I realized that I have a few presentations but don’t have them linked on my site. I’m a bad webmaster.

Live Fire data breach incident drill – Constance Snelling and Bryan Murphy
Lansing ISSA Chapter
November 19, 2020

This session walked through the actions taken by various parties throughout a company during a ‘Live Fire’ data breach incident drill. In this drill, a threat intelligence vendor notified the Company’s Threat Intelligence department, through established communication lines, that customer data was for sale on the Dark Web.

Account Take Over (ATO) Threat Actor: Tactics, Techniques, Communications, and Underground Culture
January 9, 2019

Account Take Over (ATO) has become a large attack vector and many infosec professionals find themselves plunged into this unfamiliar world. One day you are working malware, IDS alerts, and employee misuse, as you always have. Suddenly you are in a world of financial fraud, tracking digital transactions, listening to phone calls and model threat actor TTPs. This presentation talks about the problem of ATO, how an organization can prepare themselves to deal with the issue, and most importantly, how the underground works. This will include how fraudsters communicate, tools of their trade and, how they monetize and launder their money. A good time will be had by all. No punch or pie will be provided.

The Semi-Coherent Ramblings of an Over-the-hill Incident Response and Forensics Guy
February 14, 2018

An InfoSec/IR veteran passes on valuable lessons, learned over the course of long and exciting career. The diversity of my work has lead to some interesting situations. From universities to defense; financial services to web hosting. Chances are I have seen it and learned something worth passing on about it. I will try to keep the ramblings as coherent as possible, but can’t make any promises on limiting the number of memes.

Unbiased Corona Virus (COVID-19) Resources

Some of my observations have compelled me to make this post. The bottom line is that the American media is failing us on COVID-19 coverage because it can’t get past partisanship.

The right-wing media is trying to tell you that it’s all been blown out of proportion and there is nothing to worry. The left-wing media is fixated on how severely Trump has failed/is failing at his handling of this pandemic. Neither is helpful.

The solution is to arm yourself with as much information as you can and form your own opinions.

I created a bookmark folder called COVID-19 and stuck these links in it. Now I just right-click -> open all in new tabs and read all of the sources.

These are some of the better links.

Real Resources:… (Johns Hopkins Multi-Source map)…/diseases/novel-coronavirus-2019…/novel-coronavirus-…/situation-reports/ (W.H.O SITREPs)

National Mainstream Media:
These are biased, but if you remember that when consuming their news you should be okay. Don’t just read the sources with views that politically align with yours. It’s important to know how others are thinking about this to better understand their behavior and prepare yourself.…/coronavirus-outbreak-03-16…/index.html…/he…/infectious-disease/coronavirus


Be sure to bookmark your state’s web site as well as local government and local channels news.

New layout

My friend, Andrew, will be assisting me with the new design and layout.  He was my partner in crime in the creation of metaguard, membrane and metazoa.

He said that he will begin work on during the Thanksgiving break.  Although it just occurred to me that he lives in Canada.  I didn’t realize that people from Canadia [sic] celebrated Thanksgiving. 🙂

Guardian Linux

Guardian Linux is realy starting to shape up. I have a development server that I am building it on right now. The foundation exists and is stable, I am now simply writing a bunch of custom tools and wrappers and tweaking the functionality to match that of OpenBSD.
Prepare for proactivley secure linux! 🙂

Feds may turn to bounty hunters to catch spammers

I just read an article that states the Federal Trade Commision is currently involved in a 9 month evaluation of a system that allows for “bounty hunters” to track down spammers and receive 20% of the fines they have to pay if a conviction is achieved.

This to me sounds like the best way to get kill all spam.  Its a hard process to track a spammer down but no one has ever been motivated enough, IMO.  What do you get out of it?  Nothing.  The authorities who you report the spammer to (even with all the homework you did tracking them down) doesnt even get you a “we got the guy, thanks for your help”, it gets you a “We will investigate” and than you never hear back again.  The same goes for hackers.  You will never hear back from an ISP, or Law Enforcement on what they did with the info you suplied.

I feel as if all ruleing orginizations in this country have completly abondoned the people they serve and are all about serving themselvs now.

Im jaded and cynical, but I got that way for a reason.


Heh, I 'm still working on my own linux distro.  Its going nicely, however… I found an alternative to making my own control panel for hosting.  I find a product that I can finaly put my stamp of aproval on.

Very nice product based on PHP/MySQL.  From all of my initial security audits on the demo they have up… its tight.  Its interface is great and it just works.  This is FAR more than I can say about cPanel.

I 'm wondering if something similar may happen with linux.  Maybe I just havnt found a distro I like yet. (shrug).  Out of all of the current distros my favorites are Debian, Gentoo-Hardened and Suse.  But none of them seem to fit my needs exactly; so Guardian Linux will continue as planned.


I was watching the wings game tonight and thinking “man it would be cool to play hockey”.  But that will never happen with me. reason: I can 't scate.  But then I got to thinking…. you could probably use the stick for stabilization.  If you start to fall just put all of your upper body weight onto the stick and spread your legs… you tri-pod and can 't fall.

Maybe I just had to much wine. 🙂


Last night Gryphn and I spent a long time setting up an OS on her new server.  We attempted a bunch of different ones failing to get the Perc3 to work with a few of the distros.  I finaly downloaded the Suse FTP Boot Iso from and installed it.  Its a very well developed, solid, easy and stable OS.  It reminded me alot of a less buggy redhat.  I sware I saw some SELinux bits as well as chroot stuff.  I guess (according to the suse site) that they have a pretty good firewalling system.  I have yet to play with it. 

I 'll let everyone know how it goes.