BankInfo Ramnit Article

Tracy Kitten at BankInfo has an interesting article about the Ramnit worm which is worthy of a read (even I would say by the general public). Ramnit is particularly pernicious because:

Ramnit’s man-in-the-middle looks like an actual social-media or bank-account sign-in page that captures a user’s ID and password, and sometimes other personal information en . . . → Read More: BankInfo Ramnit Article

Why I hate tiny-fied URLs…

In theory if the world were filled we universally good people, “bitly” and “TinyURL.com“, which given long URLs provide short ones, are a great idea. However whenever I get one I find that I’m frankly terrified to click on them.

Why?

Because while they could be going someplace useful, they could also be going to . . . → Read More: Why I hate tiny-fied URLs…

SSL certs – probably not worth the bits they’re printed on…

This failure of the trusted Certificate Authority (CA) “Comodo”:

http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/

highlights something that is becoming more apparent:

SSL certificates probably aren’t worth the bits they’re printed on.

Forgetting that there is a fairly regular stream of issues with the authorities, companies like GoDaddy issue certificates for all of $12 with nearly . . . → Read More: SSL certs – probably not worth the bits they’re printed on…

Zone Firewall TCP reassembly size

If you get something like this in your Cisco’s IOS firewall log:

Mar 12 15:05:33 192.168.1.1 3129: 003121: *Mar 12 15:03:03.195 EST: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:525214740 1415 bytes is out-of-order; expected seq:525170856. Reason: TCP reassembly queue overflow – session 192.168.1.5:53022 to 208.79.250.63:80 on zone-pair ccp-zp-in-out class ccp-protocol-http

sometimes accompanied by hangs in . . . → Read More: Zone Firewall TCP reassembly size

The kitchen sink of security tools…

This seems to be a useful location to find security tools:

http://www.proactiverisk.com/links

Everything including the kitchen sink!

Apparently George Romero was right…

That a deadly virus would escape from the military possibly causing zombies:

http://www.cnn.com/2010/TECH/web/11/17/stuxnet.virus

He was just wrong that humans would be the target.

Another case of “With friends like these…”

Well, researchers have devised a way around most modern anti-virus software. Yet another example of, “With friends like these, who needs enemies.”

Again, I know “security by obscurity” is false security, but it’s not like the bad guys need as much help as they’re getting!

How to kill a session on a Cisco PIX/FWSM

Completely different from Cisco IOS, so hard to remember:

Log into the PIX/FWSM and go to “enable” mode. Do a “who”:

Choose the IP of the session you want to kill and grab the number. In this case I want to kill the “192.168.100.5” session, so I want “2”. Then kill it:

The . . . → Read More: How to kill a session on a Cisco PIX/FWSM

A good Blackberry security primer…

ComputerWorld has published a good Blackberry security primer here:

http://www.computerworld.com/s/article/9165238/Five_tips_to_keep_your_Blackberry_safe

I highly recommend all Blackberry owners read it.

Rubber Or Glue, It Still Sticks…

This brings up a sort of interesting if not chilling thought in the world of security, particularly for large organizations:

Mozilla shuts online store after security breach

The title of this entry, which I’ve included verbatim, is important.

To me when I read it, I’m reading “Mozilla has a problem”, or “Mozilla . . . → Read More: Rubber Or Glue, It Still Sticks…