Network Security Blog

peterpacket_theme.mp3 (audio/mpeg Object)

The story of Peter Packet. There are some very twisted geeks out there.

SecurityFocus HOME Columnists: The Latest Tool in Competition: Hacking

This article has a couple of good examples of how businesses are starting to use hacking as a tool. More importantly, they point out a few of the non-technical steps you can take to safeguard yourself. Having a clearly defined public policy is hightly important when proving your competitor abused your systems. Once again, the importance of planning is brought to the forefront.

SC Magazine

Basically, this article says that you need to run two application layer firewalls in series for best protection of your network. He makes it sound like any other design is inadequate. I agree with many of the points made in the article, just not the severity of his analysis.

Yahoo! News - Deleting Online Extortion

I like stories where they get the badguys in the end. But I’m pretty sure that for every one of these guys they catch out there, there’s 10 more ready to step up to take their place.

broadband ? Forums ? Security ? Anti-Trojan, Anti-Virus software/scan links

This is a really nice collection of links to different security products for your desktop. I came accross this while doing some research. The list is over 2 years old, and some of the informtion is therefore out of date, but it’s still a pretty good list.

SecurityFocus HOME News: California reports massive data breach

Hacker strikes university computer system

Ouch! There are multiple aspects about this intrusion that disturb me. First, compromised on the 1st, but not discovered until the 30th. Second, it wasn’t reported to the FBI in a timely manner, even once the comprimise was discovered. But the real kicker is that none of the people in the database even knew that their information had even been shared with the University.

How much information about you is being passed around without your knowledge? We have multiple laws in place, both at the state and federal level that are supposed to protect us from this sort of information sharing, but if the government is the one breaking the rules, who’s going to enforce it?

If your name was one of the half a million in this database, welcome to the dark side of the Information Age.

Churches Installing Cell Phone Jammers

I want the mobile version of this for X-mas! I would gleefully go driving down the freeway, cutting the connections of all those idiots out there paying more attention to their cell phones than their driving.

Samhain Labs | internet services

Once again the joatBlog led me to a really good article.

I’ve already shut down all unnecessary services on my Internet facing servers, but using the basic techniques in this article, I was reminded of another service I had added to my systems but no longer use. Scared me for a moment or two when I saw a service running on an unfamiliar port, until I figured out what it was.

This is rather old, basic, stuff, but that’s usually what fouls people up. They forget the basics.

One of my co-workers was asking which product I would use to clone an old hard drive to a newer, faster hard drive. He was going to go out and buy Ghost for $60, but after thinking about it for a while, I suggested he try using the *nix dd command. The dd command is what is always suggested when backing up a hard drive for forensics analysis, so I figured it should work fine for cloning a drive. We also gave him a Knoppix CD to boot to for the effort.

The best explanation I found (with the minimal research I did) was from the Berkman Geekroom Blog. I’m copying the whole article to the extended entry, since this site hasn’t been updated more than a dozen times this year, and I’d hate to lose the information.

Continue Reading »

A Quantitative Study of Firewall Configuration Errors

This study shows what most people would intuitively think: complex firewall rules are more prone to errors than simple firewall rules. Unluckily, writing and maintaining a ruleset in the real world tends towards complexity due to special needs and size of an organization. It’s easy for me to keep the ruleset on my home firewall simple, but when you take into account the complexity of running a business on the Internet, a small ruleset just isn’t going to cut it for most businesses.