The last couple of days I have been having some connectivity issues which are sort of confusing and really starting to annoy me. I think a large part of my problems are my firewall, a Coyote Linux Floppy-based firewall, running on a 486 with 16 megs of memory. This has worked pretty well for me for about 2 years, and overall I really like Coyote Linux, but every once and a while the firewall stops passing traffic. At least I think it’s the firewall. What happens is I loose connection to my ISP until I log on to the firewall and ping my ISP. The problem may be the DSL modem, it may be the firewall, or there may be some other problem that I haven’t figured out yet. I highly suspect that the issue is the memory on the firewall, but since I don’t have any more memory of that vintage, I think I’ll just create a new firewall and hope that’s the issue.
I’m looking at Smoothwall, and from what everyone has told me it’s pretty good. I have a spare PII 266 with 128 megs sitting in the garage, which should be more than enough to power a decent home firewall. My other option is to put in my Cisco 806 router with a firewall ruleset, but I’m a little leery of this as a solution. The 806 has limited memory, and despite what was advertised when I first purchased the router, it can’t take an IOS with full firewall and security functionallity. I could upgrade the memory, but the last time I checked, the memory for this system would actually cost me more than a new Linksys would. A new Linksys router is another option, but right now the budget is a little stretched and any new hardware might get me killed. Ah, for the days when I was single and kidless. Wait, strike that. When I was single and kidless I was also unemployed for long stretches, so the budget wasn’t any better. Oh whell.
Anyone else have any experience with Coyote Linux? Anyone else experienced the type of problems I’m seeing?
Yahoo! News – Online Hacker Shop Shuts Down
Hackers had set up a web site dedicated to selling the source code for Dragon by Enterasys and Napster, now owned by Roxio. The price for the code was $16k and $10k respectively. Fear of prosecution has forced the hackers to close the website down.
On one hand, I find it very disturbing that the source code for Dragon and Napster is out there somewhere, on the other hand, I say, ‘So what?’
A skilled hacker is going to be able to get much of the same information from working with a product directly and observing the results as they would from looking at the source code directly. It is unlikely that there would be any more holes discovered because of the leak, just that they’d be uncovered more quickly.
Even with the source code for Dragon, I doubt a hacker will be able to take great advantage of it. They might be able to discover a way to disguise an attack based on the algorythms used by Dragon, but I doubt (hope) there are any vulnerabilites that will enable a hacker to take control of a Dragon box, especially if it and the network it protects are properly setup.
Napster, on the other hand, could be a bigger problem. They have a much bigger installed client base, and the discovery of a vulnerability in their product could have larger consequences.
In either case, the price was going to keep the casual hacker from getting the code. Of course the whole thing could have been a ruse to get attention. Why would a hacker group that has the capability to get the source code for these two products ever post to a public website? Maybe they’re just stupid hackers.
I got a curious phone call yesterday. I wish I’d had more presence of mind to ask questions, but when you’re trying to herd your children, answering and asking questions is usually the last thing on your mind. The call came in the mid-afternoon, and it was a woman claiming to be a reporter for a number of Ziff-Davis publications. She wanted to ask me questions about Windows XP SP2. When I told her that I didn’t have any direct experience yet, she started to ask about what I’d heard from other security professionals. That’s when I told her I needed to cut the call short and deal with children. I’m not willing to speculate on much of anything by way of third hand information.
I’m going to assume that the call was real, since the lady sounded a bit too bored and disinterested to be some one running a scam. I wish I’d thought of getting a phone number to call her back at (since caller ID was blocked), and some sort of proof she actually worked for ZDNet. I also want to know where she got my phone number. It probably wasn’t too hard, since I’m one of those people who include my cellphone number with every email I send out. I am guessing she may have pulled my name out of Google from a search on something like “XP Security”, or she followed a link to my site.
I’m like most people, and I feel somewhat honored to have someone from the press asking my opinion on, well, on anything to tell the truth. On the other hand, I’m a network security professional, and more than slightly paranoid too boot. If I ever recieve another call like this, I’m going to have to pay a lot more attention from the get go. Anyone else recieve calls like this, either lately or in general? How do you respond to them? I don’t think I’m in too much danger of becoming a quoted name in the industry, but having a blog does raise my visibility level somewhat.