Archive for the ‘Resources’ Category
Cool Infosec Resource
May 18th, 2006
Throughout the course of my travels, I came across an interesting resource: the Infosecpedia. It is, as the name implies, an information security wiki. Anyway, it’s pretty darn cool – cool enough that I’m thinking about contributing. Maybe one article a week or so. Not that I have a ton of free time, but this seems to me like it could be an awesome resource.
Posted in 
LSO – “Learn Security Online”?
October 13th, 2005
I stumbled across the LSO or “Learn Security Online site the other day. I happened to be reading the security newswire (sometimes I do this if I feel like I’m too alert early in the day,) and their press release just leapt out at me because it was so different from the other cruft that you see on the wire. Granted, I did think that LSO CEO arguing with Gene Spafford in his own press release was a bit strange, but I just thought “huh” and plowed through:
When asked what he thought of the comment made by Gene Spafford, professor of computer sciences at Purdue University. “Criminal justice programs don’t have students steal cars or commit rape to understand what motivates criminals or how to stop them.” Joe replied,
HoneyMonkeys….
August 9th, 2005
MS HoneyMonkeys. Cool idea, good execution, valuable results. Maybe I’m wrong on this one, but it seems to me that Microsoft is the only vendor with a plan for catching zero-day vulnerabilities; not to mention the fact that it’s actually paying off.
So… Oracle, Sun, Netscape… What was that mantra again about how MSFT was the bane of information security? I’m not biased, just keeping my eyes open.
Televised Hijinx
June 24th, 2005
Something tells me that if AT&T really is planning to broadcast an information security news channel, that said channel will be less about streaming security news and more about keeping various hijinkery to a minimum. I mean, really – think about it; if you wanted to, could you think up a bigger target for misguided jouvinile hacker shenanegans than 24hour streaming infosec from AT&T?
“Know Your Enemy”
July 18th, 2003
The Honeynet Project, http://www.honeynet.org/ has released a short but informative, and moderately entertaining to boot, report on credit card fraudsters and how they operate. The report includes snippets of IRC chats between experienced and newbie fraudsters. For anyone that wants to know how the fraudsters do it, it’s a terrific read. The report can be downloaded from the Honeynet site.
Filtering Dos and Don’ts
July 15th, 2003
Filtering routers don’t get a lot of attention these days. But they’re still a great first line of defense with the right ACLs (access control list) configured. This recent NWFusion article is a good primer for anyone not aware of what filters on routers can do and a great reminder to anyone who hasn’t checked their router ACLs lately.