Pages
Categories
What I'm doing..
- @cellimachine It's not quite as entertaining as the two of us working together though.. in reply to cellimachine 7 hrs ago
- @strcpy maybe you angered the google gods by playing with robots.txt.. in reply to strcpy 9 hrs ago
- http://is.gd/aLjEc Everyone say hi to friendly Federal Agents following us! 21 hrs ago
- More updates...
Powered by Twitter Tools.
Tags
catalyst cfengine dbix::class dumb eris error evasion fde funny general linux linuxworld management mason math moose mst news oop perl perl5 perl::critic php poe policy politics ppw ppw2007 ppw2008 proxy puppet riaa ruby safety security security hypocrisy ssh syslog syslog-ng trust twitter web2.0 yapc yapc10 zefrankMeta
security
LinuxWorld 2008 and the goings on..
I had the privilege of speaking at LinuxWorld 2008 in San Francisco this year. It was a lot of fun and I certainly enjoyed the discussions with folks after my talk. My talk was on “Network Introspection with Open Source Tools” and I threatened to post updates on my progress here.
I’ve been working [...]
Updates, Recent Downtime
If you’ve noticed (probably not), recently the server has been unreachable. A few weeks back this was due to a bad hard drive. I finally transferred everything over to the new hard drive and got the sites back up and running thanks to a few friends and The Planet.
Then this weekend, the data [...]
Proxy Evasion with SSH
In our first installment, we looked at some solutions to provide a hospitable environment for proxy evasion. Today, we’ll dig deep into how to do this with my favorite protocol of all time, SSH.
OpenSSH is a glorious implementation of a critical network protocol. Most networks have disabled and banned the use of [...]
Getting back to things.
The holidays are always a lot of fun. I ran out of time to do some things like keeping this blog updated. There’s been a ton of stuff in the news relevant to IT security. I’m not going to recap.
I’ll be continuing my Proxy Evasion series as soon as I get a [...]
Proxy Evasion, The Environment
There are a ridiculous number of organizations using transparent proxying as a means to limit access to external resources. The idea is that by proxying all web traffic, they can keep employees from visiting porn sites. I’m not necessarily convinced that this does them much good. My general experience has been that [...]
Also tagged evasion, proxy, sshIs ‘Security Theatre’ Good Enough?
The American Populace is being inconvenienced, spied on, stripped of Constitutional Rights, and taxed without any idea where that money is going. The perpetrator is not some foreign, militant, activist group, it’s our own Government. There’s no outcry. All of these treacheries are being committed to increase security while the fact remains [...]
Also tagged management, policyFull Disk Encryption
As you may or may not know, I am gainfully employed by the Federal Government in the area of Information Security. Recently the Bush Administration responded to media hype to issue a Federal Mandate requiring all government owned laptops use encryption technologies to encrypt their data.
There are two interpretations of this memo.
Encrypt the ENTIRE [...]
Also tagged dumb, fde, management, policyAirport Security
Bruce Schneier always has spot-on posts. Here’s his editorial on last week’s terror plots.
It’s really that simple. Stop being terrorized. Stop being scared to live. Stop taking life so seriously, you’re never gonna make it out alive. We don’t need billions of dollars of security screening software/hardware. Anyone with [...]