Everyone seems to be commenting on the Counterpane acquisition by BT. But unlike most of the “analyst” type comments out there (here, here, and here), I want to comment about this acquisition from my not-too-long-ago viewpoint of a security manager. First all, with all respect to Mr. Schneier, I was never impressed with Counterpane. They pitched to […] ↓ Read the rest of this entry…
I’ll be the first one that says TV shows and movies are hardly based on reality. But when they screw up something that is near and dear to me, I get very upset. For instance, I was in the Army and Army National Guard for over 7 years. Though I was never a career soldier, […] ↓ Read the rest of this entry…
Take a look here. I’m thinking about this one. It is more from a server management and admin perspective, but it is really worth looking at. Vet
Link This is the trojan I mentioned in my last post. Vet
Go check out this article at Dark Reading. Looks like this group is creating a botnet with a trojan that has a cracked version of Kaspersky AV to clean machines (except for itself, of course) to make sure it gets all the bandwidth it can to send out spam. It is called the SpamThru trojan. This […] ↓ Read the rest of this entry…
I will be in training today and tomorrow on Bluecoat. I am impressed thus far, but I am having some serious trouble staying focused  because I keep getting calls on the RFP I posted about yesterday. Oh well, the life of a pre-sales SE. VetÂ
…but it is also one big pain in the neck! I have been thrown into the process of answering an RFP (request for proposal) for a city government down here in Texas, and I cannot begin to tell you how tedious and ridiculously complicated the whole process can be. RFPs can be complicated enough with […] ↓ Read the rest of this entry…
For anyone not aware, the new IE7 is going to be pushed out auto-magically by MSFT with auto-updates.  Juniper does not support IE7 or Vista yet with its SSL VPN product. Here is the release by Juniper: PSN Issue : Microsoft will soon be releasing Internet Explorer Version 7 (IE7) and Windows Vista. Solution: Please be advised […] ↓ Read the rest of this entry…
Here’s what they sent me: There was a SYNC FLOOD where we were only receiving ACK to our webserver, so our Rio Rey, which is our anti-DDOS box, did not reject, because it was seen as legitimate traffic. Due to the nature of the problem, we were required to block approximately half of the internet […] ↓ Read the rest of this entry…
I have decided to start putting down some of the day-to-day events with this new job. I think it will actually help stir my mind to blog more since I have not been writing near enough lately. So here goes. I have actually been kinda bored since my recent job change. Though I have been […] ↓ Read the rest of this entry…
Email string between Matt Heaton (Bluehost CEO) and me on the DDos. Not a lot of info, but here it is (start at the bottom): It was directed at one specific IP, not a domain name. The IP was a shared IP with over 800 domains on it so it was not possible for […] ↓ Read the rest of this entry…
So McAfee is buying Citadel. These guys have got the right idea. If McAfee can integrate this into their NAC solution to a point where the desktop has automatic patching when it is sent to a remediation zone, then I will recommend McAfee to everyone. Furthermore, I still cannot understand why in the world other NAC providers don’t buy a […] ↓ Read the rest of this entry…
It looks like at least one server at bluehost.com was DDos’ed yesterday. Bluehost.com hosts my website, so I was unable to reach my site for most of the day. They said that the site was up, but they had to block large segments of the Internet from which the attack was coming, so I guess I […] ↓ Read the rest of this entry…
I have stated that I do not like thrid-party patches. Here are some reasons: It can open other avenues of attack, since the bad guy is likely to start studying the thrid-party patch for security holes. Potential problems caused by the unofficial patch when installing the official vendor patch Management headache of uninstalling the unofficial patch […] ↓ Read the rest of this entry…
©0-2012 An Information Security Place | Powered by WordPress with Easel | Subscribe: RSS | Back to Top ↑