Related link: http://www.taosecurity.com/

The site TaoSecurity by Richard Bejtlich has interesting security publications by the author (covering forensics, intrusion detection and other subjects), links to fun and useful security sites, etc.

The author is also famous for his numerous security book reviews, posted at Amazon and other places. The links to reviews are provided at the site and also posted to the weblog. The author runs a great
security blog, updated often with interesting bits of information, such as new tools, new books or his enlightening comments on published security articles and events.

Related link: http://www.economist.com/people/displayStory.cfm?story_id=1795930

Don Marti just drew my attention to this article from last week’s Economist in which Jonathon Schwartz (Sun’s new software strategy overlord) discusses why I want to run Solaris on Intel hardware.

Is Sun ever going to figure it out?

People who have to administer servers like to run Linux (compared with something like Solaris) because it’s easy to get help, easy to find task-specific tools that work without much tweaking, and easy to quickly install a reasonably secure system with a sensible (useful) software map.

There’s also the whole free software thing, but if Schwartz would like to pretend that’s a non-issue for his customers, I won’t argue the point. It’s not that important (at least to me) in the Sun/Solaris versus Linux debate.

You see, as a system administrator I don’t care about running Linux on cheap Intel-based PCs from Sun Microsystems. I want to run Linux on Sun’s enterprise level systems. I want Sun to support that. I want Sun to help out with the development effort, creating custom distributions that are optimized for its hardware as necessary. I want Sun to help make the Linux kernel suited for use on these systems, even if it means having to fork the kernel to keep things sane on systems with more than four processors. I want hardware on which I can run Linux that is quality, reliable, and well supported. I want Sun to do a better job, because frankly I’ve been unimpressed since around 1997.

What I don’t want is more crappy hardware and another (extremely annoying) flavor of Unix to deal with.

Good luck. Give my regards to Scott.

Think I’m an idiot?

Related link: http://www.insecure.org/tools.html

Fyodor has conducted an excellent follow-up to his June 2000 survey of the nmap-hackers mailing list in which he asked its participants to provide a list of their favorite security tools. The result is a comphrehensive list of seventy five of the most essential security tools available today. This list contains both open source and proprietary tools for a range of operating systems.

Do you have a recommendation that didn’t make the list?

Related link: http://www.sco.com/scosource/quotes_from_leaders.html

I came across this while reading through the various SCO Source campaign materials that others have been regularly citing. This page contains various quotes from Stallman and Perens that are designed to make them appear as free-wheeling techno-anarchists that are out to destroy SCO, and probably, according to SCO’s rational, the whole of the corporate software business.

I’m not really bothered by the quotes they’ve chosen, or the fact that they’re likely taken way out of context. What really frustrates me is that they’ve cited two individuals that don’t speak for the whole of the open source community (because no one really can) and who don’t work on the kernel– the bubble gum center of this whole debate.

A rebuttal site is in order.

Have you found any quotes from Linux developers that could help countermand SCO’s FUD campaign?

I’ve had my iPod for about a week now and I have to say it’s probably the best tech toy I’ve ever owned– even possibly the best overall purchase I’ve made to date. I just hope that Apple follows up this great product with the add-ons we are all expecting. Here’s my take on what accessories Apple should release for the iPod.

iBase Enhanced

The base station is a great feature. I especially appreciate having a line out jack. I’ve got my base connected to the stereo in the living room. My roommate has his connected to a 17″ iMac. This makes it really easy to sync up the iPod and walk over to the stereo and play music from the iPod on a good set of speakers and amplifier.

But the base station is missing some things. First off I want a digital optical output. Second, I want a wireless remote control. Now this one is going to be a trick since generally stereo components don’t communicate with each other very easily. Even with a wireless remote, how can I tell which album or track I’m playing. After all, I can’t really see the iPod’s display from the couch, or my desk. So for this enhanced base station I’ll settle for just generic track skipping support. I know Apple can do better though.

iControl: The Apple Universal Remote

Why not? They did a stellar job on the iPod. I’ve seen a lot of high-end universal remotes and they’re all lacking. I think Apple could do a great job if it stepped up in this arena. Imagine a two-way remote that could display information from the iPod and then also imagine a great OS X application to manage all of the remotes nifty features. The remote of course integrates with all my other home audio and video equipment, including my new enhanced base station.

iRecord

This is the obvious contender. Users that have experimented with the iPod’s diagnostic mode have already uncovered a bare bones recording feature. It’s my guess that Apple will release audio recording features for iPod soon. I’m really looking forward to this. Here’s my feature request list:

• Let us record in an uncompressed audio format.
• Don’t limit the recording time per track (except in light of disk space requirements).
• Allow us to record in stereo.

While most people will probably use this feature to record voice memos I can think of a few other applications. Recording meetings, or classes, for starters. Recording live music is high on my list (with the band’s permission, of course). I’m also hoping to be able to use my iPod as a secondary audio source for digital film making. Why lug around a portable DAT recorder when you can use the iPod for such tasks. Even better is the fact that the small size of the iPod will make for easy wearable recorders for micing actors and that will be double plus good.

I think that should keep Steve and company busy for a bit.

What other iPod add-ons do you want to see?

Related link: http://seifried.org/security/

With this blurb, I am beginning what I wanted to do for a long time - a review of great personal information security sites. I will look at some awesome security web sites, run by individuals for non-commercial purposes. Here is the first and likely one of the most famous personal security sites on the web: Kurt Seifried’s. It contains lots of links to author’s papers on large number of security topics ranging from basic Win 98 security tips to cryptography, interviews, advisories and other resources (such as Linux Administrator’s Security Guide and OpenBSD Administrator’s Guide. The site also features author’s newsletter on security.

Related link: http://www.computerworld.com/printthis/2003/0,4814,80765,00.html

Here is one of the very few high-level articles on information security, that actually make sense. It might be hard for me to judge first hand how IT executives and CEOs perceive security, but the article seem to cover all the right things: risks, loss of business, etc.

Related link: http://www.csoonline.com/read/040103/undercover.html

Here is a funky paper on security certification called “Certification Uncertainty”. It mostly rotates around the CISSP cert. The most fascinating thing about the paper is that after reading it a couple of times, I still can’t figure out whether the author supports such certification or not. The paper has both “Would I hire somebody who has a CISSP certification over somebody who doesn’t? Absolutely.” and “CISSP may be nothing more than a club…”.

Related link: http://www.linuxsecurity.com/feature_stories/feature_story-141.html

Among other benefits, running a honeynet makes one acutely aware about “what is going on” out there. As a result of our research, many gigabytes of network traffic dumps are piling up on the hard drives, databases are filling with alerts, rootkits and exploit-pack collections are growing.

This paper is an attempt to informally summarize what was happening to our exposed Linux machine connected to the Internet. The moment is even more appropriate since we are now changing the platform of the victim machine.. Our Linux honeypot survived dozens, if not more, system compromises including several massive outbound denial-of-service attacks (all blocked by the firewall!), major system vulnerability scanning and serving as an Internet Relay Chat (IRC) server for Romanian hackers - and other exciting stuff…