loss protection, insider threat, kill cha=
   analysis, risk assessment, and security metrics
   - Strong understanding of IT operations: help desk, end-point
   management, and server management
   - Ability to analyze data and communicate findings to users, technical
   staff and upper management.
   - Attention to detail
   - Good written and verbal communication skills
   - Ability to effectively network, participate in interdepartmental
   teams, and develop key working relationships

Preferred Qualifications:

   - BS degree in Engineering, Computer Science, Information Security, or
   Information Systems preferred
   - Professional certifications such as Security+, Network+, CCNA, CEH,
   - Experience with 1 or more programming or scripting language such as
   Python, Bash, VBScript
   - Strong understanding of basic visualization techniques
   - Advanced Expertise in at least one of the following: o Splunk,
   Arcsight or other SIEM and logging technologies o Incident Response o
   Malware Reversing o Network Forensics
   - Hands-on advanced level experience with both closed and open source
   SOC technologies to include: o Log management, analytics, and correlatio=
   platforms o SIEM solutions o Forensics toolsets o Pen-Test Frameworks &
   Toolsets o Vulnerability Management Solutions (Nessus, Qualys, Nexpose,
   etc.) o Endpoint Security Toolsets o UTM products
   - Experience in an incident detection and response oriented security
   monitoring environment
   - Knowledge of installing, configuring, and maintaining network and
   security monitoring solutions
   - Experience with Windows PowerShell and Perl scripting

Stephen Haywood
Owner, ASG Consulting

OT: Secure Application Development

From: asg 

  The company I work for offers secure application development training =
classes. The class can be be run as a 2-day on-site class or as a =
web-based class. The theory of the class is language agnostic but the =
examples are all in .NET or Java. I know a number of you are developers =
and you or your company may be interested in doing a class like this. =
You can get more details here: =

Stephen Haywood
Owner: ASG Consulting

Rural Technology Fund

From: asg 

  A guy I know in the infosec community, Chris Sanders, started a =
non-profit to put technology into rural schools. In particular, they =
give raspberry pi kits to teachers in rural classrooms. If any of you =
are upgrading your RPis from 2 to 3 and would like to donate your RPi 2 =
please get in touch with them.


You can follow @RuralTechFund on Twitter if you do that sort of thing.

Phil Shapiro, this could make a good story for you and help them spread =
the word about what they are doing.

Stephen Haywood
Owner: ASG Consulting

StartCom Feedback From Eddy Nigg

From: Mike Harrison 


It may not address all of your/our concerns, but StartCom and Eddy Nigg (and probably actually was Eddy, we’ve chatted before..) directly answered my request about the FUD website (Kimchi) and auth server in China. It’s a better answer than you’ll get from anyone else in that position. 


Dear Mr. Harrison,

Thanks a lot for your comments that truly come from your love to StartCom.

But don’t panic, like every big company (IBM, Cisco, Oracle, Microsoft etc.) that has set up branch offices and R&D centers in China, StartCom is the No. 6 biggest CA in the world and today has also setup branch office and R&D center in China, our Chinese R&D team chose Qihoo 360 to provide secure hosting service since this company is the No.1 Antivirus and web security provider in China and in the world that public listed in NYSE.

We are always trying to improve and try support continued growth which isn't always easy to sustain. With that we hope to provide you and all our customers a useful service.

Signer: 	Eddy Nigg, COO/CTO StartCom Ltd.

Sudo Auditing

From: asg 
Any of you guys know of a tool that can audit a sudoers file for stupid =
mistakes? Things like a user or group having ALL:ALL permissions or no =
password. Or groups like www-data having sudo permissions?

Stephen Haywood
Owner: ASG Consulting

Separate Network for iSCSI Traffic

From: Stephen Haywood 
Since I'm actually participating in the Chugalug discussion today, I
thought I'd throw this out there. I'm doing a pentest right now and the
client has an iSCSI server with no auth on the internal user network. My
test box is also on the internal user network. I was able to mount the
iSCSI LUN on my Linux box.

After accessing the LUN I realized it was holding VMware VMs for their ESXi
server. I was able to download the Domain Controller VM to my box mount the
vmdk files and pull out the ntds.dit and SYSTEM files. From there I was
able to extract the Domain hashes.

Moral of the story: iSCSI should be on a PHYSICALLY separate network for
security and performance reasons. If you have no choice but to have your
iSCSI on the same network, then use authentication.

Stephen Haywood
Owner, ASG Consulting

ICS Security Summit 2016

From: Know Juan 
Any of you guys(/gals?) planning on going to this?


Linode Password Reset

From: Dave Brockman 
Hash: SHA1


I know a couple of you on list have Linodes, I haven't received my email
notification as of yet, but this came across my screen...


Version: GnuPG v2


Upstart Help

From: asg 
I=E2=80=99m working through this tutorial, =
ations-with-uwsgi-and-nginx-on-ubuntu-14-04,  and I=E2=80=99m stuck on =
the Create an Upstart Script section. I=E2=80=99ve written the script =
but when I try to sudo start zkm, I get a generic Job Failed to Start =
message. I=E2=80=99ve looked in /var/log/upstart but there is not a log =
file for my service. I=E2=80=99ve added console output to the .conf file =
but it still only displays the generic message. I=E2=80=99ve also =
checked the .conf file syntax with init-checkconf and the syntax is ok. =
Are there any other log files to check or any other methods to find out =
what is causing the service to fail to start?

Here is the .conf file I=E2=80=99m working with.

description "uWSGI server instance configured to serve zkm."
console output

start on runlevel [2345]
stop on runlevel [!2345]

setuid www-data
setgid www-data

env PATH=3D/var/www/zkm
chdir /var/www/zkm
exec uwsgi --ini zkm.ini


Stephen Haywood
Owner: ASG Consulting

Mozilla foundation thinking kicking thunderbird to the curb.

From: Rod-Lists 

I like this post on slash about. Some think Mozilla trying to kill XUL in favor of HTML5 tech.
Others seem to think that Microsoft and Google funding them that those two mail providers may have something to do with it.

Mozilla, I have actually donated to you in the past, but I have to admit my faith and continued donations are really starting to waiver lately.

Don't get me wrong; its not because of the Australis and UI changes that many people complain about. I actually enjoy those changes, the cross-platform consistency it brought. That's not the issue.

The issue to me is that I feel like you're slowly abandoning your principles:

Incorporation of 3rd party proprietary services such as Pocket and Hello (the calling through Telefonica) seem to give up on principles of open source and control of data
Including ads in my new tab window is annoying, and possibly a privacy/security risk depending on where those ads are sourced from (they're not hosted on mozilla servers I'd guess; so do you trust the servers you're pulling from?).
Support of the DRM plugins/codecs for video. I know the argument was that you didn't really want to do it but were forced to, but how about principles? What can we do as a movement to try to push for open codecs again? I haven't received email updates on what you're doing to support that.
Now, giving up on Thunderbird, which is not just well known and liked, but I think its key selling point is ENCRYPTED PRIVATE email. By necessity, you can't do crypto (encrypted and signed emails) unless its in a mail client. If you want to send a webclient your private key, you're missing the point.
If you need money, tell us how it is. Lay out your plan for the next 3 years (a very specific vision!), estimate a figure of money, and maybe we can crowdsource it to happen. I think people are less likely to donate if they can't get clarity into what the money is used for (I know I'm that way).

I think that plan/vision needs to say more specifics like: we're campaigning against all kinds of ads, especially ones that track you and hurt your privacy; we're abandoning 3rd party proprietary things built in to our browser; we're re-focusing on our needs on your security and privacy. We're going to have the most secure browser on the planet, implementing the following list of protocols and standards, we're researching some new protocols and standards and working with the community on them. We're going 64 bit on Windows to take full advantage of performance and security extensions in modern OSes. We're going to make crypto more easy and transparent, both TLS in the browser, but especially we're going to refocus our efforts on Thunderbird and making your email safe with built in idiot-proof PGP encryption and signing. We're also going to work with web vendors to start implementing their own encryption, meaning when you get a notice from your bank, we expect it to be signed by your bank's encryption key and it all happens automagically to keep you safe.

If I don't start seeing more concrete things like this working for the betterment of the internet and my security and privacy on the internet, then my donation dollars will start looking for other projects. I want to know you're working for me, and not using me only to generate money.

Headless VM Server

From: asg 
I=E2=80=99m building a new VM server and want to try to use Ubuntu and =
KVM. Can anyone recommend a good web-based KVM manager?


Stephen Haywood
Owner: ASG Consulting