Something I always like to do when discussing security is whiteboard and visualize what is going on. That's the beauty of Wireshark when it comes to traffic analysis, you can see what's going on. This brings me to my Hollywood Security lesson. As I said before, I learn security lessons from television and this time it was a football game that brought a point home.
I was in my front lawn making my way in from an errand when a neighbor ask me if I was watching the University of Oklahoma vs. University of Texas football game. The game was heading into to fourth quarter and it was close he informed me. I'm a Texas native and a fan of the Longhorns. Texas has had some problems with Oklahoma and I just couldn't be bother watching the game. I just new Oklahoma was going to win, after all they were the top ranked team in the country.
Reluctantly, I tuned in to the game and Texas pulled off an upset. This reminded me of the advice I always gave my students in Network Security classes. I always encourage my students to look at traffic because you never know if communications are happening as they should be. I assumed Texas would lose before every taking a look.
In Information Assurance we sometimes make assumptions that things are working or something will fail without even verifying or validating them. Either way this is a mistake. I was happy that my Longhorns reminded me of this lesson.
"Hook 'em Horns!"