Am not surprised. Information Audit is treated like Financial audit and locally, there is a dearth of pseudo-auditors ripping off corporates. I know of one auditor from one of these localized audit firms who spent a whole day trying to run a korn script on bash. A year ago, another local audit firm ripped a govt parastatal close to Ksh 50m on an audit and the same month, the system got compromised. -tyrus. On Mon, Aug 1, 2011 at 9:51 AM, Allan M <mbiyua@gmail.com> wrote:

this is incredibly ridiculous!!. Working with such a company is a sure setup for ripoff . Thanks for the info .its very valuable to all.

On Fri, Jul 29, 2011 at 11:00 PM, Brian Ngure <brian@pixie.co.ke> wrote:

...

I am still reeling in shock from the sheer stupidity shown in this link.

http://serverfault.com/questions/293217/our-security-auditor-is-an-idiot-how...

Anyone got a local horror story to share?

-- Regards

Brian Ngure

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Regards,

Allan M 0722-266-146

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

Name them so we are not caught by the same crooks!!!! On Mon, Aug 1, 2011 at 10:19 AM, Simon Mburu <sgatonye@gmail.com> wrote:

Hahahaha Tyrus, I think I know the said audit firm, spent a whole day with the guy trying to run a korn script on bash. No amount of reasoning would make him budge from trying to run it.

On Mon, Aug 1, 2011 at 9:59 AM, ty <tyruskam@gmail.com> wrote:

...

Am not surprised. Information Audit is treated like Financial audit and locally, there is a dearth of pseudo-auditors ripping off corporates. I know of one auditor from one of these localized audit firms who spent a whole day trying to run a korn script on bash. A year ago, another local audit firm ripped a govt parastatal close to Ksh 50m on an audit and the same month, the system got compromised.

-tyrus.

On Mon, Aug 1, 2011 at 9:51 AM, Allan M <mbiyua@gmail.com> wrote:

...

this is incredibly ridiculous!!. Working with such a company is a sure setup for ripoff . Thanks for the info .its very valuable to all.

On Fri, Jul 29, 2011 at 11:00 PM, Brian Ngure <brian@pixie.co.ke> wrote:

...

I am still reeling in shock from the sheer stupidity shown in this link.

http://serverfault.com/questions/293217/our-security-auditor-is-an-idiot-how...

Anyone got a local horror story to share?

-- Regards

Brian Ngure

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Regards,

Allan M 0722-266-146

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Simon Gatonye 0722993642 P.O. Box 75232 Nairobi - 0200

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Regards, A. Mwai

Most these companies are from foreign countries that failed overseas after they were caught up and realized they cant perform there. If you get to work Overseas, with some of the Fanancial Institutes that have had intrusions, they tend to understand what kind of service they need. Companies back in KE should understand what they want for a service, and should do a background check on the consultant who is to work on their Systems as far as Security is concerned, but not the color of the eyes. Two cents ./Chucks On 8/1/11, Jangita Nyagudi <jangita.nyagudi@gmail.com> wrote:

I have seen some saying the network is insecure - because the wireless password is saved on staff's laptops --- eeeh so should we give everyone the same password that they enter every day when they come into the office?

On 1 August 2011 11:21, Antony Mwai <antonymwai@gmail.com> wrote:

...

Name them so we are not caught by the same crooks!!!!

On Mon, Aug 1, 2011 at 10:19 AM, Simon Mburu <sgatonye@gmail.com> wrote:

...

Hahahaha Tyrus, I think I know the said audit firm, spent a whole day with the guy trying to run a korn script on bash. No amount of reasoning would make him budge from trying to run it.

On Mon, Aug 1, 2011 at 9:59 AM, ty <tyruskam@gmail.com> wrote:

...

Am not surprised. Information Audit is treated like Financial audit and locally, there is a dearth of pseudo-auditors ripping off corporates. I know of one auditor from one of these localized audit firms who spent a whole day trying to run a korn script on bash. A year ago, another local audit firm ripped a govt parastatal close to Ksh 50m on an audit and the same month, the system got compromised. -tyrus. On Mon, Aug 1, 2011 at 9:51 AM, Allan M <mbiyua@gmail.com> wrote:

...

this is incredibly ridiculous!!. Working with such a company is a sure setup for ripoff . Thanks for the info .its very valuable to all.

On Fri, Jul 29, 2011 at 11:00 PM, Brian Ngure <brian@pixie.co.ke> wrote:

...

I am still reeling in shock from the sheer stupidity shown in this link.

http://serverfault.com/questions/293217/our-security-auditor-is-an-idiot-how... Anyone got a local horror story to share?

-- Regards

Brian Ngure

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Regards,

Allan M 0722-266-146

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Simon Gatonye 0722993642 P.O. Box 75232 Nairobi - 0200

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

--

Regards,

A. Mwai

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com {FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/

this reminds me of a buddy of mine who was asked "where do you backup your network!!!!" in utter shock and anger the guy replied "Which layer of the OSI did you want to see?" the guy just froze and promised to come back On Mon, Aug 1, 2011 at 12:56 PM, ty <tyruskam@gmail.com> wrote:

I can tell you for a fact that some outfit was formed as a splinter group of an international parent company and their services end at nmap and MS Excel spreadsheet templates. What is sad is that most companies and financial institutions sit back very confident that an audit was carried out and no one can breach their systems and processes. It is also paramount to have universities incorporate this specialized courses as part of their IT curriculum as opposed to those units they have that just end at Digital Certificates! On Mon, Aug 1, 2011 at 12:29 PM, Gichuki John Chuksjonia <chuksjonia@gmail.com> wrote:

...

Most these companies are from foreign countries that failed overseas after they were caught up and realized they cant perform there.

If you get to work Overseas, with some of the Fanancial Institutes that have had intrusions, they tend to understand what kind of service they need. Companies back in KE should understand  what they want for a service, and should do a background check on the consultant who is to work on their Systems as far as Security is concerned, but not the color of the eyes.

Two cents

./Chucks

On 8/1/11, Jangita Nyagudi <jangita.nyagudi@gmail.com> wrote:

...

I have seen some saying the network is insecure - because the wireless password is saved on staff's laptops --- eeeh so should we give everyone the same password that they enter every day when they come into the office?

On 1 August 2011 11:21, Antony Mwai <antonymwai@gmail.com> wrote:

...

Name them so we are not caught by the same crooks!!!!

On Mon, Aug 1, 2011 at 10:19 AM, Simon Mburu <sgatonye@gmail.com> wrote:

...

Hahahaha Tyrus, I think I know the said audit firm, spent a whole day with the guy trying to run a korn script on bash. No amount of reasoning would make him budge from trying to run it.

On Mon, Aug 1, 2011 at 9:59 AM, ty <tyruskam@gmail.com> wrote:

...

Am not surprised. Information Audit is treated like Financial audit and locally, there is a dearth of pseudo-auditors ripping off corporates. I know of one auditor from one of these localized audit firms who spent a whole day trying to run a korn script on bash. A year ago, another local audit firm ripped a govt parastatal close to Ksh 50m on an audit and the same month, the system got compromised. -tyrus. On Mon, Aug 1, 2011 at 9:51 AM, Allan M <mbiyua@gmail.com> wrote: > > this is incredibly ridiculous!!. Working with such a company is a > sure > setup for ripoff . Thanks for the info .its very valuable to all. > > On Fri, Jul 29, 2011 at 11:00 PM, Brian Ngure <brian@pixie.co.ke> > wrote: >> >> I am still reeling in shock from the sheer stupidity shown in this >> link. >> >> >> >> http://serverfault.com/questions/293217/our-security-auditor-is-an-idiot-how... >> Anyone got a local horror story to share? >> >> -- >> Regards >> >> Brian Ngure >> >> _______________________________________________ >> Skunkworks mailing list >> Skunkworks@lists.my.co.ke >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >> ------------ >> Skunkworks Rules >> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >> ------------ >> Other services @ http://my.co.ke > > > > -- > Regards, > > Allan M > 0722-266-146 > > _______________________________________________ > Skunkworks mailing list > Skunkworks@lists.my.co.ke > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Simon Gatonye 0722993642 P.O. Box 75232 Nairobi - 0200

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

--

Regards,

A. Mwai

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com

{FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/ _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- GG

Hehehe... Sounds like there should be lots of opportunities for IT Auditors in the country... On 8 August 2011 11:35, geoffrey gitagia <ggitagia@gmail.com> wrote:

this reminds me of a buddy of mine who was asked "where do you backup your network!!!!" in utter shock and anger the guy replied "Which layer of the OSI did you want to see?" the guy just froze and promised to come back

On Mon, Aug 1, 2011 at 12:56 PM, ty <tyruskam@gmail.com> wrote:

...

I can tell you for a fact that some outfit was formed as a splinter group of an international parent company and their services end at nmap and MS Excel spreadsheet templates. What is sad is that most companies and financial institutions sit back very confident that an audit was carried out and no one can breach their systems and processes. It is also paramount to have universities incorporate this specialized courses as part of their IT curriculum as opposed to those units they have that just end at Digital Certificates! On Mon, Aug 1, 2011 at 12:29 PM, Gichuki John Chuksjonia <chuksjonia@gmail.com> wrote:

...

Most these companies are from foreign countries that failed overseas after they were caught up and realized they cant perform there.

If you get to work Overseas, with some of the Fanancial Institutes that have had intrusions, they tend to understand what kind of service they need. Companies back in KE should understand what they want for a service, and should do a background check on the consultant who is to work on their Systems as far as Security is concerned, but not the color of the eyes.

Two cents

./Chucks

On 8/1/11, Jangita Nyagudi <jangita.nyagudi@gmail.com> wrote:

...

I have seen some saying the network is insecure - because the wireless password is saved on staff's laptops --- eeeh so should we give everyone the same password that they enter every day when they come into the office?

On 1 August 2011 11:21, Antony Mwai <antonymwai@gmail.com> wrote:

...

Name them so we are not caught by the same crooks!!!!

On Mon, Aug 1, 2011 at 10:19 AM, Simon Mburu <sgatonye@gmail.com> wrote:

...

Hahahaha Tyrus, I think I know the said audit firm, spent a whole

day

...

...

...

...

with the guy trying to run a korn script on bash. No amount of reasoning would make him budge from trying to run it.

On Mon, Aug 1, 2011 at 9:59 AM, ty <tyruskam@gmail.com> wrote: > > Am not surprised. Information Audit is treated like Financial audit > and > locally, there is a dearth of pseudo-auditors ripping off corporates. > I > know > of one auditor from one of these localized audit firms who spent a > whole > day > trying to run a korn script on bash. > A year ago, another local audit firm ripped a govt parastatal close > to > Ksh 50m on an audit and the same month, the system got compromised. > -tyrus. > On Mon, Aug 1, 2011 at 9:51 AM, Allan M <mbiyua@gmail.com> wrote: >> >> this is incredibly ridiculous!!. Working with such a company is a >> sure >> setup for ripoff . Thanks for the info .its very valuable to all. >> >> On Fri, Jul 29, 2011 at 11:00 PM, Brian Ngure <brian@pixie.co.ke> >> wrote: >>> >>> I am still reeling in shock from the sheer stupidity shown in this >>> link. >>> >>> >>> >>> http://serverfault.com/questions/293217/our-security-auditor-is-an-idiot-how... >>> Anyone got a local horror story to share? >>> >>> -- >>> Regards >>> >>> Brian Ngure >>> >>> _______________________________________________ >>> Skunkworks mailing list >>> Skunkworks@lists.my.co.ke >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> ------------ >>> Skunkworks Rules >>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> ------------ >>> Other services @ http://my.co.ke >> >> >> >> -- >> Regards, >> >> Allan M >> 0722-266-146 >> >> _______________________________________________ >> Skunkworks mailing list >> Skunkworks@lists.my.co.ke >> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >> ------------ >> Skunkworks Rules >> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >> ------------ >> Other services @ http://my.co.ke > > > _______________________________________________ > Skunkworks mailing list > Skunkworks@lists.my.co.ke > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke

-- Simon Gatonye 0722993642 P.O. Box 75232 Nairobi - 0200

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

--

Regards,

A. Mwai

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester jgichuki at inbox d0t com

{FORUM}http://lists.my.co.ke/pipermail/security/ http://chuksjonia.blogspot.com/ _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- GG _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

Worst part is the auditors make pretty cool money Back in my DBA Days, we had an auditor who decided that the whole dba team should only have read access to some dbs In their plan, even backup rights were too much The CIO was the only one to have Admin rights :) On 8/13/11, Laban Mwangi <lmwangi@gmail.com> wrote:

Hi,

On Mon, Aug 1, 2011 at 9:59 AM, ty <tyruskam@gmail.com> wrote:

...

Am not surprised. Information Audit is treated like Financial audit and locally, there is a dearth of pseudo-auditors ripping off corporates. I know of one auditor from one of these localized audit firms who spent a whole day trying to run a korn script on bash.

Oh yeah, I had the same experience ~4 years ago. * A guy having a ksh shell trying to execute it on bash * Script was investigating /opt or something like that. Might have been for SCO Unix. * He asked me what firewall we were using, I replied IPFILTERS, Bugger gives me a CISCO PIX questionnaire to fill. * To improve security, I was asked to change the root username of mysql to something else.... Like admin. On top of that, they didn't care about mysql version running, other users in the system etc... * Windows admin users were duly changed and their passwords. * Rsync wasn't a good backup solution. We had to get a tape drive and use the built in windows backup program

Observations: * Auditors are typically first class honours students, picked by the system, mangled, zombified and sent to haunt us. * Unfortunately, they are not given a basic intro/course into OS concepts, FW concepts.. Just a form to fill and billable hours to bill * Big name companies won't touch your code/product if a big name auditor has not passed it through his 'billable hours' service * It's mostly a scam (well in reference to the few Unix audits I have been in) and I shudder to think of all the 'all green across the board' deployments out there. * I wasted a week of my life. I wish I could bill for it

...

A year ago, another local audit firm ripped a govt parastatal close to Ksh 50m on an audit and the same month, the system got compromised. -tyrus. On Mon, Aug 1, 2011 at 9:51 AM, Allan M <mbiyua@gmail.com> wrote:

...

this is incredibly ridiculous!!. Working with such a company is a sure setup for ripoff . Thanks for the info .its very valuable to all.

On Fri, Jul 29, 2011 at 11:00 PM, Brian Ngure <brian@pixie.co.ke> wrote:

...

I am still reeling in shock from the sheer stupidity shown in this link.

http://serverfault.com/questions/293217/our-security-auditor-is-an-idiot-how... Anyone got a local horror story to share?

-- Regards

Brian Ngure

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Regards,

Allan M 0722-266-146

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Sent from my mobile device