By Matt Fahrner, on July 11th, 2011% In theory if the world were filled we universally good people, “bitly” and “TinyURL.com“, which given long URLs provide short ones, are a great idea. However whenever I get one I find that I’m frankly terrified to click on them.
Why?
Because while they could be going someplace useful, they could also be going to . . . → Read More: Why I hate tiny-fied URLs…
By Matt Fahrner, on March 24th, 2011% This failure of the trusted Certificate Authority (CA) “Comodo”:
http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/
highlights something that is becoming more apparent:
SSL certificates probably aren’t worth the bits they’re printed on.
Forgetting that there is a fairly regular stream of issues with the authorities, companies like GoDaddy issue certificates for all of $12 with nearly . . . → Read More: SSL certs – probably not worth the bits they’re printed on…
By Matt Fahrner, on March 12th, 2011% If you get something like this in your Cisco’s IOS firewall log:
Mar 12 15:05:33 192.168.1.1 3129: 003121: *Mar 12 15:03:03.195 EST: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:525214740 1415 bytes is out-of-order; expected seq:525170856. Reason: TCP reassembly queue overflow – session 192.168.1.5:53022 to 208.79.250.63:80 on zone-pair ccp-zp-in-out class ccp-protocol-http
sometimes accompanied by hangs in . . . → Read More: Zone Firewall TCP reassembly size
By Matt Fahrner, on December 7th, 2010% This seems to be a useful location to find security tools:
http://www.proactiverisk.com/links
Everything including the kitchen sink!
By Matt Fahrner, on November 18th, 2010% That a deadly virus would escape from the military possibly causing zombies:
http://www.cnn.com/2010/TECH/web/11/17/stuxnet.virus
He was just wrong that humans would be the target.
By Matt Fahrner, on May 11th, 2010% Well, researchers have devised a way around most modern anti-virus software. Yet another example of, “With friends like these, who needs enemies.”
Again, I know “security by obscurity” is false security, but it’s not like the bad guys need as much help as they’re getting!
By Matt Fahrner, on March 9th, 2010% Completely different from Cisco IOS, so hard to remember:
Log into the PIX/FWSM and go to “enable” mode. Do a “who”:
|
fwsm# who 0: 192.168.100.80 2: 192.168.100.5 |
Choose the IP of the session you want to kill and grab the number. In this case I want to kill the “192.168.100.5” session, so I want “2”. Then kill it:
The . . . → Read More: How to kill a session on a Cisco PIX/FWSM
By Matt Fahrner, on March 4th, 2010% ComputerWorld has published a good Blackberry security primer here:
http://www.computerworld.com/s/article/9165238/Five_tips_to_keep_your_Blackberry_safe
I highly recommend all Blackberry owners read it.
By Matt Fahrner, on August 6th, 2009% This brings up a sort of interesting if not chilling thought in the world of security, particularly for large organizations:
Mozilla shuts online store after security breach
The title of this entry, which I’ve included verbatim, is important.
To me when I read it, I’m reading “Mozilla has a problem”, or “Mozilla . . . → Read More: Rubber Or Glue, It Still Sticks…
By Matt Fahrner, on August 3rd, 2009% Here is yet another example of how the “good guys” are figuring out ways to subvert security to “help” us:
http://www.h-online.com/security/Bootkit-bypasses-hard-disk-encryption–/news/113884
Basically Peter Kleissner, a young and clearly very smart university student, has figured out how to inject a bootkit in front of TrueCrypt (an excellent and free encryption product) to subvert its . . . → Read More: Eating ourselves alive…
|
My Resume I've worked in professionally in the systems, networking, security, and programming arenas for the last 25+ years, much of it in leadership or management roles. I am equally comfortable in highly technical “hands on” scenarios as with interacting with executives to drive projects forward.
My resume and other information about my experience can be found here and here.
Caveat Emptor The views expressed here are strictly my own and do not represent those of my employer, its officers, nor any other organization.
|