Updated: 8/14/2003; 1:28:53 AM.
Distressed Fabric
Mcgyver5's Radio Weblog
        

Friday, June 27, 2003

Ultimate customer feedback letter.  From InternalMemos.com
11:02:47 PM    comment []

Tim with lunch. 

This fish was a lot bigger than it looks in this picture.


12:39:55 AM    comment []

What I learned at today's Security Seminar by Mark Eich of Larson Allen Consulting:
  1. Mark Eich is an excellent speaker. He told stories. He used body language. He didn't depend on slides.
  2. Mark is a security auditor. Actually he manages a bunch of security technicians and send them out to try and breach client's security a la the movie Sneakers
  3. The overriding message of the talk:  "Be proactive about security instead of reactive".
  4. Security technology these days is really good and, if used correctly, very hard to breach by technical means alone. However, social engineering and incorrectly used tools are responsible for most successful attacks.
  5. Security Resources mentioned during the talk:
  6. He spoke to a group of lawyers and asked them what the liability would be if a company was hacked and their computers were used to hack other companies and do financial damage.
    • The lawyers at first said, there is no precedence and "we can't think for ourselves without precedence".
    • As they thought about it more, dollar signs started appearing in their eyes.
    • The upshot is that there are certain industry standards for security and if your organization follows these, they should be a good defense against a lawsuit. CIS maintains these standards.
  7. He told the story of Career Day at a local High School where little hackers were asking him questions that he didn't know the answer to. For example, how to defend against 'Packet Sequence Prediction Attacks'. He told this story to illustrate his point that a new generation of citizens, consumers and workers is coming that is vastly more computer literate than we are.
  8. Application security represents a whole different ballgame than network security.  There are jillions of experts trying to find ways to crack common applications such as Windows, Linux, IIS, Kazaa and Seti at Home. As a result, these popular applications get a lot of security holes publicized and used, but also get more secure over time as patches are issued. In contrast, every little banking application, shopping application and home brewed chat room is a new frontier with one or two guys concerned with security, no holes being publicized and no patches being issued. As a result, these applications are harder to break into for less sophisticated hackers, but offer targets for people patient enough to study them (often line by line in the code).
  9. Bugbear virus. He took this one particularly personally because his home computer was hit by it.
    • Bugbear can execute from email preview pane so that you do not even have to open the email it comes in.
    • Bugbear shuts down firewall and virus protection programs
    • Bugbear installs a keystroke logger
    • Bugbear opens ports so that text collected by keystroke logger can be retrieved by whoever wrote this virus.
    • The only way to know for sure that you got rid of all the bugbear files is to reformat your hard drive. This is because Bugbear can act as a root kit attack. This means that it replaces key software on your system with software that looks and acts almost exactly the same, but has been altered so as not to allow detection of bugbear.
    • After he recovered from the bugbear attack, he still got messages to the port it opened, meaning that there is still someone out there collecting this information, no one knows who it is, and bugbear is still infecting computers.
    • Then he said that there is only one organization on the planet capable of doing this type of thing. (OK. I said that)
    • Lesson: Keep a backup of your system.
    • I asked him if it would work to compare hash values for your files and apps to established 'true' hash values for those files so that you could know that bugbear had not altered them. he wasn't really sure.
  10. In general, businesses and organizations with some in-house expertise regarding network security score higher on security audits than those that exclusively use outside vendors.
  11. Because patches can be released prematurely, they often have bugs that cause problems. For this reason, many network admins have test boxes to apply patches on to make sure they work OK.
  12. Publicity about security breaches can kill a small company, especially if it is a bank. As a result, most security breaches are never revealed to law enforcement.

12:38:57 AM    comment []

© Copyright 2003 mcgyver5.
 
June 2003
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30          
May   Jul
Home
About Me
Distressed Fabric??
Frequent Visits
mike
Scott McGerik
Plain Layne
Velcrometer
Rambling Rhodes
Matt
Girl Detective
afongen
twodolla
Other Side of Country
Truetone
Categories
Catholic
Outdoors
Technology
PHP
Java
Toad
Regional Stuff
Health
Other
Minnesota web logs
rate this blog at hot or not
Click here to visit the Radio UserLand website.

Subscribe to "Distressed Fabric" in Radio UserLand.

Click to see the XML version of this web page.

Click here to send an email to the editor of this weblog.