| August 2007 |
|---|
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
|
|
1 |
2 |
3 |
4 |
| 5 |
6 |
7 |
8 |
9 |
10 |
11 |
| 12 |
13 |
14 |
15 |
16 |
17 |
18 |
| 19 |
20 |
21 |
22 |
23 |
24 |
25 |
| 26 |
27 |
28 |
29 |
30 |
31 |
|
|
Recent Comments
Wiki RSS
|
Fri, 31 Dec 2004
Thu, 30 Dec 2004
|
|
Here
is a site discussing basic web proxy theory. An interesting part near
the end discusses "chaining" of proxies so that each department in an
organization can maintain its own usage policy while the organization
can impose its own set of rules. This effectively "chains" or
aggregates usage policies.
joat: 13:00:00 30 Dec 2004 |
|
|
Wed, 29 Dec 2004
Tue, 28 Dec 2004
Mon, 27 Dec 2004
|
|
I made the following with PowerPoint and converted it to a GIF so it's a
bit basic. However, the information is valuable enough. The numbers
across the top is frequency in MHz. 
joat: 13:00:00 27 Dec 2004 |
|
|
Sun, 26 Dec 2004
|
|
QSL.net has a very nice link page.
joat: 15:00:00 26 Dec 2004 |
|
|
Sat, 25 Dec 2004
Fri, 24 Dec 2004
|
|
Normally I spend the first day of the weekend blogging most of the
following week. Today is an exception, for obvious reasons. I have
gifts to wrap, dishes to wash, animals to feed. Somehow I have to
figure out how to sneak my son's and his girlfriend's presents into the
house (past them). HBO is running Carnivale again this coming week so I
have to find time to set up the record schedule. You get the idea. In any case, blogging
this week may be a little erratic. Here's today's... IBM has an
article about building clusters with custom
Knoppix CD's. Knoppix seems to be one of those tools that finds its
way into everything. Since our appliances will soon have their own IPv6
addresses, what's next? Washing Machine Knoppix? Fish Tank Knoppix?
Lawn Mower Knoppix? Don't laugh! Mix in a little wireless or
broadband-over-power-line and it's not that much of a stretch.
joat: 17:00:00 24 Dec 2004 |
|
|
Thu, 23 Dec 2004
|
|
The Web Applications Security mailing list has a pointer to a paper which discusses "session riding", which appears
to amount to hijacking a user's access or data via methods such as
sending crafted instructions via html e-mail (when the user's e-mail
client loads the html, the exploit is executed).
joat: 13:00:00 23 Dec 2004 |
|
|
Wed, 22 Dec 2004
Tue, 21 Dec 2004
|
|
Microsoft has stated that they've
switched virus scanners to " provide a safer online experience for
consumers". Considering that it's probably more of a financial
issue or a programming difficulty (e.g., can't interface the scanner
with the webmail), it's a bad choice of words for the supposed cause.
We may see a lawsuit because a corporation has taken a public
position on the quality of a competitors product (remember Microsoft purchased two
companies last year for this purpose). It's one thing to say your
own product is better than everyone elses. It's another to say (or
directly imply) that a competitor's product is crap. Without proof,
that is.
joat: 22:30:00 21 Dec 2004 |
|
|
|
|
Activeworx has released a new
verion of its Honeynet Security Console (for Win2K/XP). Screenshots are
here.
joat: 13:00:00 21 Dec 2004 |
|
|
Mon, 20 Dec 2004
Sun, 19 Dec 2004
|
|
More news from the wireless front:
joat: 19:00:00 19 Dec 2004 |
|
|
|
|
Here's part one
of a two part series on the current problems with WiFi encryption. The
focus in on WEP but it does touch on other topics. One thing to keep
in mind: if WEP is the best you have, it's better than nothing and
overall WEP security can be improved via basic practices such as
periodically changing keys.
joat: 18:00:00 19 Dec 2004 |
|
|
Sat, 18 Dec 2004
|
|
|
joat: 13:00:00 18 Dec 2004 |
|
|
Fri, 17 Dec 2004
|
|
Found Yet Another Security Related Blog ( YASRB). Here's the RSS feed.
joat: 13:00:00 17 Dec 2004 |
|
|
Thu, 16 Dec 2004
|
|
In doing work-ups for malicious code analysis, I've been using Full Disclosure as a source as it allows attachments. This allows me to download onto a non-MS machine, run a virus scanner and do other things while deciding to use the sample or not. In the process, I usually hit Google also. In trying to figure out "You_are_dismissed.com" (it's Bagle.Ap) I found tasklist.org. It appears to be a really good source for identifying unknown (unauthorized) processes.
joat: 14:00:00 16 Dec 2004 |
|
|
|
|
Tom Dunigan has a very large security-related link list.
joat: 13:30:00 16 Dec 2004 |
|
|
|
|
InfoSec Writers has a good analysis of the JPEG Processing Buffer Overrun.
joat: 13:00:00 16 Dec 2004 |
|
|
Wed, 15 Dec 2004
|
|
Here's an online howto for configuring Putty to tunnel your email traffic safely.
joat: 13:30:00 15 Dec 2004 |
|
|
|
|
Yesterday I posted about a blog run by Deb Radcliff. It appears she has quite an anthology of articles.
joat: 13:00:00 15 Dec 2004 |
|
|
Tue, 14 Dec 2004
|
|
Don't know if I've blogged about it before but HP's free classes site is still online. Topics include firewalls, desktop publishing, MS, Linux, virus protection best practices, organize your life, and many more.
joat: 13:30:00 14 Dec 2004 |
|
|
|
|
Picked up a couple new blogs: Security Awareness (run by Greg Hoffman) and Security Chief (run by Deb Radcliff). Both people are associated with Winn Schwartau, a "security type" and a real character. My first "run in" with him was when someone bulk emailed an employer with tons of wierd email (looked like mail bugs) and the source had his name in the registry.
joat: 13:00:00 14 Dec 2004 |
|
|
Mon, 13 Dec 2004
|
|
Here's Dave Dittrich's home page. Of note are the link's on the left hand side of the page. He maintains some really good lists of site related to various security topics.
joat: 13:30:00 13 Dec 2004 |
|
|
|
|
Here's a good article which discusses the difficulties in detecting complex viruses.
joat: 13:00:00 13 Dec 2004 |
|
|
Sun, 12 Dec 2004
|
|
Here's a good article which discusses network attacks and breaks them down into five basic types.
joat: 13:00:00 12 Dec 2004 |
|
|
Sat, 11 Dec 2004
|
|
Tony Bradley has posted about a site with free CISSP training. This is one of the certifications that will become a bit more valuable in the near future. The Federal Trade Commission is currently suing two companies for lack of GLB compliance. The orders they're trying to get signed include the directive to obtain an satisfactory assessment of their network with 180 days and includes the following statement: | Each assessment shall be prepared by a person as a Certified Information System Security Professional (CISSP) or as a Certified Information Systems Auditor (CISA); a person holding Global Information Assurance Certification from the SysAdmin, Audit, Network, Security Institute (SANS); or by a similarly qualified person or organization approved by the Associate Director for Enforcement, Bureau of Consumer Protection, Federal Trade Commission. |
Prediction: You'll see the quals thing get out of hand, even some fakery/foolery that will require either tighter control of quals or the government will create their own quals requirements. Stand by for an industry shift! joat: 13:00:00 11 Dec 2004 |
|
|
Fri, 10 Dec 2004
|
|
This article is a bit sensationalist ("piles on" semi-unrelated facts in order to scare you) but is mostly accurate. Anyone seen "Sweet Tooth" in action? (No, not the Pogo game!)
joat: 13:30:00 10 Dec 2004 |
|
|
|
|
For entertainment, try viewing the videos at The Broken. They're made by a couple of recognizable faces. I'm not sure if what they're showing is illegal or not, most of it is pretty mild or very old. For you conspiracy types, it proves that there was dark forces behind that TV show. Hacking with Ramzi is really, really bad.
joat: 13:00:00 10 Dec 2004 |
|
|
Thu, 09 Dec 2004
|
|
If you're reading this around 7 p.m. EST, I'm at the Biergarden on High Street in Portsmouth, overdosing on an odd version of potato soup and helping to run a local version of geek trivia. It's part of what is becoming a tradition in that the last (unofficial) day of class is held at the Biergarden. I'm addicted to the potato soup, which I'm not supposed to have due to its content. I don't have the recipe for it (hope to though) but it contains what looks like small bits of pot roast, potatoe slices, and spaetzle in a clear beef broth. Occasionally, another veggie may make a cameo appearance but the base recipe is delicious. Anything with spatzle can't be all that bad, right? If you can find someone who makes good spatzle, heifering, and dumpfnodle hire 'em, marry 'em, or otherwise move in with them. Same goes for lumpia and pansit. And before you food vacuums at 757 ask, mine's only passable so you ain't moving in with me. Apologies for the spelling.
joat: 23:30:00 9 Dec 2004 |
|
|
|
|
Interesting visualization tool. I don't expect it to go anywhere but it is a different approach (see the screenshots). Decent GL links on the page to. (via HITB)
joat: 13:00:00 9 Dec 2004 |
|
|
Wed, 08 Dec 2004
|
|
Ubiqx.org has everything you ever wanted to know about SMB (and probably much, much more).
joat: 13:30:00 8 Dec 2004 |
|
|
|
|
I think " Ten Questions to Ask About Application Security Systems" is appropriate, especially when a lot of our applications are moving onto the web server. They are appropriate elsewhere, especially when the other "move" is away from application proxies and towards "deep packet inspection" (which is inappropriate for HTTP traffic).
joat: 13:00:00 8 Dec 2004 |
|
|
Tue, 07 Dec 2004
|
|
|
Roughly two weeks have gone by. Total number of spams, three. Two from the same jerk at/via 81.27.200.49, trying to be funny. The other at/via 24.69.65.52. Both of them entered via the web page (vice the CGI interface). Both added to the blacklist. It's probably not helping that I talk about it but since this is the last week in the semester, I have a bit of free time to run the donkey at the windmill.
joat: 23:30:00 7 Dec 2004 |
|
|
Mon, 06 Dec 2004
|
|
Palo Wireless is a site with in-depth explanations of most (if not all) of the wireless protocols/technologies.
joat: 13:30:00 6 Dec 2004 |
|
|
|
|
|
Just in case anyone wanted to know, I modified the writeback plugin so that it's non-standard. Just come up with a word that isn't used in any of the code (to keep things simple) and substitue it for writeback in all of the code. For now, it's a bit of a manual process but it doesn't appear to all that hard to automate (changing that is). It may drive the spammers back to posting via the interface, where fight can be on a more even ground.
joat: 13:00:00 6 Dec 2004 |
|
|
|
|
Following is the list of IP's that attempted to connect to the old-style comment system. The only "things" that attempt this are automated programs of one of two types: either search engine spiders (such as Google's below) or comment spammers. Do what you will with the list, just don't hold me responsible for it. | 2 | | 12.158.228.18 | | | | 1 | | 168.143.113.5 | | | | 5 | | 193.95.113.114 | | | | 12 | | 194.213.41.11 | | | | 127 | | 194.213.41.12 | | | | 26 | | 194.213.41.13 | | | | 72 | | 194.213.41.14 | | | | 1 | | 194.7.246.43 | | uu194-7-246-43.unknown.uunet.be | | 1 | | 195.132.141.251 | | m251.net195-132-141.noos.fr | | 4 | | 195.27.14.2 | | | | 1 | | 200.12.238.23 | | | | 40 | | 200.21.45.4 | | mangostino.ut.edu.co | | 3 | | 200.212.114.3 | | | | 4 | | 200.34.99.9 | | | | 1 | | 211.239.170.46 | | | | 1 | | 212.138.47.16 | | cache6-1.ruh.isu.net.sa | | 1 | | 212.138.47.20 | | cache10-4.ruh.isu.net.sa | | 1 | | 212.138.47.21 | | cache13-4.ruh.isu.net.sa | | 1 | | 212.138.47.26 | | | | 10 | | 213.172.36.62 | | | | 12 | | 213.41.1.222 | | wan-222.1.rev.fr.colt.net | | 8 | | 213.41.1.226 | | wan-226.1.rev.fr.colt.net | | 19 | | 217.144.0.137 | | | | 5 | | 218.4.189.197 | | | | 1 | | 218.57.113.11 | | | | 6 | | 219.93.211.74 | | | | 11 | | 64.125.108.114 | | 64.125.108.114.available.above.net | | 42 | | 65.54.188.139 | | | | 1 | | 66.249.64.146 | | crawl-66-249-64-146.googlebot.com | | 1 | | 66.249.64.156 | | crawl-66-249-64-156.googlebot.com | | 1 | | 66.249.64.160 | | crawl-66-249-64-160.googlebot.com | | 1 | | 66.249.64.198 | | crawl-66-249-64-198.googlebot.com | | 4 | | 68.167.94.202 | | h-68-167-94-202.chcgilgm.covad.net | | 6 | | 68.98.206.172 | | wsip-68-98-206-172.ks.ok.cox.net | | 5 | | 80.65.102.162 | | ip102-162.introweb.nl |
joat: 01:52:25 6 Dec 2004 |
|
|
Sun, 05 Dec 2004
|
|
One thing that is not said all that often is that even the good guys have to know things like what's in this paper. It's not just the "good guys" that use encryption.
joat: 13:00:00 5 Dec 2004 |
|
|
Sat, 04 Dec 2004
|
|
Now that I'm not spending a hour or so per day mopping up comment barf (spam), I've had time to fix the comment script to all <b>, <p> and <br>, work on comment titles, and generally get back to tweaking the site. Are there any features that you'd like to see? I'm considering dumping the Blogroll and replacing it with a links list or putting a "recent comments" frame there.
joat: 15:00:00 4 Dec 2004 |
|
|
|
|
Ryumaou has pointed out that O'Reilly has a new magazine called " Make". It's aimed at the hardware geeks. (Telmnstr! This one looks like one of yours.)
joat: 13:00:00 4 Dec 2004 |
|
|
Fri, 03 Dec 2004
|
|
Ever wonder what happened to Sealand?
joat: 13:00:00 3 Dec 2004 |
|
|
Thu, 02 Dec 2004
|
|
Chalk this one up as a pointless temper tantrum... What kind of person (that's the nice version) thinks it's important to post their Winamp-generated playlist to the Internet? (Hint: there's quite a few of them.) I went shopping for a album, containing a Christmas song that I've not heard in fifteen years by Kevin Bloody Wilson (Hey Santa Claus...). It was amazing, the number of fake sites and playlist sites that I had to wade through before finding a legit site offering Kevin's albums. Maybe I should write one? <humming> living next door to spammers </humming>
joat: 13:30:00 2 Dec 2004 |
|
|
|
|
|
joat: 13:00:00 2 Dec 2004 |
|
|
Wed, 01 Dec 2004
Tue, 30 Nov 2004
|
|
According to this, O'Reilly is going to distribute the Google Hacking book (not the same as their Google Hacks book).
joat: 22:30:00 30 Nov 2004 |
|
|
Mon, 29 Nov 2004
|
|
Just to add my two cents to the ads in RSS feeds bickering... I feel that one of the reasons that RSS became so popular was that it allowed readers to avoid all the extra fluff on a website and get right to the content, thereby increasing the amount of content you can read in a day. Inserting advertisements into those feeds dilutes the value of the content. If, like in some low traffic feeds, the advertisements out-number the actual posts, it can become a justifiable reason to unsubscribe from the feed. I think that many content providers are going to have to learn the hard way that social media (as bloggers are sometimes called)(as opposed to mainstream media) allows for very fickle readers. Contrary to what most content providers think about themselves, very few feed sources are "valuable" enough to be able to keep their subscription levels while annoying their readers at the same time. In any case, how long before someone writes an aggregator that filters advertisements? Do we really have to join that arms race?
joat: 13:30:00 29 Nov 2004 |
|
|
|
|
Linux Security has posted part one of an series describing the use of honeypots to fight spam.
joat: 13:00:00 29 Nov 2004 |
|
|
Sun, 28 Nov 2004
|
|
Here's the list of Saturday's spammers (those attempting to access the old comments system). Please remember that some of the IP's are legitimate search engine spiders. Do what you will the list but don't hold me responsible for it. | 1 | | 142.165.112.131 | | msjwsk02d010101131.sk.sympatico.ca | | 5 | | 193.255.207.253 | | seyhan.cu.edu.tr | | 2 | | 194.117.217.227 | | | | 7 | | 200.12.238.31 | | | | 4 | | 201.12.13.170 | | | | 1 | | 202.141.239.4 | | | | 1 | | 202.163.115.203 | | | | 4 | | 202.163.115.205 | | | | 1 | | 202.68.147.182 | | | | 3 | | 203.113.29.2 | | | | 7 | | 203.115.21.155 | | | | 1 | | 203.151.40.252 | | 203-151-40-252.inter.net.th | | 1 | | 203.190.254.9 | | | | 1 | | 203.197.234.177 | | delhi-203.197.234-177.vsnl.net.in | | 1 | | 210.18.184.246 | | | | 3 | | 211.185.38.61 | | | | 4 | | 212.117.152.70 | | mailrelay.flying.co.il | | 1 | | 212.36.213.15 | | | | 12 | | 213.172.36.62 | | | | 22 | | 213.56.68.29 | | | | 1 | | 216.239.39.5 | | proxy.google.com | | 1 | | 217.14.219.34 | | | | 1 | | 219.95.89.125 | | | | 1 | | 24.24.72.83 | | bgm-24-24-72-83.stny.rr.com | | 1 | | 61.1.185.85 | | | | 68 | | 64.125.108.114 | | 64.125.108.114.available.above.net | | 1 | | 64.238.121.155 | | | | 1 | | 65.35.35.197 | | 197-35.35-65.tampabay.rr.com | | 26 | | 65.54.188.138 | | | | 44 | | 65.54.188.139 | | | | 1 | | 66.231.168.82 | | | | 2 | | 66.249.64.156 | | crawl-66-249-64-156.googlebot.com | | 1 | | 66.249.64.195 | | crawl-66-249-64-195.googlebot.com | | 1 | | 66.249.64.30 | | crawl-66-249-64-30.googlebot.com | | 1 | | 66.249.64.33 | | crawl-66-249-64-33.googlebot.com | | 1 | | 67.107.73.195 | | | | 1 | | 68.83.190.72 | | pcp09996361pcs.narlington.nj.comcast.net | | 9 | | 80.65.102.162 | | ip102-162.introweb.nl | | 2 | | 80.65.121.214 | | ip121-214.dsl.introweb.nl | | 1 | | 81.15.196.129 | | | | 1 | | 83.108.243.136 | | ti400720a080-13192.bb.online.no |
joat: 23:30:00 28 Nov 2004 |
|
|
|
|
Linux Exposed has an article explaining the basic theory behind SQL injection attacks.
joat: 13:00:00 28 Nov 2004 |
|
|
|
|
From what Jeremy says, it looks like the Knoppix Hacks book is out (I don't get into the bookstore often). As per O'Reilly's usual practice, they've posted some sample chapters on their site. I've used the anti-virus one but I've used a commercial scanner. It's a little known fact that McAfee (and others) sells a Linux-based scanning engine that uses the usual DAT files. Combine that with BSDi's LDP, and you can have a commercial scanner running on a commercial OS (for those with management that insists on commercial products) which can act as a (pass-thru) mail handler or mail server. I've even wedged this thing into Sendmail. Anyways, the book looks like it's worth the $$.
joat: 13:00:00 28 Nov 2004 |
|
|
Sat, 27 Nov 2004
|
|
Call me weird but I find conversations/listening to presentations/watching tv more interesting with immediate access to Google. A passing comment during Word Wars on the Discovery Channel lead me to The International Journal of Verbal Agression. Sometimes the habit is exceedingly annoying to others (for obvious reasons) and sometimes it leads to a bit of comedy (a quick search on Helen Carr during a recent law enforcement presentation revealed that her hgh school reunion committee was also looking for her). I think it's one of the reasons why the classes in Chesapeake are so enjoyable. Everyone has the Internet "right there" and usually anyone can hijack the class for a few minutes with a semi-related bit of information. The instructor has to have one of those personalities and be able to herd cats (there IS a learning plan to follow). Some students find it frustrating, others find it just outright odd, but a working knowledge of Google or Yahoo syntax does help with some of the verbal references thrown out during conversations (quick quiz: Who said, "Help me Mr. Wizard! I don't want to be a ..." ).
joat: 13:30:00 27 Nov 2004 |
|
|
Fri, 26 Nov 2004
|
|
It's nice to see that CWShredder is back in play. The bad news is that it's only available via a commercial product. You can read some of Merijn Bellekom's (the author's) comments here.
joat: 22:30:00 26 Nov 2004 |
|
|
|
|
Following is a list of IP addresses attempting to use the old comment system on 25 Nov 2004. Please note that some of these may be search engine spiders such as Google (hopefully the spiders will catch on shortly). The rest are spammers. I'm a bit concerned that a good portion of the non-spider entries are caches or proxies. Do what you want with the list. | 47 | | 148.244.150.57 | | host-148-244-150-57.block.alestra.net.mx | | 2 | | 152.163.100.199 | | cache-rtc-ad05.proxy.aol.com | | 1 | | 193.129.22.146 | | | | 8 | | 193.79.18.243 | | | | 3 | | 194.63.235.155 | | cache1.thess.sch.gr | | 2 | | 194.63.235.156 | | cache2.thess.sch.gr | | 1 | | 194.63.235.157 | | cache3.thess.sch.gr | | 4 | | 195.175.37.11 | | | | 8 | | 195.175.37.24 | | | | 2 | | 195.175.37.26 | | | | 1 | | 195.175.37.7 | | | | 26 | | 195.245.247.155 | | | | 1 | | 195.61.146.130 | | eapp.tamisa.ro | | 5 | | 200.118.118.4 | | Static-IP-cr2001181184.cable.net.co | | 1 | | 200.12.238.31 | | | | 2 | | 200.168.62.134 | | 200-168-62-134.cebinet.com.br | | 13 | | 200.31.79.214 | | | | 2 | | 200.60.207.58 | | client-200.60.207.58.speedy.net.pe | | 16 | | 203.113.29.1 | | | | 3 | | 203.113.29.2 | | | | 6 | | 203.150.234.46 | | 203-150-234-46.inter.net.th | | 6 | | 203.151.40.252 | | 203-151-40-252.inter.net.th | | 2 | | 203.172.154.114 | | | | 19 | | 203.197.234.177 | | delhi-203.197.234-177.vsnl.net.in | | 1 | | 209.33.210.2 | | 209-33-210-2.sg-wireless.infowest.net | | 1 | | 210.143.29.247 | | c12-247.actv.ne.jp | | 12 | | 212.117.152.70 | | mailrelay.flying.co.il | | 1 | | 212.138.47.12 | | cache2-2.ruh.isu.net.sa | | 2 | | 212.138.47.16 | | cache6-1.ruh.isu.net.sa | | 1 | | 212.138.47.21 | | cache13-4.ruh.isu.net.sa | | 1 | | 213.132.32.130 | | eth1.cache2.dubaiinternetcity.net | | 43 | | 213.172.36.62 | | | | 8 | | 213.56.68.29 | | | | 3 | | 217.14.219.34 | | | | 1 | | 218.5.191.126 | | | | 15 | | 220.90.132.183 | | | | 1 | | 221.132.39.253 | | localhost | | 2 | | 61.19.243.11 | | | | 1 | | 61.95.226.18 | | | | 4 | | 63.100.211.203 | | 63-100-211-203.reverse.newskies.net | | 1 | | 63.72.136.96 | | | | 4 | | 64.124.92.199 | | stdev1.sj3.escalate.com | | 86 | | 64.125.108.114 | | 64.125.108.114.available.above.net | | 5 | | 64.132.198.149 | | 64-132-198-149.essind.com | | 1 | | 65.4.208.158 | | adsl-4-208-158.mem.bellsouth.net | | 1 | | 65.50.67.11 | | CPE002078d287e4-CM014250010853.cpe.net.cable.rogers.com | | 17 | | 65.54.188.138 | | | | 1 | | 66.249.64.160 | | crawl-66-249-64-160.googlebot.com | | 1 | | 66.249.64.167 | | crawl-66-249-64-167.googlebot.com | | 1 | | 66.249.64.189 | | crawl-66-249-64-189.googlebot.com | | 1 | | 66.249.64.195 | | crawl-66-249-64-195.googlebot.com | | 1 | | 66.249.64.198 | | crawl-66-249-64-198.googlebot.com | | 2 | | 66.249.64.201 | | crawl-66-249-64-201.googlebot.com | | 4 | | 66.249.64.202 | | crawl-66-249-64-202.googlebot.com | | 2 | | 66.249.64.205 | | crawl-66-249-64-205.googlebot.com | | 1 | | 66.249.64.30 | | crawl-66-249-64-30.googlebot.com | | 1 | | 66.249.64.37 | | crawl-66-249-64-37.googlebot.com | | 2 | | 66.249.64.38 | | crawl-66-249-64-38.googlebot.com | | 1 | | 66.249.64.55 | | crawl-66-249-64-55.googlebot.com | | 2 | | 66.249.64.58 | | crawl-66-249-64-58.googlebot.com | | 1 | | 66.249.64.68 | | crawl-66-249-64-68.googlebot.com | | 2 | | 66.249.64.70 | | crawl-66-249-64-70.googlebot.com | | 1 | | 68.167.94.202 | | h-68-167-94-202.chcgilgm.covad.net | | 1 | | 68.235.196.123 | | 68-235-196-123.crlsca.adelphia.net | | 1 | | 68.252.22.121 | | adsl-68-252-22-121.dsl.dytnoh.ameritech.net | | 1 | | 69.152.200.106 | | adsl-69-152-200-106.dsl.fyvlar.swbell.net | | 39 | | 80.65.102.162 | | ip102-162.introweb.nl | | 2 | | 80.65.121.214 | | ip121-214.dsl.introweb.nl | | 6 | | 81.110.124.10 | | cpc2-with1-4-0-cust10.bagu.cable.ntl.com | | 1 | | 81.153.86.133 | | host81-153-86-133.range81-153.btcentralplus.com | | 7 | | 81.208.62.130 | | | | 1 | | 82.176.17.196 | | | | 2 | | 83.168.19.77 | | adsl-19-77.cytanet.com.cy |
joat: 22:11:40 26 Nov 2004 |
|
|
|
|
Here's a thought (tell me if you think I'm way off): buying one-time products, either hardware or software, to fight spam and malicious code is a bad idea. Your purchase becomes obsolete as soon as what you're fighting changes tactics. Instead, you should use a product/service that is either community driven (e.g., Snort, ORBS, etc.) or is subscription-based (e.g., McAfee, Symantec, etc.). I don't have that previous paragraph worded the way I'd like it to be but you get the idea. Thoughts for articles/papers (feel free to borrow): - networks that adapt to a new threat faster have a better survival rate
- the need for adaptive technologies to fight security threats (even if it's the ability to script "in the middle")
- the need for trained personnel to use those adaptive technologies
- what technologies still need adaptive capabilities
joat: 21:30:00 26 Nov 2004 |
|
|
|
|
I think I've blogged about air |
| |
