Recently I have been working my way through “Freedom’s Forge: How American Business Produced Victory in WWII” by Dr. Arthur Herman. In it, Dr. Herman tells the story of how U.S. business leaders were mobilized to build ships, tanks and weapons faster (and better) than the enemy, leading to victory in WWII. It is a biography of the “arsenal of democracy”, necessary in understanding the link between the US during the great depression and the post-war economic boom.
In 1941, when Roosevelt announced plans to build 50,000 planes a year, Hitler scoffed, saying: “What is America, but beauty queens, millionaires, stupid records, and Hollywood?” But, by the war’s end, Mr. Herman notes, “American businessmen, engineers, production managers, and workers both male and female” had turned out two-thirds of all the military equipment used by the Allies in World War II, including 286,000 warplanes, 86,000 tanks, 8,800 naval vessels, 2.6 million machine guns “and 41 billion rounds of ammunition.”
Holy cow. Imagine what must have been involved in manufacturing 286,000 airplanes, 86,000 thanks, and 8,800 naval vessels.
This monumental output of materiel came as a result of a profound transformation of the American economy, engineered in part by Bill Knudsen (General Motors) and Henry Kaiser (Kaiser Industries). Knudsen was a manufacturing genius who designed the plants and production lines for both Henry Ford and Alfred Sloan of General Motors. Kaiser, on the other hand, was a shipbuilder who had been one of the main contractors for the Hoover Dam. The two were vastly different (and didn’t like each other), but worked together to revolutionize American industry.
I am about 1/3 of the way through the book right now; this is a great read for anyone interested in how American businesses shifted from the consumer economy to wartime production during WWII.
I love PowerShell – what can’t it do? A friend of mine referred me to this article on how to monitor DNS requests with PowerShell, so of course I needed to investigate. Traditionally, Sysmon is the go-to for monitoring Windows hosts, but as Mr. Vassallo points out, this solution relies on reverse DNS lookups for IP address translation.
Ok let’s back up. DNS monitoring is important because it provides valuable information during an incident response investigation. The hostname-IP address mappings help to characterize traffic observations, and the server’s IP address can be useful to identify clients that make direct requests to servers outside the environment. For threat intelligence, DNS logging can be used to flag heavy query activity for newly-registered domains or identifying a newly-observed domain.
The problem with reverse DNS is that the owner of the IP address is in charge of reverse DNS, not the owner of the domain the IP resolves to. Anybody who has control over reverse DNS for an IP address block can make the address reverse resolve to “kdahl.io” (or localhost).
If you are using reverse DNS, then you also need to be aware that whoever operates the authoritative name server for that IP address will learn of your requests. And don’t forget to make sure that you sanitize and properly encode reverse DNS results before using them – never ever treat them as trusted.
Sometimes the questions are complicated and the answers are simple.— Dr. Seuss
My name is Kristin – I am a cyber security professional interested in national security and defense, privacy and regulation, critical infrastructure, incident response, and public service.
I live in Boston with my french bulldog named Wyatt.
This is the first post on my new blog. I’m just getting this new blog going, so stay tuned for more. Subscribe below to get notified when I post new updates.