tag:blogger.com,1999:blog-85869502012-02-23T09:58:56.525+02:00Forrester on things in Information Security, Food, Photography and the universe.Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.comBlogger41125tag:blogger.com,1999:blog-8586950.post-29451704688633875592011-03-09T15:38:00.000+02:002011-03-09T15:40:31.318+02:00

As an industry we seem to be divided into two camps, those selling services and products and those consuming the products and services. Buy this, to solve that - is not a solution. Those who sell products and services only sell their product or their service without acknowledgement of alternatives, shortfalls or pitfalls. The tagline is buy this to solve that and that and that… We need a

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-54431774308684400882011-01-23T18:30:00.001+02:002011-01-23T18:30:44.200+02:00

Human Perfection, originally uploaded by jockforrester.Pic of the little one's left foot while sleeping.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-40312146433751904152011-01-23T18:19:00.001+02:002011-01-23T18:19:15.776+02:00

Under the blue sky, originally uploaded by jockforrester.Taken on Hotfire, hunting farm just outside Cathcart in the Swart Kei valley in the Eastern Cape in South Africa... Hotfire and Turnstream (farm next door) are now owned by a close friend of the family and turns out my gran was born on Turnstream.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-44631123164061213982011-01-11T09:37:00.001+02:002011-01-11T09:41:23.934+02:00

Taken in the vegetable garden where he was gaurding my basil crop.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-52336156212886245602010-11-05T18:16:00.001+02:002010-11-05T18:28:09.301+02:00

Taken on a trip to Londolozi, a private game reserve in the Kruger.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-9164097568488900532009-06-16T21:04:00.000+02:002009-06-16T21:08:09.005+02:00

Solitary Kiaat seed pod on the tree with a pine plantation in the background. Nikon D80, f8, 1/160 and -0.3ev.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-75389171017035282672009-06-16T20:54:00.000+02:002009-06-16T21:01:07.091+02:00

The cycad at home sprouted new fronds. Nikon D80, f7.1, 1/100 and 0ev.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-46205741362961758362009-06-16T20:48:00.001+02:002009-06-16T20:52:38.673+02:00

This butterfly let me get closer and closer and closer to it until it took up most of the image. Nikon D80, f8, 1/400 and -0.3ev.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-19738631825097068882009-06-07T12:44:00.000+02:002009-06-07T12:56:54.071+02:00

I took these on earth hour day (28 March 2009) while the house was lit with candles. The fish's shadows on the wall provide a fascinating allure. Taken with a Nikon D80, tripod, F7.1, 6s, -1.0ev. The black and white conversion and the original colour, to me, are both great. I can't decide which I prefer more.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-28431135202076129992009-03-31T17:53:00.006+02:002009-03-31T18:19:37.588+02:00

My quick win for searching for confirmation that a person visited a phishing is to check the Internet history of the browser(s) on the imaged workstation. I use an Encase condition to to search the url names for host names of known phishing sites. We have a comprehensive list going back to the start of Feb 2005. Start by searching for the Internet history and the email on the workstation.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-7665356466700719062009-03-15T08:53:00.005+02:002009-03-15T08:57:02.269+02:00

I am a great admirer of Google, but it doesn't even know everything. I am tired of working late hours and on the week trying to conduct a forensic analysis on a workstation and need to find out how to extract information (yes, I am a noob) and not being able to find it on the interweb.So going forward, I'll include the basic things that I find out. They will be mostly based on FTK and Encase as

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-88213396184565520012009-03-12T20:21:00.003+02:002009-04-03T07:31:52.960+02:00

I have had the opportunity to meet some some people that have fallen victim to phishing. The experience for me was some sometimes uncomfortable, difficult and an interesting exercise in marketing.Some people take the knock on the chin and will learn from the experience and be sad and hang on the glimmer of hope of getting their loss back. Others are aggressive and demand that the Bank make it

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-1682688428820863392009-02-12T10:44:00.002+02:002009-02-12T13:06:35.411+02:00

My abstract that I submitted to the 2009 IT Web Security Summit has been accepted. The title of the presentation and the abstract are below.Title: "Policy, process and mandate for a successful eCrime / eDiscovery unit in large corporates."Abstract: "Large corporate networks are filled with sources of infomration taht may be required to be successfully defend or promote the organisations position

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com1tag:blogger.com,1999:blog-8586950.post-6534112033914907272009-01-25T19:37:00.002+02:002009-01-25T20:12:23.832+02:00

I made this tonight. It is a really simple dish to make and tastes delicious. The amount of chilli I used was a bit hot for my wife, but was spot on for me.Ingredients (for 2 servings, in theory can be easily doubled):- Spaghetti for 2 - home made pasta will be a lot better - but I didn't have time to make it.- 1 tin of whole, peeled tomatoes.- 1 handful of parsley and thyme, chopped.- 2 cloves

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-25639487596166415532009-01-19T20:33:00.003+02:002009-01-24T11:20:05.631+02:00

A long time ago in a land a long way away I wrote a paper for ISSA that is titled "An Investigation into Unintentional Information Leakage through Electronic Publication". Please forgive the youthfulness of the writing, but I think that it is still relavant and should make an interesting read, specially the section on PDF's.The Banking commission made the one fatal mistake that you can make when

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-2887706269603465532009-01-17T20:12:00.002+02:002009-01-24T11:19:25.933+02:00

Caught this hallucinogenic "Laughing Jim" growing in the parents-in laws garden. For more info: Click here.

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-65773286719095434002009-01-17T18:58:00.004+02:002009-01-24T11:04:03.547+02:00

The wife and I went to Fratelli's in Blairgowrie on Thursday night for a bite to eat. I had the Pesto gnocchi and was not impressed. It was tough and fried (why, I have no idea - I didn't order potato fritters). The pesto wasn't bad though. Next time I'll have a Pesto Penne, or stick to the Pizza.Gnocchi has to be made with heart, you need to take your time, feel the dough, shape each piece and

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-23777086594038829382008-12-09T09:14:00.003+02:002008-12-09T09:52:16.701+02:00

Following on from my comment on Dom's blog, the DLP and DRM mergers are interesting and likely to cause a shakeup in the market place. Gartner have released a commentary on the merger and raise a few interesting points about the RSA / MS integration, but do have a bigger impact the space in general.In order for DLP to really work and provide a real return for the organisation, you need user buy

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-593205193876817542008-12-03T14:41:00.003+02:002008-12-03T14:56:31.750+02:00

Last weekend my wife and I had some people around in our new house for supper. We were talking yesterday about we are going to doing for Christmas Eve as we will be hosting it and the wife's family is on the large side. All in all we will be serving about 20 people a 3 course meal.Doing a roast of any sort starts being expensive, at an average of a 150g of meat person you are looking at at least

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com1tag:blogger.com,1999:blog-8586950.post-30654776541311423522008-12-03T13:18:00.004+02:002008-12-03T14:19:46.161+02:00

Last week I attended Sensepost's Cadet and Bootcamp training courses. Cadet is the introductory course and Bootcamp takes it up one notch and really makes the smoke waft out of your ears.The Sensepost mantra for the training is that is not about the technical ability, but rather the process that one follows to discover potential vulnerabilities in systems and networks. The process that one

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com1tag:blogger.com,1999:blog-8586950.post-10104514273715589182008-11-20T07:12:00.004+02:002008-11-20T07:29:49.355+02:00

How does one go about securing an application that is mission critical, continent wide, revenue earning and only designed with basic user access control in mind? That is the task that my team and I are now facing following on from the assessment mentioned in the previous post.The application uses data files managed by Pervasive SQL for content, process and transaction mapping as well as

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-50792898214880743072008-11-14T12:09:00.004+02:002008-11-14T12:31:05.138+02:00

I am currently working on a security assessment of one of the large applications in the bank due a series on incidents in the application and it is quite concerning from my side that the technical resources of the system are just looking at the people side of the solution. Different for a change, isn't it?They are saying that if the users could be trusted, then we wouldn't need to do all this. I

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-9833070273284099072008-11-04T07:32:00.000+02:002008-11-04T07:33:21.591+02:00

NIST have released their Technical Guide to Information Security Testing and Assessment (SP 800-115). The document outlines at a high level what an assessment program should contain and the various facets thereof. It is extremely important for every assessment to include the classic powerpoint extension of any solution, People, Process and Technology (PPT).The guide is not technical (for techies

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-44426932700759119192008-10-27T07:33:00.004+02:002009-01-17T18:15:35.559+02:00

I have moved into the Information Security Department of my Bank as an Information Security Analyst. Hooray, I can feel my shoulders relaxing already!

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0tag:blogger.com,1999:blog-8586950.post-27527790262588034412008-09-13T19:15:00.003+02:002008-10-17T08:24:59.767+02:00

There is a suburb in Durban called Kloof. It is the Afrikaans word for cliff but it is pronounced cloof and not at all like the Afrikaans pronounciation.In fact a few years ago I stayed with a good friend of mine at his inlaws in Kloof and on a supply run to the local Spar we were calling it by its Afrikaans name and the locals were starting to organise a lynching party.The wine is quite nice,

Jock Forresterhttp://www.blogger.com/profile/17907548050338335315noreply@blogger.com0