Network Security Blog

My DSL connection is pretty good, in fact it’s about as good as you can get in my area, and for the last few years it’s been more than enough to handle the traffic to my blog as well as all of the online radio I listen to and the MMRPG I play. But now that I’ve started podcasting as well as blogging, it’s not enough. So I’ve opened an account with Liberated Syndication or Libsyn as it’s usually called. At $5 for 100 MB worth of files on their site, I figured it was worth the money and then some.

I’ve already gone back to the previous podcast entries and pointed them to the files on Libsyn. In my own non-scientific tests, the download from Libsyn is four or five times faster than anything I’d ever see from my own network. I’m going to keep an eye on the feeds for a few days, but given the number of other podcasters that use Libsyn, I’m not anticipating any immediate problems. If you had any problems downloading before, please give the feeds a try now they’ve been moved to their new home.

Network Security Podcast, Episode 1, November 15, 2005

Network Security Podcast, Episode 2, November 22, 2005

O3: The Open Source Enterprise Data Networking Magazine

Check out the first issue of 03 magazine when you get a chance. There are several very good articles in the mix. I liked the article ‘Deploying Wifidog Captive Portal’ best. Why spend all the money to purchase a enterprise level wireless solution when you can accomplish the same thing with a $70 Linksys router and a little hard work?

Linux Security – Securing and Hardening Linux Production Systems (Linux Security Cookbook / HOWTO / Guide)

This is a great article with a lot of useful information on securing your Linux boxes. For me, it was worth reading if only for the portions on setting up password standards, like aging and complexity enforcement. The only thing I’d add to this is remote log storage with something like syslog-ng.

deseretnews.com | Utahn tries new tack in battle over Net porn

Besides the fact that this looks like digital smoke and mirrors, Ralph Yarro’s idea of protecting our children by mandating porn to a specific port will never work. First, it doesn’t take into account the tremendous number of systems outside the sphere of incluence controlled by the US. In other words, a server in Asia or Europe is still going to serve up porn however it likes.

The second issue is two fold: people offering porn are going to find ways around this technology, and kids wanting to access porn are too. Trying to keep a teenage boy from porn is nearly impossible. Both groups are going to find ways to get to the other, and this technology looks like it’s just one more minor obstacle.

My thought on the issue of porn and children remains the same it always has been: raise your children right and teach them it’s wrong. Don’t try to legislate your role as a parent. It doesn’t work.

I’ve been working on setting up syslog-ng on a couple of systems recently, and kept running into the same issue: it couldn’t find the eventlog.pc and suggested I change the PKG_CONFIG_PATH to include the path. I spent a good part of last Wednesday banging my head against the computer, but I guess a good, long weekend off helped with my thought processes. The solution was incredibly simple:

export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig

Whole thing compiles fine now.

By the way, here are two links that might help if your looking at setting up syslog-ng:

Balabit IT LTD, the creators of syslog-ng.
CERT-IN, Implementation of Central Loggin Server using syslog-ng
Edited to add one more resource
Campin DOT Net Syslog-ng FAQ

Documentation – Free60

Take a look at some of the measures Microsoft has put in place the keep people from hacking the Xbox 360. this may be what ‘trusted computing’ will look like if Microsoft gets it’s way in the future. And if it is, I’ll be switching to a Mac.

I have to wonder if securing the Xbox console is worth all the effort Microsoft is putting into it. What does it gain them? Is pirating of the Xbox software so rampant that they’ve got to go to these extremes? I somehow doubt it. And I doubt it’ll be successful in the long run. I’m willing to bet someone will figure out how to hack it before the end of the year.

I’m not sure why this should surprise anyone; hackers are now attacking the tools we use to keep ourselves secure. Hackers have been trying, and succeeding, to attack anti-virus and anti-spyware products for quite a while. Attacks against backup software are a bit newer, but are getting a lot of attention simply because there have been more vulnerabilities found in backup products lately.

It only makes sense that hackers would be looking for holes in the security tools we use on a daily basis. After all, if you do a virus scan of your system and your AV product shows that you’re okay, your going feel secure. Why dig any deeper? And if the hacker can get their tools in that deeply, they can operate freely. And if they can attack your backup software, they can get a copy of every piece of information you ever produced.

A Proof of Concept (PoC) exploit has been released targeting Microsoft patch MS05-051. This exploit targets the MSDTC service and may enable a remote code execution. So far there doesn’t appear to be a virus or worm taking advantage of this exploit, but I’m sure there will be in the next couple of days.

What I have to wonder is why anyone would have port 3372 open to the outside world? There aren’t any services running on this port that a sane systems administrator would want exposed to the outside world. I guess that once again, it’s going to be the sort of user who hooks their computer directly to the Internet and can barely spell firewall that is going to allow this exploit to be used in the wild. Did you help protect your family’s computers over the weekend like I suggested?

I’ve been hearing a lot about Ecto, so I thought I’d try it out. It’s basically a program that’s supposed to let you create your blog entries in a word processor sort of environment. I’ve been doing all of my blogging using the MovableType web based tools for so long it feels really strange to be doing it through something else for a change. I have to say that it’s kind of nice to leave a lot of the formatting and hyperlinks to some program, since I usually do them by hand.

Oh yeah, about a computer free Thanksgiving: I didn’t make it. In fact, I only lasted about 4 hours before I had to go check my email and server status. I am weak. Maybe I can make Christmas a computer free holiday. Yeah, right.

EPIC West: Electronic Privacy Information Center West Coast Office: Hoofnagle’s Consumer Privacy Top 10

Chris Hoofnaggle has written an excellent list on protecting your privacy. I’m already doing most of these, but Number 7 really surprised me. I wasn’t aware that my children’s school had the right to sell my kids information to marketeers. I have a real problem with number 8, since I use several different customer loyalty programs.

One thing I do that’s not on the list is I usually only give my cell phone number as contact information to businesses. I have a lot more of my identity wrapped up in my home phone number than I do in my cell phone number. I’ve had the landline number for 15+ years, and the cell for about five or six. Do you have any hints to add to Chris’s list?