|
|||||
|
In theory if the world were filled we universally good people, “bitly” and “TinyURL.com“, which given long URLs provide short ones, are a great idea. However whenever I get one I find that I’m frankly terrified to click on them. Why? Because while they could be going someplace useful, they could also be going to . . . → Read More: Why I hate tiny-fied URLs… This failure of the trusted Certificate Authority (CA) “Comodo”: http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/ highlights something that is becoming more apparent: SSL certificates probably aren’t worth the bits they’re printed on. Forgetting that there is a fairly regular stream of issues with the authorities, companies like GoDaddy issue certificates for all of $12 with nearly . . . → Read More: SSL certs – probably not worth the bits they’re printed on… If you get something like this in your Cisco’s IOS firewall log: Mar 12 15:05:33 192.168.1.1 3129: 003121: *Mar 12 15:03:03.195 EST: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:525214740 1415 bytes is out-of-order; expected seq:525170856. Reason: TCP reassembly queue overflow – session 192.168.1.5:53022 to 208.79.250.63:80 on zone-pair ccp-zp-in-out class ccp-protocol-http sometimes accompanied by hangs in . . . → Read More: Zone Firewall TCP reassembly size This seems to be a useful location to find security tools: http://www.proactiverisk.com/links Everything including the kitchen sink! That a deadly virus would escape from the military possibly causing zombies: http://www.cnn.com/2010/TECH/web/11/17/stuxnet.virus He was just wrong that humans would be the target. Well, researchers have devised a way around most modern anti-virus software. Yet another example of, “With friends like these, who needs enemies.” Again, I know “security by obscurity” is false security, but it’s not like the bad guys need as much help as they’re getting! Completely different from Cisco IOS, so hard to remember: Log into the PIX/FWSM and go to “enable” mode. Do a “who”:
Choose the IP of the session you want to kill and grab the number. In this case I want to kill the “192.168.100.5” session, so I want “2”. Then kill it:
The . . . → Read More: How to kill a session on a Cisco PIX/FWSM ComputerWorld has published a good Blackberry security primer here: http://www.computerworld.com/s/article/9165238/Five_tips_to_keep_your_Blackberry_safe I highly recommend all Blackberry owners read it. This brings up a sort of interesting if not chilling thought in the world of security, particularly for large organizations: Mozilla shuts online store after security breach The title of this entry, which I’ve included verbatim, is important. To me when I read it, I’m reading “Mozilla has a problem”, or “Mozilla . . . → Read More: Rubber Or Glue, It Still Sticks… Here is yet another example of how the “good guys” are figuring out ways to subvert security to “help” us: http://www.h-online.com/security/Bootkit-bypasses-hard-disk-encryption–/news/113884 Basically Peter Kleissner, a young and clearly very smart university student, has figured out how to inject a bootkit in front of TrueCrypt (an excellent and free encryption product) to subvert its . . . → Read More: Eating ourselves alive… |
|||||
|
Copyright © 2023 Matt Fahrner (mattfahrner.com) - All Rights Reserved Powered by WordPress & Atahualpa |
|||||
