Tuesday, April 08, 2003

ISS Internet Risk Impact Summary Published

This Register story alerted me to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 publication of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 latest ISS Internet Risk Impact Summary. It's a 16 page doc describing what ISS has seen in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last three months.

Monday, April 07, 2003

New Samba Vulnerability?

Slashdot is running a thread on a new Samba vulnerability which Digital Defense discovered. This comment by Jeremy Allison of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Samba team is one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best reasons why event-based IDS data can fail, and should be reinforced by collecting session and full content data. He's responding to a challenge to prove he has unreleased exploits for Microsoft SMB/CIFS:


If you put one of your Windows servers on a network
I had access to I would be able to show you. I will
not release cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 code publicly (for obvious reasons).
Knowledge of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se bugs would allow worms/viruses to
utterly cripple Microsoft based corporate networks.


If you choose not to believe me without exploit code
cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n that's up to you, but I will not act in an
unprofessional way to prove a point.


Jeremy Allison,
Samba Team.

Sunday, April 06, 2003

Cisco Network Infrastructure Design

I stay alert for good resources on network infrastructure design. I found cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Cisco web site. Of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 documents listed here, I thought cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se looked intriguing:




It's also a good idea to visit Cisco's SAFE site and read SAFE: A Security Blueprint for Enterprise Networks document and SAFE Blueprint for Small, Midsize, and Remote-User Networks.

Saturday, April 05, 2003

Stegtunnel New Release

PacketStorm alerted me to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 newest release of stegtunnel. As a network security analyst, I like to keep an eye out for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se sorts of tools. I'll test it when I have time. This tool also manipulates cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IP ID field, just as Craig Rowland's covert_tcp program did in 1996. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 stegtunnel description:


Stegtunnel is a tool written to hide data within TCP/IP header fields. It was designed to be undetectable, even by people familiar with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 tool. It can hide cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 data underneath real TCP connections, using real, unmodified clients and servers to provide cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 TCP conversation. In this way, detection of odd-looking sessions is avoided. It provides covert channels in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 sequence numbers and IPIDs of TCP connections.

FreeBSD 4.8 Released

FreeBSD 4.8 was released late Thursday night. FreeBSD 5.1 is scheduled for release 2 Jun 03. I'm looking forward to reading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fourth edition of The Complete FreeBSD, hopefully later this month.

Friday, April 04, 2003

Removing Content from Google

A FIRST post alerted me to this article on Removing Your Materials from Google. For example:


if you want your materials removed right away, you can use cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 automatic remover at http://services.google.com:8882/urlconsole/controller. You'll have to sign in with an account (all an account requires is an email address and a password). Using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 remover, you can request eicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r that Google crawl your newly created robots.txt file, or you can enter cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 URL of a page that contains exclusionary META tags.

Wednesday, April 02, 2003

Rik Farrow on VLANs

Rik Farrow wrote anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r great article, VLANs: Virtually Insecure?. That same issue of Network Magazine features a product highlight of a XML firewall built by Data Power Technology. I find this interesting because we now have to inspect, filter, and alert on traffic to specific ports like 80 tcp. This happens when developers code multiple protocols for a single port. We already have this problem with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows networking world, where ports 135, 137, 138, and 139 are used for multiple purposes by multiple services. Unfortunately, businesses can't firewall off port 80 to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 world.