Archive for May, 2004

May 19 2004

Look Ma, it’s a hoax!

Published by under Simple Security

US-CERT Cyber Security Tip ST04-009 — Identifying Hoaxes and Urban Legends

I am so tempted to send a copy of this to every single relative, not to mention most of my co-workers. Of course, most of my friends and relatives only send me one hoax email to me. I make it very clear that forwarding me a hoax once is acceptable, twice earns them a special place in my heart. I do have a heart. Honest.

I wonder if having this collection of links will mean any more to them when it’s posted by USCERT, rather than a link to my own web page.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

4 responses so far

May 18 2004

How to get into Network Security

Published by under General

SecurityFocus HOME Infocus: TCP/IP Skills Required for Security Analysts

I like this article, but it’s kind of spooky. It follows my own career path fairly closely. I started as a desktop support technician, became the manager of a small network, got my B.S. in Information Systems Management, and then pursued the CCNA and CISSP. The first certificate was to give me the base of knowledge I needed to work in the field, the second was a validation of what I already knew. I guess the next thing I need to do is go back to coding. I never did like coding much, but I at least need to brush up on my skills of reading other people’s code.

What path did you take, or are you taking, to get into Network Security?

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

May 11 2004

Cultural Changes in a corporation

Published by under Simple Security

INTERNALMEMOS.COM – Internet’s largest collection of corporate memos and internal communication

This is one of the best thought out memo’s I’ve seen. Basically, it says “Enough excuses. Time to get the job done.” I wish more companies and IT departments had this sort of guts.

Thanks to Bruce from the CISSP mailing list for finding this memo.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

May 11 2004

Creator of Netsky and Sasser arrested

Published by under Malware

Woot! Score one for the good guys. And Microsoft too, though I truly hesitate to call them one of the good guys. This wonderful person is a German citizen, and was arrested by their police force in cooperation with the FBI, Secret Service and Microsoft. Guess the guy just turned 18, and the crimes were commited before his birthday, so the authorities have to charge him as a child. But as Axel Eble points out, the civil suits are going to keep this guy in debt until the end of time.

I’ve been meaning to post on this for a couple of days, but there’s always something else to do. I guess that’s what happens when you have parts of your life that have nothing to do with IT and security. Anyways, here’s a couple of links for more information on the subject.

Microsoft patting itself on the back

Cnet: Microsoft reward snags suspected Sasser author

Now for a non-American point of view, just to be fair: The Register: German police arrest Sasser worm suspect. I’d find a German paper, but I’ve forgotten almost all the German I learned while over there. If you have a good translation, or a German article written in English, I’d be interested in seeing it.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

May 06 2004

Linux Security Basics

Published by under Linux

Here’s a good, short article on the basics of securing a Linux box. The article is based on Redhat, but the information is appropriate for all brands of Linux.

http://www.sans.org/rr/special/essential_host_security.php

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

May 05 2004

Economic Espionage

Published by under General

I spent most of yesterday at a conference put on by the FBI and the San Franciso chapter of Infragard on Economic Espionage. Unluckily, I was not the target audience for the vast majority of what was presented at the conference and the one segment that directly related to network security was cut very short due to previous speakers going over their time limit. I did get to see all the slides, but in most cases the comment was “I was going to talk about this but I don’t have time.” Oh well.

One of the segments that I saw that was interesting was a case study of a incident that started in 1999 and is still ongoing. What I didn’t understand was why the FBI chose to talk about an incident where they have all the information and evidence, but the purpetrator (sp?) managed to get away to his home country and thereby escape justice. If I was giving the presentation, I would have picked a case where I could say “He got 20 years for his crime” not “He went back to Japan and we’re still trying to extradite him.” Especially when most of the day was spent with the FBI agents going on about how they want the private sector to communicate better with them. A failed case is not the best way to instill confidence in the security managers out there. I’m sure that the agents are very good at their job, but marketing doesn’t seem to be their strong point.

I’ve (thankfully) never had to interact with the FBI or Secret Service or any other branch of Federal law enforcement directly, but I’m thinking hard about joining Infraguard. Part of me wants to be more in the know about what is happening on the federal level with these folks, but another part wants to stay as far away as possible. Something about youthful indescretions catching up to me. Not really, but I’m not sure I want to place myself in the company of people who are even paranoid than I am, and also happen to carry guns.

This is the second presentation by the FBI and Infragard that I’ve attended, and the first one was much more concentrated on computer security. I guess that’s what I was expecting in this go round. I should have read the description a little better before making a four hour round trip through commute hour traffic. I’ll know better next time.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

May 01 2004

A quick, silly security game

Published by under Malware

I saw this on The Screen Savers last night. Trend Micro has a little flash game that can give your users an idea of how complex some of the situations we protect them from on a daily basis are. This may become my way of showing an end user exactly how easy it is to protect the network! “Here, play this game and tell me if you still think what I do is easy!”

Trend Micro Outbreak game

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

May 01 2004

Are you patched?

Published by under Malware

I hope you’ve patched your IIS 5.0 servers against the SSL vulnerability! A little later than predicted, but the first of the viruses are out. I’m sure there will be more before too long, especially since there are problems with the MS04-011 patch stopping some people from installing it. I just hope people either shut down port 443, patch, or switch to Apache. :)

Here are a couple of links to information about the Sasser worm

Symantec

Trend Micro

Internet Storm Center

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off