Personal Disaster Recovery
As an Internet Storm Center volunteer incident handler it is reasonable to think that each of us handlers are capable of managing and disseminating information regarding potentially widespread issues, even those that might involve varying scales of network outages. Additionally, we as security professionals (and I'm assuming that *we are* security professionals) many of us very likely have some direct involvement in business resumption and/or disaster recovery procedures. You may even have been involved in the creation of such documents.
I however, have suffered a personal failure in light of any of my past achievements involving disaster recovery planning. On Sunday March 19th at approximately 1pm EST, I *myself* while turning over topsoil in the backyard somehow managed to cut my TV/cable line. I realized this only hours later when after finishing my yard work attempted to check out CNN (*cartoons*), and was met by visual snow and white noise. I quickly came to grips with the fact that I had cut my cable line, but was followed momentarily by the horror of realizing that my broadband was dead as well! Mr. Connectivity (*me*), was also on tap to start a handler shift a short while later at 7pm EST. *I DID try to find both ends of the cable, but could find only one*
It gets better. Standard practice for handlers that are unable to start a shift on time have agreed to make group notification so that someone who is available could possibly stand in and help out. Guess what. All of my handler documentation was either online or on a remote machine including contact numbers, email addresses, etc... Yes, I did feel like an idiot at this point, and I still do. On top of it all, my growing dependance on broadband has made me grow stupid enough to get rid of all modems from my hardware closet so I no longer had the option to go dial-up at this point. I'll tell you what, it get's complicated to find the trouble reporting contact number for your cable provider when your first instinct is to hit their website. Doh! Not wanting to start racking up 411/Information service charges using my cell phone, I called a trusted friend to do some browsing for me to get me some of the phone numbers I needed. Yes, It's hard to believe but I do in fact have friends.
I'm making this a point of action for myself to build my own hard copy package of detail that will cover all aspects of my personal life to include not only my security geek-life, but my financial (banking/bills), medical and any other important facet that I cannot immediately think of while typing this.
If you *reader* to some degree, potentially catastrophic or otherwise, lost access to your computer(s), data, broadband, phone line, cell service, important documents would you be able to quickly get along in your daily life? Take a moment to consider how personally vulnerable you or your business is to issues of connectivity, and put together your own package of critical information that will prevent you from stumbling from some unforeseen or stupid accident (or both). I'll see about publishing more detail regarding recommended personal information that would be wise to maintain physically on hand.
My broadband is still down. :(
William 'Connectivity' Salusky
Handler on duty (heh heh)
I however, have suffered a personal failure in light of any of my past achievements involving disaster recovery planning. On Sunday March 19th at approximately 1pm EST, I *myself* while turning over topsoil in the backyard somehow managed to cut my TV/cable line. I realized this only hours later when after finishing my yard work attempted to check out CNN (*cartoons*), and was met by visual snow and white noise. I quickly came to grips with the fact that I had cut my cable line, but was followed momentarily by the horror of realizing that my broadband was dead as well! Mr. Connectivity (*me*), was also on tap to start a handler shift a short while later at 7pm EST. *I DID try to find both ends of the cable, but could find only one*
It gets better. Standard practice for handlers that are unable to start a shift on time have agreed to make group notification so that someone who is available could possibly stand in and help out. Guess what. All of my handler documentation was either online or on a remote machine including contact numbers, email addresses, etc... Yes, I did feel like an idiot at this point, and I still do. On top of it all, my growing dependance on broadband has made me grow stupid enough to get rid of all modems from my hardware closet so I no longer had the option to go dial-up at this point. I'll tell you what, it get's complicated to find the trouble reporting contact number for your cable provider when your first instinct is to hit their website. Doh! Not wanting to start racking up 411/Information service charges using my cell phone, I called a trusted friend to do some browsing for me to get me some of the phone numbers I needed. Yes, It's hard to believe but I do in fact have friends.
I'm making this a point of action for myself to build my own hard copy package of detail that will cover all aspects of my personal life to include not only my security geek-life, but my financial (banking/bills), medical and any other important facet that I cannot immediately think of while typing this.
If you *reader* to some degree, potentially catastrophic or otherwise, lost access to your computer(s), data, broadband, phone line, cell service, important documents would you be able to quickly get along in your daily life? Take a moment to consider how personally vulnerable you or your business is to issues of connectivity, and put together your own package of critical information that will prevent you from stumbling from some unforeseen or stupid accident (or both). I'll see about publishing more detail regarding recommended personal information that would be wise to maintain physically on hand.
My broadband is still down. :(
William 'Connectivity' Salusky
Handler on duty (heh heh)
Keywords:
0 comment(s)
Malware sample submissions to Microsoft
I wish I could remember the original source, but I was reminded again today that Microsoft is accepting malware samples via two distinct email aliases. (Since writing this Silverstr's blog at http://silverstr.ufies.org/blog/ was pointed out to me)
If you encounter some nastiness that you'd like to see Microsoft include in their monthly MRT updates send email to the following Microsoft email addresses depending on sample type, *Correction* and please use the AV industry standard password for malware samples of 'infected' to protect a zip or rar file containing your submitted sample.
William Salusky
Handler on duty ;)
If you encounter some nastiness that you'd like to see Microsoft include in their monthly MRT updates send email to the following Microsoft email addresses depending on sample type, *Correction* and please use the AV industry standard password for malware samples of 'infected' to protect a zip or rar file containing your submitted sample.
avsubmit@submit.microsoft.com with Virus/Worm/Trojan/Bot samples.
windefend@submit.microsoft.com with Spyware samples.
windefend@submit.microsoft.com with Spyware samples.
Handler on duty ;)
Keywords:
0 comment(s)
×
Diary Archives
Comments