Sunday, August 29, 2010

GE Looking for Business Response Team Leader

GE continues to hire security professionals to help reduce IT risk at our company. I should be posting additional jobs for my team (GE-CIRT) next month, but right now my boss (our CISO) asked me to help find a Business Response Team (BRT) Leader for our Corporate entity. Visit www.ge.com/careers and search for job 1251700 to find cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 role. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 summary:

The Business Response Team (BRT) Leader is responsible for working with business peers and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 GE Computer Incident Response Team (GE-CIRT) to better protect GE Corporate from digital intruders. The BRT Leader limits and assesses cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 damage caused by digital intruders, evaluates cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 posture and configuration of business computers, provides direct security support to business initiatives, and works to improve cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 business.

This role is in Connecticut in order to be close to our HQ.

Monday, August 23, 2010

Bejtlich on Silver Bullet Podcast

Gary McGraw was kind enough to interview me for his Silver Bullet Podcast. Gary is a real pro; he does his homework. After describing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 interview process to my wife, she thought Gary's approach sounded like James Lipton and Inside cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Actor's Studio! We talked about a lot of subjects and Gary tailored his questions to relate to my incident detection and response duties and relations to software security.

Review of Least Privilege Security Posted


Amazon.com just posted my four star review of Least Privilege Security for Windows 7, Vista and XP by Russell Smith. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

Russell Smith's Least Privilege Security for Windows 7, Vista, and XP (LPS) is a helpful contribution to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 toolbox of many enterprise system administrators. Numerous organizations are finally realizing that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet is too hostile an environment to let normal users function with elevated privileges. Although by no means a panacea for preventing intrusions, users operating with least privilege are somewhat more able to resist some attack vectors. Beyond resisting attacks, users operating with least privilege are more likely to meet organizational rules. Thanks to LPS, administrators running Windows 7, Vista, and XP can apply cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author's lessons and guidance to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir own environment.

Bejtlich Teaching at Black Hat Abu Dhabi 2010

The teaser page for Black Hat Abu Dhabi 2010 is now live, and I am pleased to announce that I will teach TCP/IP Weapons School 2.0 cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re on 8-9 November. Preregistration appears to be available. This will truly be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last edition of TWS version 2.0. I have been in contact with experts from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365United Arab Emirates Computer Emergency Response Team (aeCERT) and I hope to have students from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 region participate in my class.

For those interested in TWS 2.0 but not familiar with it, I described cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 class in this blog post titled Sample Lab from TCP/IP Weapons School 2.0.

I described differences between my class and SANS in this post.

I am also developing version 3.0 for Black Hat DC 2011 in January. When I have details on that class I will post cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m here.

Sunday, August 22, 2010

Review of IT Security Metrics Posted

Amazon.com just published my five star review of IT Security Metrics by Lance Hayden. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

I was not sure what to expect as I started reading IT Security Metrics (ISM). I had just discarded anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r new book, published in July 2010, supposedly about security metrics but really about nothing useful to anyone anchored in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 operational IT world. Would ISM be anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r disappointment? Since Andrew Jaquith published Security Metrics in 2007, no ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r book had appeared to help security professionals measure cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir worlds. Thankfully, I can strongly recommend Lance Hayden's ISM as a very strong contributor to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 discussion on security metrics. ISM's subtitle, "A Practical Framework for Measuring Security & Protecting Data," really does explain cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 purpose and value of this great new book.

Review of Practical Lock Picking Posted

Amazon.com just posted my five star review of Practical Lock Picking by Deviant Ollam. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

Practical Lock Picking (PLP) is an awesome book. I don't provide physical testing services, but as a security professional familiar with Deviant's reputation I was curious to read PLP. Not only is PLP an incredible resource, it should also serve as a model text for ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs who want to write a good book. First, although cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book is less than 250 pages, it is very reasonably priced. Second, Deviant wastes NO space. There is no filler material, background found in ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r readily available texts, reprinted Web site content, etc. Third, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 writing is exceptionally clear and methodical, with extreme attention to detail and a master's approach to educating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reader. Finally, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 diagrams, pictures, and figures are superb. When necessary cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y convey cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most subtle elements of lock or key design, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 appropriate size and clarity. Overall, this book is helpful for those wishing to pick locks AND those who want to know how to write a good book.

Saturday, August 21, 2010

Consider Reading Network Flow Analysis

If I could write an Amazon.com book review of Network Flow Analysis by Michael W Lucas, I would give it five stars. Why won't I? The reason is that Michael asked me to be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 technical reviewer for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book, and I don't feel comfortable publishing a review when I am potentially identified with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 content. Michael did such an awesome job writing his newest book that my tech edit was fairly easy. However, I would prefer to say a few words on my blog racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r than assign stars at Amazon.com.

(Note: for those of you who do some research and find my review of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 excellent Linux Firewalls by Michael Rash, you'll see I issued a disclaimer that I wrote cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 foreword. I felt that writing a foreword is different than tech editing, because a tech editor is partially responsible for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 content of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 entire book. A foreword author is more or less writing an endorsement, like a review that's published in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book itself. You may not agree with this differentiation -- it's up to you.)

Why do I like Network Flow Analysis? As I've said before, Michael W Lucas is probably my favorite technical author. He is complete, accurate, and entertaining like no one else. He has an uncanny ability to know what cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reader needs to accomplish a technical task. I consider many of his books cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 definitive works in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir fields. With Network Flow Analysis, Michael teachers readers how to implement a NetFlow-based monitoring architecture using open source tools and code. He focuses on using Flow-Tools for analysis and Softflowd for capture when NetFlow export is unavailable or undesirable. He adds ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r tools and approaches when needed, including visualization with Gnuplot. I found that section to be interesting because he provides background on using Gnuplot before enlisting its help with flow data. Michael also provides conversion mechanisms for devices exporting NetFlow v9.

If you want to implement a NetFlow-based instrumentation architecture using open source, or perhaps integrate various platforms into a commercial analysis engine, Network Flow Analysis is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book for you.

Monday, August 16, 2010

World's Worst Security Visualization?

I'm speaking at VizSec 2010 next month. My topic is Is Security Visualization Useful in Production? I already asked do you use visualization in production? I realized it would also be great to show cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 world's worst security visualizations. So, what have you seen? What is just horrible yet supposed to be awesome?

I'll select cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most interesting responses and integrate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m into my presentation. Feel free to comment here or email richard at taosecurity dot com. Please be sure to include an IMAGE so we can see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 visualization you are describing! Respond no later than Monday 30 August. Thank you.

Do You Use Visualization in Production?

I'm speaking at VizSec 2010 next month. My topic is Is Security Visualization Useful in Production? I'd like to know if YOU are using visualization in production. What works? What doesn't? What do you need but don't have?

I'll select cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most interesting responses and integrate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m into my presentation. Feel free to comment here or email richard at taosecurity dot com. Please be sure to include an IMAGE so we can see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 visualization you are describing! Respond no later than Monday 30 August. Thank you.

Thursday, August 05, 2010

Review of Wireshark Network Analysis Posted

Amazon.com just published my five star review of Wireshark Network Analysis by Laura Chappell. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

Wireshark Network Analysis (WNA) is a very practical, thorough, comprehensive introduction to Wireshark, written in an engaging style and produced in a professional manner. WNA provides a variety of methods for teaching network analysis with Wireshark, including description, screen shots, user-supplied case studies, review questions (with answers), "practice what you've learned" sections, and dozens of network traces (available online). Readers who approach cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book as more of a class in printed (text) and electronic (trace file) forms will likely understand cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 higher-than-normal price tag. Anyone trying to learn how to use Wireshark, including basic protocol analysis, will greatly benefit by reading WNA.

Wednesday, August 04, 2010

Hexcompare and Finding New Tools

Last week while teaching at Black Hat, one of my students wanted to know how I find new tools. One of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ways I do that is to subscribe to FreshPorts, a site created by Dan Langille. FreshPorts tracks additions to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 FreeBSD ports tree, so when someone makes it easy for me to run a new app on FreeBSD I find out. Every week I get an email of new additions to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 tree, and I take a quick look to see if any catch my interest.

For example, last week I saw a new port called devel/hexcompare. I visited cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Sourceforge project page and decided to try it. Since I was using an Ubuntu desktop I tried to install cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new app using apt-get, but it wasn't available yet. I could have turned to a FreeBSD system, but instead I decided Hexcompare was probably simple enough to compile by hand. It turns out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 app was really simple, and I got it running quickly.

The screen shot at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 top shows cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 differences in a binary pcap file identified by Hexcompare. Basically I edited a few bytes in a single packet pcap. You can see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 changes in red.

Conti and Easterly on Cyber Warriors

Thanks to Lieutenant Colonel Gregory Conti and Lieutenant Colonel Jen Easterly for pointing me to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir article Recruiting, Development, and Retention of Cyber Warriors Despite an Inhospitable Culture. They are doing a real service by examining cultural issues challenging cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 success of a Cyber Command.

I'd like to provide a few excerpts:

Until cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 20th Century combat arms expertise ruled cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 day, but in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 21st Century kinetic combat arms soldiers must learn to co-exist, cooperate, and coordinate with non-kinetic cyber warriors...

[E]xperience gained to date in building cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Army Network Warfare Battalion (ANWB) overwhelmingly points to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 critical need for a career path to effectively recruit, manage and retain cyber talent...

In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 world of cyber warfare, experts such as Mr. Kaminksy are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 “Chesty Pullers” of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 21st Century...

The problem often lies not in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 talent or desire of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se individuals, but in inflexible military human resource systems...

A big question is when to allow personnel to join a cyber warfare force. Should this occur immediately upon joining cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 service, or at a later point, after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 individual has had operational, possibly even combat, experience. We believe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 cyber force would be best enriched by allowing both options...

Regardless of entry point, though, care should be taken to select only those with a true passion and capacity for cyber warfare, not those with careerist or ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r ambitions. Under no circumstances should an individual be forced into a cyber warfare assignment. To fall into any of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se traps will certainly create an unhealthy work environment that encourages talent to leave and undermines mission accomplishment...

Cyber Command must take advantage of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 prior experience of incoming personnel, and link it closely with cyber-related career fields racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r than cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 current haphazard approach that wastes years of academic preparation. In addition, we should identify talent as early as possible and track cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir careers, reaching out to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m at an appropriate time...

We cannot build a professional cyber warfare force without viable cyber warfare career fields within each service. Recreating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 current model that rotates personnel into and out of cyber assignments is insufficient. It drains training resources, induces skillset atrophy and encourages cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 departure of our best and brightest. For many specialists, an assignment away from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir skill area is reason enough to leave cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 force...

We will know we have succeeded when we have General Officers, Sergeants Major, Senior Warrant Officers, Master Chiefs, and Chief Master Sergeants that are products of a pure cyber warfare career.


All of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 above speaks to my experience, directly. What do you think?

August 2010 Digital Forensics Magazine Published

The August 2010 issue of Digital Forensics Magazine is available for subscribers. There's a variety of interesting articles and you can tell cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 additional care provided as a result of charging a subscription. Rob Lee wrote a good article on Becoming a Digital Forensics Professional, as well.

July 2010 Hakin9 Magazine Published

The August 2010 Hakin9 magazine is available for free download in .pdf format. I think cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are publishing shorter magazines, but more frequently? I always like Matt Jonkman's articles. He mentions creating a new commercial IDS ruleset, which he announced in late June in Emerging Threats Announces Call for Developers to Create New and Improved Rule Set. I missed it until now however.

Tuesday, August 03, 2010

Project Vigilant Is a Publicity Stunt

I think "Project Vigilant" is largely a publicity stunt, meaning it was just invented and it's so-called "history" is an extension of someone's imagination. As we say on my team, "This ain't my first rodeo." In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r words, I've been around for a while. While I recognize some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "principals" in this "group," I've never heard of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m organized into a "project" -- certainly not with over 500 stealthy members!

I'm going to link to a few articles and offer my opinions on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 content.

First we have cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 21 June article Secret group aids fight against terror by Mark Albertson:

For cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 past 14 years, a significant volunteer group of U.S. citizens has been operating in near total secrecy to monitor and report illegal or potentially harmful activity on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Web.

14 years? Please. If cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y have been active for 14 years, why does no one I've asked know who cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se guys are?

The group claims over 500 current members, although cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir names and identities are still mostly secret. Their members comprise some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most knowledgeable experts in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 field of information security today and include current employees of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 U.S. government, law enforcement and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 military.

Over 500 members? And cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y've been able to keep such good OPSEC that no one knows who cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are?

And if you want to work for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m, don’t bocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r to ask. If cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y’re interested in you, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y’ll find a way to get in touch.

Convenient!

Finding information about Project Vigilant is not easy. They have a public webpage that reveals little information about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 group.


$ whois projectvigilant.us
Domain Name: PROJECTVIGILANT.US
Domain ID: D22426525-US
Sponsoring Registrar: WILD WEST DOMAINS, INC.
Registrar URL (registration services): www.wildwestdomains.com
Domain Status: clientDeleteProhibited
Domain Status: clientRenewProhibited
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Registrant ID: CR18275784
Registrant Name: Steven Ruhe
Registrant Organization: BBHC Global LLC
Registrant Address1: 4828 North Kings Highway
Registrant Address2: #126
Registrant City: Fort Pierce
Registrant State/Province: Florida
Registrant Postal Code: 34951
Registrant Country: United States
Registrant Country Code: US
Registrant Phone Number: +1.7723326988
Registrant Facsimile Number: +1.8667288650
Registrant Email: steven.ruhe@bbhc-global.com
Registrant Application Purpose: P1
Registrant Nexus Category: C11
Administrative Contact ID: CR18275787
Administrative Contact Name: Steven Ruhe
Administrative Contact Organization: BBHC Global LLC
Administrative Contact Address1: 4828 North Kings Highway
Administrative Contact Address2: #126
Administrative Contact City: Fort Pierce
Administrative Contact State/Province: Florida
Administrative Contact Postal Code: 34951
Administrative Contact Country: United States
Administrative Contact Country Code: US
Administrative Contact Phone Number: +1.7723326988
Administrative Contact Facsimile Number: +1.8667288650
Administrative Contact Email: steven.ruhe@bbhc-global.com
Administrative Application Purpose: P1
Administrative Nexus Category: C11
Billing Contact ID: CR18275789
Billing Contact Name: Steven Ruhe
Billing Contact Organization: BBHC Global LLC
Billing Contact Address1: 4828 North Kings Highway
Billing Contact Address2: #126
Billing Contact City: Fort Pierce
Billing Contact State/Province: Florida
Billing Contact Postal Code: 34951
Billing Contact Country: United States
Billing Contact Country Code: US
Billing Contact Phone Number: +1.7723326988
Billing Contact Facsimile Number: +1.8667288650
Billing Contact Email: steven.ruhe@bbhc-global.com
Billing Application Purpose: P1
Billing Nexus Category: C11
Technical Contact ID: CR18275785
Technical Contact Name: Steven Ruhe
Technical Contact Organization: BBHC Global LLC
Technical Contact Address1: 4828 North Kings Highway
Technical Contact Address2: #126
Technical Contact City: Fort Pierce
Technical Contact State/Province: Florida
Technical Contact Postal Code: 34951
Technical Contact Country: United States
Technical Contact Country Code: US
Technical Contact Phone Number: +1.7723326988
Technical Contact Facsimile Number: +1.8667288650
Technical Contact Email: steven.ruhe@bbhc-global.com
Technical Application Purpose: P1
Technical Nexus Category: C11
Name Server: NS57.DOMAINCONTROL.COM
Name Server: NS58.DOMAINCONTROL.COM
Created by Registrar: WILD WEST DOMAINS, INC.
Last Updated by Registrar: WILD WEST DOMAINS, INC.
Domain Registration Date: Mon Sep 21 23:36:10 GMT 2009
Domain Expiration Date: Tue Sep 20 23:59:59 GMT 2011
Domain Last Updated Date: Sat Jul 10 10:11:21 GMT 2010

Looks like cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y registered cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir Web site last September.

The group’s collaboration with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 U.S. Government is handled through anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r highly secure web portal which supports protected email, chat and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r features.

The article links to https://cybercop.esportals.com/ which is a link from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 main Infragard site (once you log in). The main Infragard site is hosted elsewhere -- I have a login to that since I am an Infragard member.

Project Vigilant is funded by BBHC Global, an information security firm based in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Midwest, and private donations. Uber’s boss is Steven Ruhe, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Managing Member of BBHC Global. “I’ve always been a small town guy with big dreams, “ said Ruhe who was born and raised in Nebraska and sells Amway products on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 side.


$ whois bbhc-global.com

Whois Server Version 2.0

Domain names in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Domain Name: BBHC-GLOBAL.COM
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Name Server: NS25.DOMAINCONTROL.COM
Name Server: NS26.DOMAINCONTROL.COM
Status: clientDeleteProhibited
Status: clientRenewProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 28-mar-2010
Creation Date: 02-apr-2009
Expiration Date: 02-apr-2011
...edited...
Registrant:
BBHC Global LLC
5817 Sunberry Circle
Fort Pierce, Florida 34951
United States

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: BBHC-GLOBAL.COM
Created on: 02-Apr-09
Expires on: 02-Apr-11
Last Updated on: 28-Mar-10

Administrative Contact:
Ruhe, Steven chet.uber@mac.com
BBHC Global LLC
5817 Sunberry Circle
Fort Pierce, Florida 34951
United States
+1.7729401858 Fax -- +1.8667288650

Technical Contact:
Ruhe, Steven chet.uber@mac.com
BBHC Global LLC
5817 Sunberry Circle
Fort Pierce, Florida 34951
United States
+1.7729401858 Fax -- +1.8667288650

Domain servers in listed order:
NS25.DOMAINCONTROL.COM
NS26.DOMAINCONTROL.COM

"BBHC Global" was just registered last April. Netcraft doesn't report seeing www.bbhc-global.com until June 2009.

Let's check out "Steve Ruhe." His LinkedIn profile says:

Steven Ruhe
Owner, T.G.B.S Construction, Managing Member - BBHC Global
Lincoln, Nebraska Area

Owner
Steven
Construction industry
January 2004 – Present (6 years 8 months)
I've wanted to be a business owner for as long as I can remember...
I work for me I build my dreams, work for someone else build cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re dreams.

This guy is "funding" this "project"?

So why is this group coming "out of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 shadows?"

The group is looking to grow from its current level of 500 volunteers to upwards of 1600. Uber said that he will be recruiting experts in calculus and linguistics in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 months ahead.

Each potential member of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 group must go through a rigorous vetting process that culminates in an oath to defend cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Constitution of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 United States. “We tell our candidates that we have secrets and you have to keep cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m,” said Uber.

For every 12 potential new members under consideration to join cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 group, only 3 will ultimately be selected.


Good luck with that. I can't wait to see who applies.

The next major article is Big names help run Project Vigilant, on 22 June, again by Mark Albertson:

It’s tempting to look at a secret group of cybercrime “monitors” and dismiss cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m as a group of lightweights trying to play cops and robbers in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet world. Nothing could be farcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 truth...

Take Mark Rasch, Project Vigilant’s General Counsel... Chet Uber, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 group’s current director, is a founding member of InfraGard (a partnership between cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 FBI and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 private sector) and a longtime participant in AFCEA (Armed Forces Communications and Electronics Association)... One of Uber’s top lieutenants is Kevin Manson... George Johnson is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second in command for Project Vigilant... Anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r recent addition to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 group is Ira Winkler... Suzanne Gorman, one of Project Vigilant’s top leaders, is a former security chief for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 New York Stock Exchange...


So how many of those names do you recgonize? I know Rasch and Winkler, and I've asked ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs who know Manson. Chet Uber? AFCEA membership? Wow. Anyone can join AFCEA.

The last major article on this "group" is Stealthy Government Contractor Monitors U.S. Internet Providers, Worked With Wikileaks Informant by Andy Greenberg:

A semi-secret government contractor that calls itself Project Vigilant surfaced at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Defcon security conference Sunday with a series of revelations: that it monitors cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 traffic of 12 regional Internet service providers, hands much of that information to federal agencies, and encouraged one of its "volunteers," researcher Adrian Lamo, to inform cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 federal government about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 alleged source of a controversial video of civilian deaths in Iraq leaked to whistle-blower site Wikileaks in April.

This is where I expect some real trouble. How do you feel about an ISP handing data to some group, who cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n sends it to "federal agencies"?

According to [Chet] Uber, one of Project Vigilant's manifold methods for gacá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ring intelligence includes collecting information from a dozen regional U.S. Internet service providers (ISPs). Uber declined to name those ISPs, but said that because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 companies included a provision allowing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m to share users' Internet activities with third parties in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir end user license agreements (EULAs), Vigilant was able to legally gacá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r data from those Internet carriers and use it to craft reports for federal agencies. A Vigilant press release says that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 organization tracks more than 250 million IP addresses a day and can "develop portfolios on any name, screen name or IP address."

"We don't do anything illegal," says Uber. "If an ISP has a EULA to let us monitor traffic, we can work with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. If cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y don't, we can't."

And whecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r that massive data gacá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ring violates privacy? The organization says it never looks at personally identifying information, though just how it defines that information isn't clear, nor is how it scrubs its data mining for sensitive details.


The group doesn't look at PII, yet it develops "portfolios on any name, screen name or IP address"? I think it's time for some grown-ups to check out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se guys. I don't think cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir activities will make those ISP's customers happy.

My guess is that Chet and friends are trying to jump-start a security company, so cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y make a big splash at Def Con and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n try to hire a few people. What does anyone else think?