Happy 40th to the epoch
That is all.
Read More Happy 40th to the epochSysAdmin
Who Watches the FUD Watcher?
In this week’s CSO Online, Bill Brenner writes about the recent breaks at Kaspersky Labs and F-Secure. You can tell his opinion from the title alone, “Security Vendor Breach Fallout Justified” in his ironically named “FUD watch” column. Brenner watched the FUD as he spreads it. He moans histrionically, When security is your company’s business,…
Read More Who Watches the FUD Watcher?The Hazards of Not Using RFC 1918
RFC 1918 is a best-current-practicies RFC that describes network address ranges that we all agree we won’t use globally. They get used for private networks, NAT ranges and so on. There are three ranges: 10.0.0.0 to 10.255.255.255 172.16.0.0 to 172.31.255.255 192.168.0.0 to 192.168.255.255 They are thus the Internet equivalent of the American phone system not…
Read More The Hazards of Not Using RFC 1918Brightening up the day from an unexpected place
I would estimate that 2/3 of the calls I get are from people trying to sell me things I neither need nor want. Of those, over half are outsourcing services. Of the remainder, recruiters are over half. There are also people who call me for their services once a week. There’s one particular outsourcing firm…
Read More Brightening up the day from an unexpected placeThere’s got to be an IT secret handshake
I’ve been in the hotel I am in for over a week now. It is a European hotel that has wireless, and you have to get an access card and type a six-character string into an access web page. That authenticates you, and you can go. The problem I have today is that I can…
Read More There’s got to be an IT secret handshakeSplunk'd?
I have been playing with Splunk, for about 45 minutes. So far, I like it. I’ve previously been exposed to Arcsight, but what I have more of an affinity for psychologically is not so much a correlation engine, but a great visualization tool that automagically can grok log formats without making me write a hairy…
Read More Splunk'd?Security Through Stupidity
In my last post on security, I promised a tale, and I ought to deliver on that before it becomes nothing more than a good intention. Some time ago, so long ago that it no longer matters, I bought a piece of network stereo equipment. It was one of these little boxes that lets you…
Read More Security Through StupidityHolding a Lighted Brand up to Damage
Adam comments on some breach commentary, and quotes Nick Owen saying that breaches are a sign of incompetence. I can’t let this stand un-commented-upon. I believe that that is a dangerous comment, and one that needs to be squashed early. It’s like saying that a bug tracking system with lots of bugs in it is…
Read More Holding a Lighted Brand up to DamageDepartment of pre-blogging, II
A bit of background. Sun recently got hit with a 0-day that was 13 years in the making, by seemingly repeating a coding worst practice that bit AIX back in 1994 — trusting environment variables under the control of an attacker. A slightly more complex variant bit Solaris’ telnetd in 1995. From the advisory (NSFW)…
Read More Department of pre-blogging, IIParty like it's 1994
A 0-day in Solaris {10,11} telnetd is reported. SANS has some details. Anyone who remembers the AIX “rlogin -froot” vuln will appreciate this one. (h/t to KK on this one)
Read More Party like it's 1994