J Wolfgang Goerlich's thoughts on Information Security
Out and About: Storage Networking World 2011

By wolfgang. 26 February 2011 22:11

I will be out at the Storage Networking World Conference on April 5 thru 7. On Wednesday, I am holding a session in the Business Continuity/Data Protection track. The topic is Disaster Recovery Metrics: Beyond RTO and RPO. Hope to see you there.


Business Continuity | Out and About

Project management beyond scope, budget, time

By wolfgang. 26 February 2011 07:42

I was asked: "To me Project Management is about scope, budget, and timing. You nail those three things (and I always do) and the rest is?"


The golden triangle of project management (scope, budget, time) has never changed. I still have a copy of the book my father gave to me years back that drives home the importance of these three. It was written by Ford and Detroit Art Services back in the 1980s and was the go-to manual on PM.


In the twenty or thirty years of project management practice since that book was created, the stark reality set in about the customer. We can have perfect project (to scope, under budget, shipped early) that fails to deliver what the customer actually wants. The PM is completely satisfied. The customer is the complete opposite.


Today project management practice includes things like managing stakeholders, communications, and HR. Because projects do not exist in a vacuum, it also includes integration and procurement. The result is deliverables that (hopefully) better meet the customer needs and are sustainable.

Being on time and on budget is akin to showing up. It is the prerequisite to success, not the guarantee.



Project Management

Egypt up, Libya down

By wolfgang. 18 February 2011 14:03

Egypt has rejoined the Internet. But now the Libyan government has followed Egypt’s lead, and went dark. In Egypt’s case, it was DNS outages followed by physical disconnects. In Libya’s case, BGP is being used. In both, protests are being used as an excuse to unplug Internet access.


Security Information Management

DNS Intel with Dig in Cygwin

By wolfgang. 6 February 2011 09:34

Dig, short for domain information groper, is a simple command line utility often used for network reconnaissance.

Dig can be installed under Net -> bind (update: bind-utils) in Cygwin. Dig will use the default DNS settings (check ipconfig /all.) Once installed, if you want to hardcode the dig to a specific DNS server, launch Cygwin and create a resolv.conf file.

$ cat > /etc/resolv.conf
nameserver <your IPv4 address here>

Ctrl-Z and you are good to go. Dig can then be used for intel on a particular domain. For example, the website, mail servers, and DNS name servers.

$ dig www.jwgoerlich.us
$ dig www.jwgoerlich.us MX
$ dig www.jwgoerlich.us NS

Another option is attempting to do a zone transfer, either full (AXFR) or incremental (IXFR).

$ dig www.jwgoerlich.us AXFR
$ dig www.jwgoerlich.us IXFR

Transfers will create a full copy of all the records in the DNS domain. Typically, this command is used simply to validate that zone transfers have been disabled.

That is dig in Cygwin, in a nutshell.


Security | Systems Engineering

    Log in