Browsing Posts published in August, 2007
Deepwater: Devil in the Details
Way to go LMCO / NG / USCG
Comcast Throttles BitTorrent Traffic, Seeding Impossible
“How do I test Snort?” is one of the most popular questions asked on the snort-users mailing list. While a seemingly simple question, the answer depends on your intent. Value-added resellers (VARs) and systems integrators (SIs) may need to provide customers with validation that the network intrusion detection system (IDS) is working as expected. This edition of Snort Report explains what it means to test Snort. I reveal some common misperceptions and offer alternatives to satisfy the majority of readers. A stateless approach for triggering Snort alerts is to generate traffic that should trigger Snort rules, but doesn’t rely on parsing Snort rule sets. IDSWakeup is a stateless packet generation tool. The following shows how IDSWakeup performs against Snort 2.6.1.5. I used the Debian package net/idswakeup on Ubuntu Linux against a FreeBSD sensor running Snort 2.6.1.5 and Sguil 0.6.1.
If you’re a Fedora user the end of May means one thing…time for a new release! This year was no different as the Fedora project continued its aggressive six month release schedule. Fedora 7, code named “Moonshine”, is the latest version of the Red Hat influenced Linux distribution. Fedora regulars will note the absence of the word “Core” in the new name. This isn’t the only change with this release. We’ll delve into what’s new in 7 as well as review Fedora from a desktop standpoint.
Xen or VMWare? What’s your choice?:
Two days after VMWare had one of the most successful IPOs on recent years, and one day after XenSource announces that it is being acquired by Citrix. Money is flowing into the two major virtualization players at a rate we haven’t yet seen, what are your feelings about using Xen or VMWare on Linux?
Russia’s Bomber Force Resumes Long-Range Patrolling:
Russia’s strategic bombers have not ranged far from home since the collapse of the Soviet Union. But Vladimir Putin orders the resumption of long-range missions, mostly to give the American flyboys something to think about.
Black hat IPS reverse engineering
A recently disclosed Black Hat hacker technique for reverse engineering intrusion prevention system (IPS) data poses a “serious risk” for thousands of enterprises, Gartner has warned.
Sourceforge Enterprise Edition
Did you know you can download SourceforgeEE for 15 users for free. You’ll find it on Sourceforge.net and it comes in a VMWare appliance. That version will accommodate 50 users if you want to pay for more than 15 seats. From an enterprise point of view, the cost is quite reasonable.
Linux is an enterprise-grade operating system and is capable of the utmost security. However, many installations fall short because the out-of-the-box setup routines have to cater for the lowest common denominator.
A “State of the Net” survey due out Monday from Consumer Reports, the most widely trusted name in consumer protection, makes clear that Americans continue to have ample cause to distrust Internet interactions … yet many remain woefully ignorant in terms of protecting themselves – and their children — from the most obvious dangers.
Defcon 15 was held this year in Las Vegas from August 3-5. This year’s Defcon was chock full of events with many physical securities shown to be vulnerable, favorite sites such as Gmail being unsecured, critical infrastructure flaws, and even undercover reporters.
The folks at Immunity, a company specializing in tools for penetration testing, have released a free application advertised to streamline the development of software exploits.
Dateline Mole Allegedly at DefCon
DefCon security on Friday warned attendees at the annual hacker conference that Dateline NBC may have sent a mole with a hidden camera to the event to capture hackers admitting to crimes. DefCon says it was tipped off by their own mole at Dateline who sent them a pic of the undercover journalist who DefCon employees identified as producer Michelle Madigan.
Two good articles on this topic:
