snort

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Google introduced a new DNS service today.
    Google Code Blog: Introducing Google Public DNS: A new DNS resolver from Google
    Tags: ( google dns )
  2. This is pretty neat. Metasploit now has a built in vulnerability scanner.
    Metasploit Gets New Vulnerabilty Scanning Features - DarkReading
    Tags: ( metasploit vulnerability-scanning )
  3. Very cool. Sourcefire has rolled out a couple of VMWare-based virtual IDS appliances.
    Product Watch: Snort Maker Rolls Out IPSes For Virtual Environments - DarkReading
    Tags: ( snort sourcefire ids virtualization )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The 5 year clock is about to start on Windows XP and Office 2003. They both are going into extended support status.
    Windows XP and Office 2003 Enter a New Phase of Support
    Tags: ( patches winxp office-2003 )
  2. If you want to continue to get updated DCERPC related detection capabilities with snort you are going to have to upgrade soon. Details inside.
    VRT: Snort 2.8.4 is nigh
    Tags: ( ids snort )
  3. Alex has put up his first blog post for Verizon Business. In it, he argues that PCI is not broken. I agree. I have never viewed PCI and a panacea for "securing" card data. Saying that PCI makes card data safe, is like saying that a seat belt makes a car safe. It helps, but doesn't guarantee anything.
    He also points us to another resource that looks interesting, the "Information Security Management Maturity Model "
    Verizon Business Security Blog >> Blog Archive >> There's nothing wrong with the PCI DSS
    Tags: ( pci )
  4. First: This post has a really nice graphical representation of the operational Internet DNS framework (attack surfaces). Second: The final report was released from the The Global DNS Security, Stability and Resiliency Symposium. It is now on my reading pile.
    >> DNS Attack Surface * Security to the Core | Arbor Networks Security
    Tags: ( dns )
  5. You have a couple patches to install if you manage a VMWare ESX installation.
    VMWare Announces New, Critical Security Updates
    Tags: ( vulnerability vmware patches )
  6. A nice list of targets you can use to test your hacking skills. There are more in the comments.
    Hacking Without All the Jailtime ha.ckers.org web application security lab
    Tags: ( hacking targets )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This might be an interesting report.
    Driving Fast and Forward: Managing Information Security for Strategic Advantage in a Tough Economy (pdf)
    Tags: ( general )
  2. Little patch work to do on our Windows systems.
    4 Patches Issued By Microsoft, 2 Critical - Security Watch
    Tags: ( vulnerability windows patches )
  3. Time to patch your Blackberry.
    RIM Issues BlackBerry Security Advisory -- BlackBerry -- InformationWeek
    Tags: ( vulnerability blackberry patch )
  4. Never forget that it is not just your organization that may be affected by a data breach. Heartland is a case in point.
    Heartland Breach Affects 135 Banks and Credit Unions (So Far) | Threat Level from Wired.com
    Tags: ( breach )
  5. Dry cleaners, Ebay, etc. Folks, we really need to get a handle of sanitizing our systems be fore we let them out of our control.
    Techworld.com - Sensitive data found on eBay hard drives
    Tags: ( data-leakage )
  6. Looks like some interesting stuff going on with snort.
    VRT: Important Snort rule changes and the new dcerpc preprocessor
    Tags: ( ids snort )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody. Here are few things worth taking a gander.

Dave Lewis over at Liquidmatrix points us to an service that appears to be very helpful. It is a service offered by Jane's that tracks terrorism and insurgent activities around the globe. As Dave states, it's a bit pricey for an individual, but probably well worth it for corporations that have global exposure.

Richard's latest Snort Report is up. He helps us Justify Snort. Good reading.

Paul Melson has a list of Malware Analysis tools you can use to dig into the guts of those pesky malicious files.

@dacort twitted a pointer to an article on Sun's site that talks about five areas that must be addressed to keep Web scale deployments safe from attack.

In a follow-up post to a previous missive about the static code analysis shortcomings, Rafal Los brings us a solution, Hybrid Analysis. Good stuff.

That's it for now. Have a great day.

Kevin

{ 0 comments }