You are currently browsing the tag archive for the ‘free’ tag.
Well, I’ve been waiting awhile to be able to write this (see future post). Finally, I can:
It’s always interesting dealing with the somewhat schizophrenic nature of government messaging. While I understand the constraints, the risks, and the realities of trying to run a free-for-the-private sector service that actually DOES something in the government, it was always a little disheartening to hear (or read) people suggest that the government wasn’t doing anything for some of our cyber security problems, that it didnt have the services available, or “Well, I heard DHS started ICS-CERT, but I think they shut it down?” And, with the media so often just not getting it – and people so often not doing basic research – this happened more frequently than it should. So, now that I’m in the role of customer here (and not on the floor there), I can finally say:
If you’re an asset owner, a vendor, a service provider, a customer, or otherwise a stakeholder in private sector or government critical infrastructure / key resources, you should be aware of CSSP and ICS-CERT (ICS-CERT has been functioning, in its current form, since earlier this year).
To start with: The Control Systems Security Program (CSSP) is an offering out of Homeland Security which:
“attempts to…reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local, and tribal governments, as well as industrial control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber attack against critical infrastructure control systems through risk-mitigation activities.”
This includes providing a FREE cyber security assessment tool, onsite assessment visits, and the well-run Industrial Control Systems Joint Working Group (ICSJWG) and its associated conferences. CSSP also provides a variety of free-training in Control Systems Security, both locally in DC as well as, for it’s hands-on Red/Blue Team training, in Idaho Falls.
Then, providing a tactical operational arm to the more strategic CSSP, ICS-CERT is a fully functioning free CERT service for your CIKR organizations. ICS-CERT will, as part of its mission:
- Provide onsite fly-away technical incident response
- Perform digital media analysis on media potentially affected by an incident
- Coordinate the responsible release of vulnerabilities (involving third party researchers, vendors, etc.)
- Provide timely situational awareness
- Coordinate national response, via its seats in the National Cybersecurity Communications and Integration Center (NCCIC), with US-CERT, NCC, Law Enforcement, and other organizations.
All you have to do, basically, is ask. They’ve assisted, during my tenure, quite a few organizations – large and small – and continue to do so.
(Importantly, ICS-CERT has neither a law-enforcement NOR a regulatory function. Their mission is to assist you in defending yourselves and responding to incidents. Your data is, and remains, yours, in any interaction with them. )
And you thought the government doesn’t do anything for cyber security :)
To contact ICS-CERT:
- Call the ICS-CERT Watch Floor: 1-877-776-7585
- Email regarding ICS related cyber activity: email@example.com
Their website is: http://ics-cert.org
I’ve created a google code page for it HERE.
You can grab a stand alone zip of the source/project HERE.
(I’ve never used SVN before, so what’s up at the google code page might periodically be fubared, so you might want to start with the zip)
Feel free to download, comment, and please -contribute-. This was my first Objective-C app and first Xcode project, so if it’s a mess…well…deal or help? :)
Just remember the google code page if you want to post some updates or questions.
I’ve also made some haphazard notes to help people understand the code:
The aquireData class handles reading the tcpdump text file. It uses Core Data to store the data. If I had to do it over, I wouldn’t have used Core Data…but it is what it is. You can find the data model by double-clicking pkviz_DataModel under the Models folder in the project in Xcode.
pkGraphView is a subclass of NSView that I use to handle the layers, which are done in Core Animation (easy enough to understand). The view has a delegate function (drawLayer) which I handle in the layerDelegate class to deal with drawing the paths for each layer.
Everything else is handled by transformData – it’s pretty much my controller.
the Load button tells aquireData to parse tcpdump and store in a core data context
The launch button kicks off transform data, which pulls in the data from the core data context, sticks it into an array, launches a thread to pop out individual packets, and then tells the view when it’s read to display another packet. Everything else stops, starts, adjusts the current packet referenced, or aids this animation loop process.
The main array of packets in transformData is bytepakposSet. It is an array of packet arrays. packet arrays contain arrays of bytes with 2 values in them: bytevalue, and byteposition
so, if you wanted to access the third packet in bytepakposSet and see what the byte value of the first byte stored is, you’d do:
[[[[bytepakposSet objectAtIndex:2] objectAtIndex:0] objectAtIndex:0] intValue];
if you wanted to get the byte value and position returned in an array:
[[bytepakposSet objectAtIndex:2] objectAtIndex:0]
Core Data doesnt return objects in order, so you dont know ahead of time what order the bytes are in the packet, youll have to sort them by position in packet first. You can find position:
[[[[bytepakposSet objectAtIndex:2] objectAtIndex:0] objectAtIndex:1] intValue];
As promised in the previous post, here are demo videos of my three new Quartz Composer Webcam Audio Visualizer compositions. I’m being a bit silly in them, but that’s because I dont have an external webcam or anything else more artistic to point it at tonight. In the future, I might do a real non-demo piece of art with one or more of these. No promises, though. Next post will be about security, though, I swear. :)
Well, the HacDC Hacker’s Lounge event/party got canceled – which was too bad. However, I did write some valuable code and make some pretty cool looking new compositions. The code isn’t ready for release, but I did put up the compositions and they’re available for free download here: https://sintixerr.wordpress.com/quartz-composer-downloads/
I don’t have video for them yet (maaaybe later today), so you’ll just have to try them out for yourself. I actually like all three of these much more than the original.
Remember, OS X / Quartz Composer only.
( Hmm. I guess I should write a viewer for these so you don’t need Quartz. Many projects, little time, but we’ll see… )
Whew. I can relax.
For the past 2-3 months, I’ve been working on my first real Objective-C project (my iphone app is still going, it just took a back seat to this): An application that will read tcpdump output and animate the packets over time using their inherent byte / packet structure
And now…it’s up and in beta-ish quality. (Meaning it works, though some error checking and minor features arent quite where I want them.)
You can download it here for free: https://sintixerr.wordpress.com/pkviz-packet-visualizer-and-animator/
See it in motion here:
This project was important to me and has been a long time coming. I’ve wanted to write a packet visualizer since I first started working with data viz 5 or so years ago at NetSec and was using Advizor. That tool cost thousands of dollars per seat, didnt really animate (at least the way I needed), and only parsed CSV or databases. The free tools – like GnuPlot, just weren’t up to the task at all.
I also wanted something that could plot out data in interesting, pretty ways for some art projects I have in mind.
So, I originally started this time around on a quest to write a short python parser for tcpdump ascii hex output to put into <some generic viz tool> just to get started…but somehow I ended up writing a full-fledged visualizer (my first GUI project ever, I might add!). The learning process was a blast – I feel like I’m a much better coder for it – and I’ll be able to extend/expand on this to use for other art and security projects that are on my plate or are coming up.
I’m pretty excited about it. To see this finished through after years of whining to myself about it, procrastinating, and genuinely not having enough time, is pretty awesome. I’ve even already created a couple of cool shots that I’m happy to call “art” (granted, there is some photoshop processing here, but they’re both true to their originals!):
Anyway, Mac Users, check out the tool and let me know what you think!
EDIT: I have some newer, better webcam audio visualizers and some utility patches available now. Click Here: https://sintixerr.wordpress.com/quartz-composer-downloads/
For all of you who have asked for this, I’ve made my Artomatic Quartz Composer based webcam audio visualizer available as a free download.(Keep in mind, this is only for Mac OS X users – Quartz isn’t portable).
You can download it here: http://jackwhitsitt.com/Artomatic09-final-whitsitt.zip
(Im calling it “WAVIQ” for short…Webcam Audio Visualizer In Quartz”…since it needs some sort of a name and I dont feel that creative about it.)
A quick overview:
The composition has two inputs – the webcam and an audio source. If you have a built in webcam, it will default to that. Likewise, if you have a built in mic (most laptops do), the composition will default to using that as your audio source. You can change these by going into the patch inspector for the Video and Audio patches and selecting “settings”. (In the case of the audi, double-click the macro patch “Audio Source” and then click on “Audio Input” to get there).
The only other settings you’ll be interested in are the Increasing Scale and Decreasing Scale parameters found in the Audio Input patch. These affect how fast the values for movement, color, etc. get bigger and how fast they get smaller. This will affect how the composition responds to different music. Also, keep in mind that in the audio settings of OS X itself, you can change the mic sensitivity. This will affect how the composition responds as well.
You can also find a basic tutorial to get you started on tweaking this in the links below.
Thats it. Drop me a line with any questions and have fun with it. If you do end up using it, I’d love to hear about it.
- Tutorial I wrote explaining the basics of how this works:
- Stop-Motion Video Example of how I’m using it at Artomatic:
- Screen-shots of my Artomatic Art Installation: