The recent release of I2P 2.5.0, an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew of improvements and new features that will certainly intrigue security practitioners. This release aim...
A new version of the open source Metasploit Framework penetration testing tool is set to debut next month with the release of Metasploit Express -- ushering in new enhancements for ease-of-use and management that come courtesy of its new commercial underpinnings.
Nice interview discussing the Amazon ECS cloud and info on the SIP attacks.
Shortly After my "SIP Brute Force Attack Originating From Amazon EC2 Hosts" post, Dave Michels interviewed me for an article Dark Side of the Cloud. This is that interview:
Dave: What do you believe the intent was of the attacks? Free long distance?
Botnets cranked out more spam and larger individual files containing spam in the first quarter of this year, according to the latest report from Postini, Google's e-mail filtering and security service.
Everyone is talking about cloud computing, but security issues are stalling widespread adoption. While vendors work to address enterprise concerns (the good), experts warn there
Twice in recent weeks, I've been onsite at a company where a sizable division of the organization has been hit by a fast-roving computer worm. All that prevented the worm from quickly spreading across the enterprise was the company's isolated security zones. These scenarios served only to strengthen my belief that establishing isolated security zones is among the few strategies that reap a return on the investment of planning, resources, and money.
When using multiple systems the indispensable tool is, as we all know, ssh. Using ssh you can login to other (remote) systems and work with them as if you were sitting in front of them. Even if some of your systems exist behind firewalls you can still get to them with ssh, but getting there can end up requiring a number of command line options and the more systems you have the more difficult it gets to remember them. However, you don't have to remember them, at least not more than once: you can just enter them into ssh's config file and be done with it.
According to a recent study by the Messaging Anti-Abuse Working Group (MAAWG) spammers on both sides of the Atlantic are being kept happy by users email behaviour. The MAAWG warning seems necessary as there are clearly more than enough users who click on spam email because it somehow looks interesting, in spite of all the danger signs.
Internet infrastructure and services company OpenDNS has reached a major landmark by snagging one percent of all Internet users worldwide, according to analytics firm Quantcast.
While it doesn't sound like very much, that adds up to 18 million global users, and given that most organisations get their DNS services from their ISPs, OpenDNS is the largest single provider of DNS services. Furthermore, its use has doubled in the past year, despite the emergence of a powerful new competitor after Google launched its own DNS service last December.
Do you know all of the hosts on your network? Are you *sure*? Do you know if all of those hosts are secure from malicious tampering? In this article, you will learn how to find that information for yourself using three tools: nmap, nessus, and netcat.
Last week we looked at security technology some readers consider overvalued. This week we're back to study the other side of the coin. Here are four techniques and related technologies several cited as underrated in today's security fight. Since one security pro's miracle tool is another's waste of budget, it's no surprise that a couple of the technologies panned last week are praised here.
The march to secure the Internet's core DNS (define) infrastructure with DNSSEC (define) is moving forward.
Since at least the summer of 2008, when security researcher Dan Kaminksy disclosed a critical vulnerability in DNS, the global Internet domain routing ecosystem has been moving to implement DNSSEC, which provides is a digitally signed mechanism to authenticate the integrity of DNS information, secure the system and prevent attacks.
In light of the recent Google hacking, businesses might reconsider their cloud-based strategies. Ostensibly cloud-based services can offer business a better security profile at a lower price point than would be possible if companies built the services themselves. Take data centers, for example. Building a modern data center can cost hundreds of thousands of dollars with security measures constituting a hefty price tag encompassing, but not limited to, security cards, biometrics, dry contact sensors, IP-based camera surveillance, security guards, fire suppression systems, and power generators.
Ever had an ipv4 network address that is supposed to migrate over via a high availability mechanism simply not work or even stranger if there were several addresses some do and some do not? An experienced network administrator probably has seen mysterious non-migrating addresses, however, within this context is presented a rather interesting "solution" to when it has been observed.
Ever wondered how attackers know what ports are open on a system? Or how to find out what services a computer is running without just asking the site admin? You can do all this and more with a handy little tool called Nmap.
The Top Cloud Security Threats Report compiled by the Cloud Security Alliance (CSA), and commissioned by CSA member Hewlett-Packard (HP), is intended to alert businesses to current and future cloud computing risks. Based on a survey of corporate IT security experts across 29 companies, the report recommends strategies companies can use to protect their business transactions and data.
It's already been a busy year in the area of Internet freedom and security.
First, Google reported that it, along with a bunch of other major companies, had been hacked, and pointed the finger at China.
Then Secretary of State Hillary Rodham Clinton gave a few "Remarks on Internet Freedom" in which she pushed for one Internet, without barriers.
Nominet, the U.K.'s domain name registry, will begin implementing a security protocol on Monday designed to protect the DNS (Domain Name System).
The system, called DNS Security Extensions (DNSSEC), uses public key cryptography to digitally "sign" the DNS records for Web sites. It is designed to stop attacks such as cache poisoning, where a DNS server is hacked, making it possible for a user to type in the correct Web site name but be directed to a fake Web site.
Malicious spam volumes increased dramatically in the back half of 2009, reaching three billion messages per day, compared to 600 million messages per day in the first half of 2009. But this is still a tiny fraction of the estimated global spam volume, thought to be about 200 billion messages per day.