Sunday, August 28, 2005

TIME.com: The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) -- Sep. 05, 2005 -- Page 1

The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) -- Sep. 05, 2005 -- Page 1:


The most secure networks in the world are easily hacked by foreign states - how are businesses to secure themselves? If security is but an illusion, then American businesses must do better to expand business continuity and disaster recovery planning to deal with the real risk of economic terrorism. -Bryan

Friday, August 19, 2005

Exploit for unpatched IE vuln fuels hacker fears | The Register

http://www.theregister.co.uk/2005/08/19/0day_ie_exploit_fears/ "Microsoft is investigating an IE security bug amid fears that a hacker attack based on the vulnerability is imminent. A flaw in Microsoft DDS Library Shape Control COM object (msdds.dll) is at the centre of the security flap."


This problem may be partially mitigated by blocking activeX at the perimeter until there is a patch/architecture fix from M$. Now, if the exploit comes in via HTTPS (secure tunnel) forget scanning for it - I know of only one company that makes an HTTPS scanning transparent firewall at this time...not Fortinet, not Cisco, not Checkpoint...

It may be that Finjan would stand a chance at stopping upcoming exploits that are 0-day, beating the AV community to the punch...we'll see.

Still, I recommend stopping ActiveX at the border preemptively.

Thursday, July 14, 2005

Apache Security - The Complete Guide to Securing Your Apache Web Server

Apache Security - The Complete Guide to Securing Your Apache Web Server: "This all-purpose guide for locking down Apache arms readers with all the information they need to securely deploy applications. Administrators and programmers alike will benefit from a concise introduction to the theory of securing Apache, plus a wealth of practical advice and real-life examples. Topics covered include installation, server sharing, logging and monitoring, web applications, PHP and SSL/TLS, and more."


This book is a must read for anyone who maintains web security, and not just for Apache/PHP admins. The security topics and concepts are applicable in whatever environment you are maintaining. And go add Ivan Ristic's blog to your RSS feeds to stay up to date
http://www.modsecurity.org/blog/


Stay Secure! -Bryan

Tuesday, June 07, 2005

Personal Data for 3.9 Million Lost in Transit - New York Times

Personal Data for 3.9 Million Lost in Transit - New York Times: "CitiFinancial has begun sending letters to all 3.9 million customers advising them of the loss and offering them 90 days of free enrollment in a credit-monitoring service. Other institutions with data-loss problems have also offered free credit-monitoring services, some for as long as a year."


I think that 90 days is a joke and that a couple of years is the least that CitiFinancial should offer, since identity theft is not a temporary condition.

Since it is not mentioned in this article, I am assuming that this data was transported in an un-encrypted form.

-Bryan

Monday, April 25, 2005

Bart's Preinstalled Environment (BartPE) bootable live windows CD/DVD

Bart's Preinstalled Environment (BartPE) bootable live windows CD/DVD: "What is BartPE and PE Builder?

Bart's PE Builder helps you build a 'BartPE' (Bart Preinstalled Environment) bootable Windows CD-Rom or DVD from the original Windows XP or Windows Server 2003 installation/setup CD, very suitable for PC maintenance tasks.

It will give you a complete Win32 environment with network support, a graphical user interface (800x600) and FAT/NTFS/CDFS filesystem support. Very handy for burn-in testing systems with no OS, rescuing files to a network share, virus scan and so on.
This will replace any Dos bootdisk in no time!"

I have been using various methods over the years to recover, debug, crack, and fix Windows systems, and I think that Bart has created a very useful tool that all admins should learn to use before they are under the gun to get a sytem back into operation. Combine this Windows Live-CD with your in-house tools like Ghost, Mcafee/Trend/SymantecAV, Winternals/Sysinternals, etc., and you will be the hero of the day. -Bryan

Carjackers swipe biometric Merc, plus owner's finger | The Register

Carjackers swipe biometric Merc, plus owner's finger | The Register: "Carjackers swipe biometric Merc, plus owner's finger
By John Lettice
Published Monday 4th April 2005 13:52 GMT

A Malaysian businessman has lost a finger to car thieves impatient to get around his Mercedes' fingerprint security system. Accountant K Kumaran, the BBC reports, had at first been forced to start the S-class Merc, but when the carjackers wanted to start it again without having him along, they chopped off the end of his index finger with a machete."

Security designs must always prioritize the security of personnel over the security of objects...-Bryan

Tuesday, March 15, 2005

SecurityFocus HOME Infocus: WEP: Dead Again, Part 2

SecurityFocus HOME Infocus: WEP: Dead Again, Part 2: "
WEP: Dead Again, Part 2
by Michael Ossmann
last updated March 8, 2005
Introduction
In part one we examined the latest generation of passive WEP cracking tools that use statistical or brute force techniques to recover WEP encryption keys from captured wireless network traffic. This time, in the second and final article, we take a look at active tools that use 802.11 transmissions to attack WEP networks."

If you thought that you could keep your WEP secure...read this and think again. Keep your WiFi in its own DMZ and consider its traffic an open book. -Bryan