hehe...i have to agree with Evans on that one....he answered your question and even added that he would hire you.... :-) On Thu, Oct 22, 2009 at 3:45 PM, Evans Ikua <ikua.evans@gmail.com> wrote:
Chuks you are taking this discussion round in circles. Walubengo has just cleared that. Ikua
On Thu, Oct 22, 2009 at 3:16 PM, Gichuki John Chuksjonia < chuksjonia@gmail.com> wrote:
@Walu, So in short, should CISAs be taking Security Assessment Jobs?
On 10/22/09, Walubengo J <jwalu@yahoo.com> wrote:
@./Chuks
I hear you...however I must still repeat that CISAs are by design NOT Penetration Testers. So it is harsh to judge their relevance based on their failure to execute a PenTest.
Just to repeat, CISAs evaluate and focus on the big picture of the Security ecosystem - i.e the relationship between People, Processes and Systems that is necessary to provide assurance that risk is mitigated. And taking your Penetration test example further, indeed you may have exposed and sealed the loophole in the Webserver (if your focus being ONLY on "Systems") but if the "People" and the "Process" aspects are weak, your superior technical solutions may still fail to address the overall Security objectives.
That said, if I was a CISA and had that Audit job that required Penetration testing, I would have definitely hired you ;-)
walu. --- On Thu, 10/22/09, Preston <podera@k90ea.com> wrote:
From: Preston <podera@k90ea.com> Subject: Re: [Skunkworks] AUDIT OF IT To: "Skunkworks Forum" <skunkworks@lists.my.co.ke> Date: Thursday, October 22, 2009, 12:32 AM
Hi All
CISSP is for Security Professional just like CISM is for Security Manager. Let us think of MBA or Bsc and then we will know how deep we can go with the discussion.
Preston
--- On Wed, 10/21/09, Gichuki John Chuksjonia <chuksjonia@gmail.com> wrote:
From: Gichuki John Chuksjonia <chuksjonia@gmail.com> Subject: Re: [Skunkworks] AUDIT OF IT To: "Skunkworks Forum" <skunkworks@lists.my.co.ke> Date: Wednesday, October 21, 2009, 12:01 PM Personally i think a CISSP is much more better than a CISA, since he see things the technical way and also Managerial way. The other day in Ghana some CISA guys were doing security audit and they were asking for files in a SUSE server that never exist. I don't know where they heard that from, and as far as as am concerned, such info can be Googled.
So such audits depends on what the customer wants and how knowing he is, coz if you are concerned about something you will need it done. So Audit Policies should always have a questionnaires when picking up Security Vendors which helps to narrow down to the right auditing firm.
The other day i was doing a penetration testing for a client who have a set of servers with one Portal on the bonder. A big company had done a pentest a month before but they client wasn't satisfied, so he needed a real penetration test. So amazingly there was a plugin in the webserver that gave me way to root since it had a sql injection on it though blind. so i blindly uploaded code that would run arbitrary commands and soon i had a bindshell. One thing a pentester would do is try all means to get root, and see if he can read history of all the users. So one thing i noticed is that if these guys had a good security admin like they had specified, they should have seen that Apache tried to bind and was already a privileged user. Secondly the security administrator should have seen that guys miss to write their passwords when sshing and leaving them in their history.
What amazed me was that this Company that had done the audit before was a well proclaimed companies that was assigned with this same task and failed to deliver. They have CISAs, CISSPs, CEHs, proffessionals but Risk Part of the Assessment wasn't done.
So the question is, are the these Auditors just doing it for the money, or just having so much fun leaving Gaping holes for the clients, or is it that they just don't know what they are supposed to look for?
Secondly do these papers(Certs) matter these days in the world of IT, coz i have seen Bedroom coders who end being better than even guys who went to school. Look-up at the Kenyan BDS developer, @kasina in tweeter, that guy didn't learn C in school.
So what i think is real change as far such issues are concerned otherwise, all organizations in Africa/Kenya are open to serious compromise especially Govt Infrastructure.
Two Cents!
./Chuks
On 10/21/09, Walubengo J <jwalu@yahoo.com> wrote:
I agree with Ikua/Preston. CISA (Certified Information Systems Auditors) tend to have the big picture - and that's by design. They dont drill down to specific vendor technologies - even though they know what to expect from such technologies. Maybe a snapshot of the course content would help as given below :(ref: www.isaca.org)
1.IS Audit Process 2.IT Governance 3.Infrastructure Lifecycle Development 4.Protection of Information Assets. 5.Business Continuity and Disaster Mngt
And so If am a CISA with a financial/accounting background but need to inspect a Cisco PIX firewall I would be obliged to hire the expertise rather pretend to do it. Ofcourse, If am a CISA and a techie in that area (and there are many like that) I would just proceed and perform the inspection accordingly.
The point is, the Security Ecosystem is so large and each professional in the Security field has an important role to play. Trying to establish who is better than the other would be like trying to see who btwn the following is better than the other: The Architect who designs the building or the Electrical/Civil/Structural Engineers who provide specialized services within the buildings...rather than begin to research for an answer, I would say it's really a misplaced question to ask.
walu. nb: am a CISA but not an Accountant (so feel free to consider my views biased ;-)
--- On Tue, 10/20/09, Preston <podera@k90ea.com> wrote:
From: Preston <podera@k90ea.com> Subject: Re: [Skunkworks] AUDIT OF IT To: "Skunkworks Forum" <skunkworks@lists.my.co.ke> Date: Tuesday, October 20, 2009, 2:09 PM
If we start from the premise that you cannot be a master of all then Certified Penetration Testers, Systems Engineers, Network Vulnerabilty Experts can only handle their areas but only to the level their knowledge can allow with a scale (1 to 10) depending on whether you gained it from Karamaindo as a college or company. Also hands-on experience plays a greater part including organization culture.
Depending on what has to be audited you need a team of experts!! in the areas being audited. The experts might not be the better than those being audited (Even on Financial Audits this is sometimes the case where junior auditors are sent to companies with least audit experience)but has to make an assurance that the areas being audited are meeting some standards both as defined by the company being audited or guided by international standards.
What is also required is a team leader and that is where Certified Information Systems Auditors come in. These are from various backgrounds including teckies, financials etc..
As Evans indicates One of the ISACA audit standards states that an auditor should use the right expert for the right audit process. This is quite true for all professions. I realized this when putting up a modest palace (needed Architect, Quantity Engineer, Structural Engineer, Foreman Man, Plumber, Electrical Engieer, Loader and a host of other professions while the single process was Putting Up the Palace=IT Audit). In all of these a team work of different professions are required guided by a leader who has received certain qualification where CISA is one of them
Preston
--- On Tue, 10/20/09, Evans Ikua <ikua.evans@gmail.com> wrote:
From: Evans Ikua <ikua.evans@gmail.com> Subject: Re: [Skunkworks] AUDIT OF IT To: "Skunkworks Forum" <skunkworks@lists.my.co.ke> Date: Tuesday, October 20, 2009, 10:58 AM I am a member of the local ISACA chapter, but I will speak for myself. Amolo, I dont agree with you. I recently spoke to a guy from a local shop of the big 5 audit (Finance) firms. He said they do IT audits alright. But they are more interested in seeing how far the IT infrastructure supports the financial figures that they are reporting on. You realize most of accounting nowadays is dependent on IT, as is most of business processes.
But how does an accountant (majority of CISAs are) tell if a DB has been compromised if he does not understand the deep workings of a DB?
As I have said before, the best a CISA can do is to manage the whole process of the IT audit, but not to pretend to be what they are not. One of the ISACA audit standards states that an auditor should use the right expert for the right audit process. If you want to audit a data base, hire a data base expert. If you want to gauge network vulnerability, hire a vulnerability expert, and so on. It's professional negligence, which should attract hefty legal penalties, for a firm to conduct an IT audit, give a clean bill of health, and leave an organization at risk.
Just wait till you hear someone taken to court for professional negligence.
Ikua
On Mon, Oct 19, 2009 at 10:51 PM, Areba Collins <arebacollins@gmail.com> wrote: > Slunks! Whats so hard? IT audit, IT. Finance audit, FINANCE. > > On 10/19/09, Paul Roy <roykoikai@gmail.com> wrote: >> am liking this... so far Chucks is leading :) >> >> On Mon, Oct 19, 2009 at 5:36 PM, Gichuki John Chuksjonia < >> chuksjonia@gmail.com> wrote: >> >>> So their scope would be Financial Audit? >>> >>> >>> >>> On 10/19/09, Joshua Amolo <joshua.amolo@gmail.com> wrote: >>> > If you check my mail again Chuks, i talked about SCOPE >>> > >>> > On Mon, Oct 19, 2009 at 4:00 PM, Gichuki John Chuksjonia < >>> > chuksjonia@gmail.com> wrote: >>> > >>> >> @Joshua, yah mistaken. What does an IT Audit compose of. Because a >>> >> Code Audit is part of IT Audit, tell us, how can an Finance guy look >>> >> for loop holes and bugs in a php code if he doesn't even know how to >>> >> write one? >>> >> >>> >> >>> >> >>> >> >>> >> On 10/19/09, Joshua Amolo <joshua.amolo@gmail.com> wrote: >>> >> > I dont think there is naything wrong with a Finance guy auditing IT. >>> >> > >>> >> > The issue should be what's the purpose of the audit. The purpose will >>> >> give a >>> >> > clear scope and the necessary competence to undertake the the audit. >>> >> > >>> >> > For example if you were to audit the financial sense of having a unit >>> >> within >>> >> > IT, you dont need another IT guy to do this audit. If an auditor >>> >> > wants >>> >> > to >>> >> > check conformity to certain standards of your network for example, >>> there >>> >> are >>> >> > very powerful tools a Finance guy can use. >>> >> > >>> >> > Cynthia I agree with you sometimes you can endure very unnecessary >>> >> questions >>> >> > from an incompetent auditor I remember a case where an auditor was >>> >> checking >>> >> > the competence of a hardware technician and he asked him 'Does the >>> >> computer >>> >> > has a motherboard?', the technician was so pissed he plainly just >>> >> > said >>> >> 'no >>> >> > this one uses a fatherboard' >>> >> > >>> >> > >>> >> > On Mon, Oct 19, 2009 at 3:04 PM, Joseph McDonald >>> >> > <mcdonaldoj@gmail.com>wrote: >>> >> > >>> >> >> The confusion started,because there are few companies that normally >>> do >>> >> >> independent IT audits.In most cases the IT audit is done as an >>> >> >> extension >>> >> >> of >>> >> >> the Financial audits hence you will find many accountants rushed to >>> do >>> >> >> CISA. >>> >> >> >>> >> >> Secondly in any organisation the three P's are important >>> >> (People,Products >>> >> >> and Profits) systems and IT for that matter,in most cases are >>> enablers >>> >> to >>> >> >> help the people,to move the products faster to the market and to >>> >> increase >>> >> >> efficiency hence profits. >>> >> >> >>> >> >> There are some IT audits which finance people with can perform >>> >> well.While >>> >> >> there are some areas which definately require some IT expertise for >>> you >>> >> do >>> >> >> benefit fully from the said audit. >>> >> >> >>> >> >> Because a good audit should give the auditee and the organisation >>> ways >>> >> for >>> >> >> corrective and preventive actions, and continual improvement. >>> >> >> >>> >> >> >>> >> >> On Mon, Oct 19, 2009 at 9:25 AM, Eric Mugo <kabugum@gmail.com> >>> wrote: >>> >> >> >>> >> >>> A Finance person auditing an IT infrastructure is like a Security >>> >> >>> Assessor >>> >> >>> auditing the end year results of a company. I find it very ironical >>> >> >>> and >>> >> >>> old >>> >> >>> school thinking from those days when I.T used to Fall under Finance >>> >> >>> department/Division. Back then, the systems were simple and geared >>> >> >>> towards >>> >> >>> very specific tasks. That is no longer the case nowadays. >>> >> >>> >>> >> >>> A company's systems infrastructure has become very comples, look at >>> a >>> >> >>> situation where a company has several DMZ,s each hosting different >>> >> >>> systems, >>> >> >>> several Server Farms, Webhosting Facilities, a super big ERP....and >>> >> then >>> >> >>> you >>> >> >>> bring an accountant to do a security audit of the systems or rather >>> >> >>> perform >>> >> >>> an entire audit meaning management, financial and security >>> >> >>> audit....forgive >>> >> >>> me but i find it plain stupid! >>> >> >>> >>> >> >>> The positive thing is that most companies are now realising the >>> >> >>> importance >>> >> >>> of a information security role within their ranks. Once someone in >>> >> charge >>> >> >>> of >>> >> >>> security is in place then chances of being audited on Security by a >>> >> CPA-K >>> >> >>> are reduced because the I.T guy will spot their incomptencies from >>> >> >>> a >>> >> mile >>> >> >>> away... >>> >> >>> >>> >> >>> >>> >> >>> >>> >> >>> >>> >> >>> >>> >> >>> On Mon, Oct 19, 2009 at 8:33 AM, Edmund Okumu >>> >> >>> <edmund.okumu@gmail.com>wrote: >>> >> >>> >>> >> >>>> Most Audit firms do exactly that. It is not right at all to have a >>> >> >>>> finance guy audit IT. Let me state categorically that even if a >>> >> finance >>> >> >>>> person has taken the CISA exams and passed, they still don't >>> qualify >>> >> to >>> >> >>>> audit IT as IT audit requires an IT Audit professional with some >>> >> >>>> level >>> >> >>>> of >>> >> >>>> deep understanding in the particular field of audit. Preferably >>> >> >>>> the >>> >> >>>> IT >>> >> >>>> auditor should come from a technical background e.g. Systems >>> >> >>>> Development, >>> >> >>>> Systems and Network Administration or Database Administration. >>> >> >>>> >>> >> >>>> Such people employed by audit firms usually right nasty audit >>> reports >>> >> >>>> based on findings that do not satisfy the expectations of the >>> >> >>>> forms >>> >> >>>> downloaded from the Internet. The audit reports therefore do not >>> give >>> >> a >>> >> >>>> true >>> >> >>>> reflection of the particular IT department of interest. >>> >> >>>> >>> >> >>>> Can someone from ISACA the kenyan chapter respond to this issue >>> >> >>>> and >>> >> tell >>> >> >>>> us the way forward. We need some level of regulation on this. >>> >> >>>> >>> >> >>>> >>> >> >>>> On Sun, Oct 18, 2009 at 6:07 PM, Cynthia Wahome >>> >> >>>> <cwahome@jambo.co.ke>wrote: >>> >> >>>> >>> >> >>>>> Dear All >>> >> >>>>> Let me get your thoughts on this. >>> >> >>>>> >>> >> >>>>> Is it right for a Finance guy to come and do an audit to an IT >>> >> >>>>> department >>> >> >>>>> yet the Finance guy has no clue about IT. >>> >> >>>>> I wont name the audit firm here but i wonder,when they go to the >>> net >>> >> >>>>> and >>> >> >>>>> download a form then they come and ask you silly questions makes >>> me >>> >> >>>>> question them >>> >> >>>>> >>> >> >>>>> People my question is this >>> >> >>>>> Who should do an IT audit? Finance People? or IT People >>> >> >>>>> I stand to be corrected >>> >> >>>>> >>> >> >>>>> >>> >> >>>>> ---------------------------------------------- >>> >> >>>>> This message has been scanned for viruses and >>> >> >>>>> dangerous content by Jambo MailScanner, and is >>> >> >>>>> believed to be clean. >>> >> >>>>> --------------------------------------------- >>> >> >>>>> "easy access to the world" >>> >> >>>>> >>> >> >>>>> _______________________________________________ >>> >> >>>>> Skunkworks mailing list >>> >> >>>>> Skunkworks@lists.my.co.ke >>> >> >>>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> >> >>>>>
>>> >> >>>>> Skunkworks Rules >>> >> >>>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> >> >>>>>
>>> >> >>>>> Other services @ http://my.co.ke >>> >> >>>>> Other lists >>> >> >>>>>
>>> >> >>>>> Announce: >>> >> >>>>> >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce >>> >> >>>>> Science: >>> >> >>>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/science >>> >> >>>>> kazi: >>> http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general >>> >> >>>>> >>> >> >>>> >>> >> >>>> >>> >> >>>> >>> >> >>>> -- >>> >> >>>> Edmund C. O. Okumu >>> >> >>>> P.O Box 8490-00200, >>> >> >>>> Nairobi, Kenya. >>> >> >>>> TEL: 254-721-734935 >>> >> >>>> >>> >> >>>> >>> >> >>>> _______________________________________________ >>> >> >>>> Skunkworks mailing list >>> >> >>>> Skunkworks@lists.my.co.ke >>> >> >>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> >> >>>>
>>> >> >>>> Skunkworks Rules >>> >> >>>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> >> >>>>
>>> >> >>>> Other services @ http://my.co.ke >>> >> >>>> Other lists >>> >> >>>>
>>> >> >>>> Announce: >>> >> >>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce >>> >> >>>> Science: >>> >> >>>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/science >>> >> >>>> kazi: >>> >> >>>> http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general >>> >> >>>> >>> >> >>> >>> >> >>> >>> >> >>> _______________________________________________ >>> >> >>> Skunkworks mailing list >>> >> >>> Skunkworks@lists.my.co.ke >>> >> >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> >> >>> ------------ >>> >> >>> Skunkworks Rules >>> >> >>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> >> >>> ------------ >>> >> >>> Other services @ http://my.co.ke >>> >> >>> Other lists >>> >> >>> ------------- >>> >> >>> Announce: >>> >> >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce >>> >> >>> Science: >>> >> >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/science >>> >> >>> kazi: >>> >> >>> http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general >>> >> >>> >>> >> >> >>> >> >> >>> >> >> _______________________________________________ >>> >> >> Skunkworks mailing list >>> >> >> Skunkworks@lists.my.co.ke >>> >> >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> >> >> ------------ >>> >> >> Skunkworks Rules >>> >> >> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> >> >> ------------ >>> >> >> Other services @ http://my.co.ke >>> >> >> Other lists >>> >> >> ------------- >>> >> >> Announce: >>> >> >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce >>> >> >> Science: >>> >> >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/science >>> >> >> kazi: >>> >> >> http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general >>> >> >> >>> >> > >>> >> > >>> >> > >>> >> > -- >>> >> >
>>> >> > Joshua Amolo >>> >> > Cell: +254 720 263308/+255 783 060052 >>> >> > >>> >> > >>> >> > Managing IT people is like herding cats >>> >> > >>> >> >>> >> >>> >> -- >>> >> -- >>> >> Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P >>> >> I.T Security Analyst and Penetration Tester >>> >> infosigmer@inbox.com >>> >> >>> >> {FORUM}http://lists.my.co.ke/pipermail/security/ >>> >> http://nspkenya.blogspot.com/ >>> >> http://chuksjonia.blogspot.com/ >>> >> _______________________________________________ >>> >> Skunkworks mailing list >>> >> Skunkworks@lists.my.co.ke >>> >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> >> ------------ >>> >> Skunkworks Rules >>> >> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> >> ------------ >>> >> Other services @ http://my.co.ke >>> >> Other lists >>> >> ------------- >>> >> Announce: >>> >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce >>> >> Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science >>> >> kazi: >>> >> http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general >>> >> >>> > >>> > >>> > >>> > -- >>> >
>>> > Joshua Amolo >>> > Cell: +254 720 263308/+255 783 060052 >>> > >>> > >>> > Managing IT people is like herding cats >>> > >>> >>> >>> -- >>> -- >>> Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P >>> I.T Security Analyst and Penetration Tester >>> infosigmer@inbox.com >>> >>> {FORUM}http://lists.my.co.ke/pipermail/security/ >>> http://nspkenya.blogspot.com/ >>> http://chuksjonia.blogspot.com/ >>> _______________________________________________ >>> Skunkworks mailing list >>> Skunkworks@lists.my.co.ke >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> ------------ >>> Skunkworks Rules >>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> ------------ >>> Other services @ http://my.co.ke >>> Other lists >>> ------------- >>> Announce: >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce >>> Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science >>> kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general >>> >> >> >> >> -- >> "Change is slow and gradual. It requires hardwork, a bit of >> luck, a fair amount of self-sacrifice and a lot of patience." >> >> Roy. >> >
> Skunkworks mailing list > Skunkworks@lists.my.co.ke > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke > Other lists > ------------- > Announce: > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce > Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science > kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general > _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general