SSL certs – probably not worth the bits they’re printed on…

This failure of the trusted Certificate Authority (CA) “Comodo”:

http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/

highlights something that is becoming more apparent:

SSL certificates probably aren’t worth the bits they’re printed on.

Forgetting that there is a fairly regular stream of issues with the authorities, companies like GoDaddy issue certificates for all of $12 with nearly . . . → Read More: SSL certs – probably not worth the bits they’re printed on…

Zone Firewall TCP reassembly size

If you get something like this in your Cisco’s IOS firewall log:

Mar 12 15:05:33 192.168.1.1 3129: 003121: *Mar 12 15:03:03.195 EST: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:525214740 1415 bytes is out-of-order; expected seq:525170856. Reason: TCP reassembly queue overflow – session 192.168.1.5:53022 to 208.79.250.63:80 on zone-pair ccp-zp-in-out class ccp-protocol-http

sometimes accompanied by hangs in . . . → Read More: Zone Firewall TCP reassembly size

The kitchen sink of security tools…

This seems to be a useful location to find security tools:

http://www.proactiverisk.com/links

Everything including the kitchen sink!

Apparently George Romero was right…

That a deadly virus would escape from the military possibly causing zombies:

http://www.cnn.com/2010/TECH/web/11/17/stuxnet.virus

He was just wrong that humans would be the target.

Another case of “With friends like these…”

Well, researchers have devised a way around most modern anti-virus software. Yet another example of, “With friends like these, who needs enemies.”

Again, I know “security by obscurity” is false security, but it’s not like the bad guys need as much help as they’re getting!

How to kill a session on a Cisco PIX/FWSM

Completely different from Cisco IOS, so hard to remember:

Log into the PIX/FWSM and go to “enable” mode. Do a “who”:

Choose the IP of the session you want to kill and grab the number. In this case I want to kill the “192.168.100.5” session, so I want “2”. Then kill it:

The . . . → Read More: How to kill a session on a Cisco PIX/FWSM

A good Blackberry security primer…

ComputerWorld has published a good Blackberry security primer here:

http://www.computerworld.com/s/article/9165238/Five_tips_to_keep_your_Blackberry_safe

I highly recommend all Blackberry owners read it.

Rubber Or Glue, It Still Sticks…

This brings up a sort of interesting if not chilling thought in the world of security, particularly for large organizations:

Mozilla shuts online store after security breach

The title of this entry, which I’ve included verbatim, is important.

To me when I read it, I’m reading “Mozilla has a problem”, or “Mozilla . . . → Read More: Rubber Or Glue, It Still Sticks…

Eating ourselves alive…

Here is yet another example of how the “good guys” are figuring out ways to subvert security to “help” us:

http://www.h-online.com/security/Bootkit-bypasses-hard-disk-encryption–/news/113884

Basically Peter Kleissner, a young and clearly very smart university student, has figured out how to inject a bootkit in front of TrueCrypt (an excellent and free encryption product) to subvert its . . . → Read More: Eating ourselves alive…

Apple iPhone “Jailbreak” FUD

Apple may well have good and fair reasons to keep users from “jailbreaking” their iPhones, however the arguments as presented in the article are just FUD:

http://www.eweek.com/c/a/Midmarket/Apple-Claims-Jailbreaking-iPhones-Could-Crash-Cell-Towers-803734/?kc=EWKNLNAV07312009STR1

If AT&T’s cell network is this vulnerable, we have far greater worries than a little iPhone hacking. After all, Apple’s argument is essentially to keep jailbreaking . . . → Read More: Apple iPhone “Jailbreak” FUD