| |
Current Topic: Computer Security |
|
Secure Interaction Design |
|
|
Topic: Computer Security |
6:42 pm EST, Dec 4, 2002 |
] "Explicit Authorization. A user's authorities must only ] be provided to other actors as a result of an explicit ] user action that is understood to imply granting. " Marking this for my own later reference. Secure Interaction Design |
|
WatchGuard rolls out high-availability upgrade |
|
|
Topic: Computer Security |
12:28 pm EST, Nov 18, 2002 |
] "Recent software upgrades to certain WatchGuard VPN ] appliances gives customers the ability to pair the ] machines so they share packet processing, and if one ] device fails the other can pick up the entire load." Geez....Finally! WatchGuard rolls out high-availability upgrade |
|
Sun, Check Point join forces |
|
|
Topic: Computer Security |
12:28 pm EST, Nov 18, 2002 |
] "Sun this week is scheduled to introduce a bundle of its ] server hardware with Check Point Software technology to ] create firewall/VPN appliances that, at the high end, are ] suitable for protecting data centers. ] Dubbed the Sun LX50 VPN-Firewall Appliance Secured by ] Check Point Software, the gear comes with either one or ] two processors to offer a range of throughput up to a 2G ] bit/sec firewall or 640M bit/sec VPN encryption, fast ] enough to filter and encrypt traffic in and out of ] corporate data centers. " Sun, Check Point join forces |
|
Many still vulnerable to OpenSSL bug |
|
|
Topic: Computer Security |
6:13 pm EST, Nov 15, 2002 |
Analysis on number of systems still vulnerable to OpenSSL bug. Many still vulnerable to OpenSSL bug |
|
The Peon's Guide To Secure System Development |
|
|
Topic: Computer Security |
3:12 pm EST, Nov 15, 2002 |
This isn't meme'ed yet. It needs to be. One man's rant on how to fix poor development. A dry wit yields some tastey little chuckles. The Peon's Guide To Secure System Development |
|
High Availability OpenBSD pf Firewalls! |
|
|
Topic: Computer Security |
2:24 pm EST, Oct 31, 2002 |
Roll your own. Firewalls are going to be crushed in the next couple of years by robust opensource competition. [Hijexx: Excellent work, wow... BSD licensed active/active with the IPSEC flexibility of a NetScreen or a PIX would *KILL* Check Point dead. Oh yeah, and we'd finally get CHAINS!!! :) ] [Rek: Actually, it seems like dropped connections aren't a big connection. Most people will live with this as long as they can reconnect and everything is running. It only seems like certain kinds of usage (e.g. financial transactions) require full state failover. ] High Availability OpenBSD pf Firewalls! |
|
Practical Covert Channel Attack Using MAPI |
|
|
Topic: Computer Security |
1:46 pm EDT, Oct 17, 2002 |
This article describes how your mail system can be exploited so as to provide a covert communications channel between an aggressor and their proxy in your midst. A channel whereby commands can be sent to your computer, and information returned from your computer, but you, the user are unable to see the traffic, albeit that such exchanges are happening as you use the computer quite normally.
Practical Covert Channel Attack Using MAPI |
|
Intrusion Response Paper with Substance |
|
|
Topic: Computer Security |
12:41 pm EDT, Oct 15, 2002 |
Type "Intrusion Response Procedure" into google and you're likely to get nothing. Just lots of references to "you should create an IRP, blah, blah, blah..." Well, I found a reasonable paper. Here it is. Intrusion Response Paper with Substance |
|