Archive for October, 2004

Oct 28 2004

Just plain silly

Published by under General

peterpacket_theme.mp3 (audio/mpeg Object)

The story of Peter Packet. There are some very twisted geeks out there.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

Oct 28 2004

Hacking the competitor for fun and profit

Published by under Hacking

SecurityFocus HOME Columnists: The Latest Tool in Competition: Hacking

This article has a couple of good examples of how businesses are starting to use hacking as a tool. More importantly, they point out a few of the non-technical steps you can take to safeguard yourself. Having a clearly defined public policy is hightly important when proving your competitor abused your systems. Once again, the importance of planning is brought to the forefront.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

Oct 27 2004

1oo2 Firewall Architecture

Published by under Firewall

SC Magazine

Basically, this article says that you need to run two application layer firewalls in series for best protection of your network. He makes it sound like any other design is inadequate. I agree with many of the points made in the article, just not the severity of his analysis.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

3 responses so far

Oct 26 2004

They got the badguys

Published by under Hacking

Yahoo! News – Deleting Online Extortion

I like stories where they get the badguys in the end. But I’m pretty sure that for every one of these guys they catch out there, there’s 10 more ready to step up to take their place.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

Oct 21 2004

Desktop Security Links

Published by under Simple Security

broadband ? Forums ? Security ? Anti-Trojan, Anti-Virus software/scan links

This is a really nice collection of links to different security products for your desktop. I came accross this while doing some research. The list is over 2 years old, and some of the informtion is therefore out of date, but it’s still a pretty good list.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Oct 20 2004

Berkeley security a little lacking?

Published by under Security Advisories

SecurityFocus HOME News: California reports massive data breach

Hacker strikes university computer system

Ouch! There are multiple aspects about this intrusion that disturb me. First, compromised on the 1st, but not discovered until the 30th. Second, it wasn’t reported to the FBI in a timely manner, even once the comprimise was discovered. But the real kicker is that none of the people in the database even knew that their information had even been shared with the University.

How much information about you is being passed around without your knowledge? We have multiple laws in place, both at the state and federal level that are supposed to protect us from this sort of information sharing, but if the government is the one breaking the rules, who’s going to enforce it?

If your name was one of the half a million in this database, welcome to the dark side of the Information Age.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

Oct 19 2004

My Christmas Wish list

Published by under General

Churches Installing Cell Phone Jammers

I want the mobile version of this for X-mas! I would gleefully go driving down the freeway, cutting the connections of all those idiots out there paying more attention to their cell phones than their driving.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

Oct 19 2004

Shut down those unused services

Published by under Simple Security

Samhain Labs | internet services

Once again the joatBlog led me to a really good article.

I’ve already shut down all unnecessary services on my Internet facing servers, but using the basic techniques in this article, I was reminded of another service I had added to my systems but no longer use. Scared me for a moment or two when I saw a service running on an unfamiliar port, until I figured out what it was.

This is rather old, basic, stuff, but that’s usually what fouls people up. They forget the basics.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

Oct 18 2004

Using DD to clone a HD

Published by under General

One of my co-workers was asking which product I would use to clone an old hard drive to a newer, faster hard drive. He was going to go out and buy Ghost for $60, but after thinking about it for a while, I suggested he try using the *nix dd command. The dd command is what is always suggested when backing up a hard drive for forensics analysis, so I figured it should work fine for cloning a drive. We also gave him a Knoppix CD to boot to for the effort.

The best explanation I found (with the minimal research I did) was from the Berkman Geekroom Blog. I’m copying the whole article to the extended entry, since this site hasn’t been updated more than a dozen times this year, and I’d hate to lose the information.

Continue Reading »

4 responses so far

Oct 18 2004

Complexity breeds mistakes

Published by under Firewall

A Quantitative Study of Firewall Configuration Errors

This study shows what most people would intuitively think: complex firewall rules are more prone to errors than simple firewall rules. Unluckily, writing and maintaining a ruleset in the real world tends towards complexity due to special needs and size of an organization. It’s easy for me to keep the ruleset on my home firewall simple, but when you take into account the complexity of running a business on the Internet, a small ruleset just isn’t going to cut it for most businesses.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off

Next »