|
Winny File sharing virus |
PDF |
| Print | |
E-mail |
|
Dateline April 2006: Reported by AP Staffer Carl Freier in Tokyo.
The popular Japanese file-sharing program, Winny; has been targeted by a new piece of malware called Antinny. Antinny locates random files on Winny users' PCs and makes them available on the file-sharing network. Antinny is now the most talked about virus in Japan as it grabs headlines almost daily.
|
|
Read more...
|
|
|
Transparent SSL emulation |
PDF |
| Print | |
E-mail |
|
Israeli startup BreachView has a plugin for Linux that emulates a virtual NIC and provides "transparent SSL emulation". They claim to be selling like hotcakes, I met the CTO at a show a couple weeks ago, and decided to take a closer look - I later discovered that they only support RSA key exchange - a serious limitation. |
|
Read more...
|
|
Free Open Source firewall -Firestarter |
PDF |
| Print | |
E-mail |
|
It's built into Ubuntu 7 and 8 and it's a great way to setup a stateful inspection firewall for zero money and about 15' of your time on any Linux distribution and with hardware that will cost you less than USD 500. |
|
Read more...
|
|
Network vulnerability assessment |
PDF |
| Print | |
E-mail |
Monitoring is often an extremely effective security countermeasure - sophisticated incoming and outgoing content monitoring techniques are at the core of any data leakage prevention solution. There are basically three models for extrusion detection and data leakage prevention:
- AD- Anomaly Detection - describes normal network behavior and flags everything else
- MD- Misuse Detection - describes attacks and flags them directly
- BA - Burglar alarm describes abnormal network behavior (detection by exception)
|
|
Read more...
|
|
Firewall impotency (עברית) |
PDF |
| Print | |
E-mail |
למה הפיירוול שלך פשוט לא עושה את העבודה
אפשר לומר שהתרגלתי שמנכ"לים שואלים אותי למה הם צריכים יותר מפיירוול.
יש פירוולים, כמו ZoneAlarm, המספקים מידה מסויימת של סינון תוכן יוצא. ישנם גם application security firewalls שמספקים יכולת ניהול הרשאה וגישה ליישומים לאינטרנט.
על פניו, כל אלה נראים ככיוונים טכנולוגיים חיוביים.
עם זאת, אם הפיירוול מאפשר לתוכנות כמו אינטרנט אקספלורר לשדר ולקבל נתונים באינטרנט בפורט 80, ואם התוכנה הזו מאפשרת לתוכנות אחרות לשלוט בה, אזי החסימה של הפיירוול היא חסרת ערך. במילים אחרות, אם אקפלורר הוא "trusted application"
מבחינת הפיירוול, אז הפיירוול בוטח בכל תוכנה אחרת על המחשב.
|
|
Read more...
|
|
Why your firewall sucks |
PDF |
| Print | |
E-mail |
|
I've sort of gotten used to general managers asking us why they need more than a firewall.
Modern stateful inspection firewalls such as Checkpoint do provide the capability for outbound filtering by port and application protocol. There are also more advanced application security firewalls such as Imperva that aim to manage permissions for application programs to access or be accessed via the Internet.
On the face of things, these notions seem positive. |
|
Read more...
|
|
Firewall configuration errors |
PDF |
| Print | |
E-mail |
|
We often talk about how most firewalls are ineffective because they're
not configured properly. Here's some research on firewall configuration that was recently published in the IEEE Computer magazine by Avishai Wool from Tel Aviv University, |
|
Read more...
|
|
Let your machines talk |
PDF |
| Print | |
E-mail |
|
M2M (machine to machine) is a new way of letting hardware devices / machines talk to each other - and letting them talk to you. M2M devices serve as a link between systems and machines - like appliances and computers - so you can control them remotely and wirelessly, for greater independence of time and place. |
|
Read more...
|
|
Layer 7 load balance for network and server farms |
PDF |
| Print | |
E-mail |
|
For many IPS deployments, load balancing using basic information about the clients and the services they want to reach is sufficient. However, as your needs grow more complex, and you start examining content, we are not in Kansas anymore - you're in Layer 7. |
|
Read more...
|
|
|
|
|
|
