Archive for June, 2008
Author: Dave Lewis
June 30, 2008 at 8:11 pm · Filed under Intrusion Detection, Tools
Marty Roesch and company have just announced the release of Snort 3.0 beta.
From Snort.org:
We’re pleased to introduce our first beta release built on the new Snort 3.0 architecture. The Snort 3.0 architecture consists of two primary components: a software platform called the Snort Security Platform (SnortSP) 3.0, which is shipping in beta form in this release, and traffic analysis engine modules that plug into SnortSP. This beta test release contains one engine module which contains the Snort 2.8.2 detection engine implemented as a SnortSP engine module. SnortSP is an open-source platform for running packet-based network security applications. It provides many of the common functions required by programs that deal with packet processing such as configuration loading, event generation and traffic logging, data acquisition, protocol decoding and validation, flow management, and more.
They provide you an opportunity to provide feedback on the beta release as well “sspneta SHIFT 2 sourcefire D0T com”.
Downloading my copy now.
Article Link
Author: Dave Lewis
June 30, 2008 at 9:49 am · Filed under Defacement
Well, I have to admit I only just saw this one this morning. Since it’s a long weekend(ish) here in Canada I wasn’t planning on updating the site until Wednesday. This one is something worth sharing. I figured I’d pass it along.
A group calling itself “NetDevilz” defaced the homepages for ICANN & IANA.
Ouch.
From Websense:
Websense® Security Labs™ has received reports that the official website of ICANN and IANA Domains have been hijacked by a Turkish group called “NetDevilz”. ICANN and IANA are responsible for the Internet Protocol (IP) address space allocation, protocol identifier assignment, generic (gTLD) and country code Top Level Domain Name System management, and root server system management functions.
For the full advisory please read on.
Article Link
For more on this check out Dancho Danchev’s posting on his site.
Author: Dave Lewis
June 26, 2008 at 7:54 am · Filed under Dumbass, Email, Politics
This is by far one of the more asinine things I have read in a while and speaks volumes to lunacy in the White House. The WH refused to open an email that was sent by the EPA because they disagreed with the conclusion that greenhouse gases are pollutants.
So, they played three monkeys and said, “la la la, I can’t see it. la la la” (not an exact quote) But, that’s not where the absurdity ends. The EPA could have sent a printed copy and that would have been the end of it.
Nope.
Instead they rewrote the conclusions to make more palatable for the dunking bird-set. Email has always been a best effort tool that has morphed into business critical function over the years. But, to say they wouldn’t open an email…wow. Remember folks, if you are a Republican or Democrat be sure to VOTE. You have a responsibility.
From NY Times:
Over the past five days, the officials said, the White House successfully put pressure on the E.P.A. to eliminate large sections of the original analysis that supported regulation, including a finding that tough regulation of motor vehicle emissions could produce $500 billion to $2 trillion in economic benefits over the next 32 years. The officials spoke on condition of anonymity because they were not authorized to discuss the matter.
Both documents, as prepared by the E.P.A., “showed that the Clean Air Act can work for certain sectors of the economy, to reduce greenhouse gases,” one of the senior E.P.A. officials said. “That’s not what the administration wants to show. They want to show that the Clean Air Act can’t work.”
November can’t come soon enough.
Article Link
Author: Dave Lewis
June 26, 2008 at 7:44 am · Filed under Privacy
Survey says…(insert buzzer noise)
Faith in the (UK) gov’s ability to securely manage personal data is out the window.
From Reuters:
The inquiries followed Britain’s biggest data loss scandal, when two discs containing child benefit records, including names, addresses and bank details, of some 25 million people, went missing after being put in the post by a junior employee.
The reports concluded that it wasn’t individuals who were to blame - some 30 were officials played some role in events leading to the loss of the discs - but institutional and systematic failures at Britain’s tax authority.
But the HMRC is not alone in such security breaches. A separate report into a stolen laptop containing the details of 600,000 potential recruits revealed similar failings at the Ministry of Defence. In all, four MoD computers had been stolen since 2004 and the report said the MoD was probably in breach of several principles set out in the Data Protection Act.
Well, where do you stand? Do you trust your respective government not to punt on data security?
Read on.
Article Link
Author: Dave Lewis
June 26, 2008 at 7:33 am · Filed under Security Mgmt
This seems to a well intentioned but, misguided attempt by the Office of Management and Budget. They are attempting to establish minimum requirements for professional certification for IT workers.
Hmm.
From GCN:
“This is a change we have not faced in the IT security industry before,” he added.
The closest parallel has been in the Defense Department, which anticipated OMB’s reaction in this area. DOD’s Directive 8570 on information assurance, approved in December 2005, requires all of the department’s information assurance workers to obtain an accredited commercial certification in computer security. DOD has approved 13 certifications for the directive.
The DOD requirement already has thrown what one conference attendee called a giant monkey wrench into the IT security manpower market.
“If OMB issues a similar requirement, it’s going to throw the supply and demand curve even more out of balance,” he said.
Datesman agreed, saying it probably would take years for the supply of certified workers to catch up with demand. A CISSP certification requires five years’ experience. “You don’t mint them out of college,” he said.
OK, this is where this trolley leaves the track. I have met CISSP certified folks that I would wager they’d be lucky to fight their way out of a wet paper bag. “Don’t mint them out of college” is a phrase that I’d argue. I would offer that the ISC2 should start auditing certified members. The validity of the CISSP cert is becoming diluted in the eyes of the market.
A picture is worth a thousand words.
It’s great for the mandatory HR tick box but, how many of these folks actually have the ability? Sure they can memorize some flash cards and pass a test but, are they effective? Some, not so much.
On the face of it this is a good idea.
Like all good intentions, they make great paving stones on the road to hell.
Article Link
Author: Dave Lewis
June 25, 2008 at 2:28 pm · Filed under Administravia
Sorry for the lack of updates today. Our backend database cluster decided to fall on its sword this morning and we’re cleaning up the mess. We’ll be updating content again tomorrow first thing. Unless of course I happen to I feel froggy after work then I’ll tackle some updates.
Thanks for the emails. All is well.
Nothing to see here. Move along.
Author: Dave Lewis
June 24, 2008 at 5:48 am · Filed under Vulnerability
Well, Adobe is in the news again this morning with the release of another patch to address a remote access problem.
From Secunia:
Description:
A vulnerability has been reported in Adobe Reader/Acrobat, which potentially can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to an error in the implementation of an unspecified JavaScript method and can be exploited to cause a crash or potentially execute arbitrary code via a specially crafted PDF file.
NOTE: The vulnerability is reportedly being exploited in the wild.
Note the ‘note’. This one is getting pwned as we speak.
Article Link
Author: Dave Lewis
June 24, 2008 at 5:45 am · Filed under Spam/Phishing, Telecom
From the BBC:
The net could see its biggest transformation in decades if plans to open up the address system are passed.
The net’s regulators will vote on Thursday to decide if the strict rules on so-called top level domain names, such as .com or .uk, can be relaxed.
If approved, it could allow companies to turn their brands into domain names while individuals could also carve out their own corner of the net.
The move could also see the launch of .xxx, after years of wrangling.
The part I find funny is the number of politicians that think having a .xxx domain will cordon off sexually oriented websites from the rest of the web.
The move could yet be blocked as the independent arbitration panel can reject domains based on “morality or public order” grounds.
Morality on the Internet. Hmmm, ok.
Article Link
Next entries »
