Why I hate tiny-fied URLs…

In theory if the world were filled we universally good people, “bitly” and “TinyURL.com“, which given long URLs provide short ones, are a great idea. However whenever I get one I find that I’m frankly terrified to click on them.

Why?

Because while they could be going someplace useful, they could also be going to . . . → Read More: Why I hate tiny-fied URLs…

SSL certs – probably not worth the bits they’re printed on…

This failure of the trusted Certificate Authority (CA) “Comodo”:

http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/

highlights something that is becoming more apparent:

SSL certificates probably aren’t worth the bits they’re printed on.

Forgetting that there is a fairly regular stream of issues with the authorities, companies like GoDaddy issue certificates for all of $12 with nearly . . . → Read More: SSL certs – probably not worth the bits they’re printed on…

Zone Firewall TCP reassembly size

If you get something like this in your Cisco’s IOS firewall log:

Mar 12 15:05:33 192.168.1.1 3129: 003121: *Mar 12 15:03:03.195 EST: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:525214740 1415 bytes is out-of-order; expected seq:525170856. Reason: TCP reassembly queue overflow – session 192.168.1.5:53022 to 208.79.250.63:80 on zone-pair ccp-zp-in-out class ccp-protocol-http

sometimes accompanied by hangs in . . . → Read More: Zone Firewall TCP reassembly size

The kitchen sink of security tools…

This seems to be a useful location to find security tools:

http://www.proactiverisk.com/links

Everything including the kitchen sink!

Apparently George Romero was right…

That a deadly virus would escape from the military possibly causing zombies:

http://www.cnn.com/2010/TECH/web/11/17/stuxnet.virus

He was just wrong that humans would be the target.

Another case of “With friends like these…”

Well, researchers have devised a way around most modern anti-virus software. Yet another example of, “With friends like these, who needs enemies.”

Again, I know “security by obscurity” is false security, but it’s not like the bad guys need as much help as they’re getting!

How to kill a session on a Cisco PIX/FWSM