(old found draft post)CyberWar – Ref Links

Apr 26, 2009 @ 12:05
I will return to the topic of CyberWar sometime in the near future.
–

Remember: China is at best a Frenemy

From Forbes:

Last weekend, a report by researchers at the Munk Center of the University of Toronto revealed “GhostNet,” a computer espionage virus that had infected around 1,300 computers worldwide–including many “high value” targets where diplomatic and national security information was stored. The attack focused on computers in Southern Asia and offices belonging to the Dalai [...]

(Russian) Cyber Militia example

At Danger Room:

A pro-Kremlin youth group has taken responsibility for the network attacks. And that group has a track record of conducting operations on Moscow’s behalf.
Nashi (“Ours”) is the “largest of a handful of youth movements created by Mr. Putin’s Kremlin to fight for the hearts and minds of Russia’s young people in schools, on [...]

A reminder of why companies need to block outbound SSH

Noted in a comment at SlashDot:
One day, I set up a PPP over SSH tunnel between my home computer, and my desktop at work. Transferring large binary files from my office network to my home computer was much closer to the original 3Mb/s speeds.
There is no legitimate reason for the above. I t would be [...]

Social Engineer Caught? Security violation uncovered? Not.

A person called into my organization’s Help Desk from a remote facility. It got flagged as a social engineering attempt.
Notes:
- Caller was asking for a password reset
- They knew the user’s name
- They do not know the user’s userid
- When repeatedly asked to spell the name, they continually made 2 separate spelling errors
- They suggested [...]

Great Freeway Sign Hack!!!

I spotted this on FoxNews.com.
There are still real hacker heroes

The “I am too Lazy/Busy to post” Open Thread & Linkspasm

I have been both too busy at work to post or read much and also too tired/lazy in the evenings to post, so here are a bunch of issues that might interesting. I will make updates in the comments.
I will engage in comments here and elsewhere, but I most likely won’t post much if anything [...]

“Perhaps the most interesting aspect of the advertised service is the offer to flood the victim’s phones”

The SANS handler had an interesting entry on a Russian ad:

The ad scrolls through several messages, including:
“Will eliminate competition: high-quality, reliable, anonymous.”“Flooding of stationary and mobile phones.”“Pleasant prices: 24-hours start at $80. Regular clients receive significant discounts.”“Complete paralysis of your competitor/foe.”
Perhaps the most interesting aspect of the advertised service is the offer to flood the [...]

Rock On Indian Navy, Rock On!

Hell yeah!

The Indian navy has been given formal approval by the United Nations to go after pirate ships in Somali waters, the BBC has learnt.

Though, I am not sure why UN Approval is needed.

“We can now enter the Somali territorial waters under certain circumstances. It would be only to check piracy,” he said.
India has called [...]

Checking for BGP Prefix Hijaking (or human errors) via BGPmon

I wish I had this a few years ago:

BGPmon can monitor your prefixes and alert you in case of a ‘interesting’ path change. Recently this has received quite some attention. Specifically after the Youtube hijack and the demo given at defcon. Path changes can be of different kinds, such as more specifics, change of aspath, [...]

One of my security “wordles” is in the wild…

…here.

Quick Book Notes: The New School of Information Security by Shostack and Stewart

The authors state that the practice of Information Security is flawed in many ways (something I don’t disagree with in many ways).
This is not a book about information security, but a call for the practice of it to change…to grow up so to speak.
The authors want the practice of InfoSec to be based on hard [...]

Information Security Wordles

I am still having fun with Wordle. Here are wordles of important Information Security documents as:
FFIEC IT Examiner’s Handbook
RFC2196 – Site Security Handbook
NIST Guidelines on Firewalls and Firewall Policy
Secure IOS Template
PCI Data Security Standard
Ross Anderson’s Security Engineering
NIST Guide To Securing Microsoft Windows XP Systems
NIST HIPAA Security Guide
Secure Bind Template
NSA Router Security Configuration Guide

Blogging Milestone: 100,000 Spams

Thank you Akismet!

Using Free WordPress.com Blogs to pass coded messages?

Somebody seems to be doing so.
I have a screencap:

This is an example of secure communication over unsecure mediums. Deadrops are not needed as much anymore. Who knows what this about?
Can anybody recognize the language used in the comments?

“One In Five Employers Scan Applicants’ Web Lives”

Spotted on SlashDot:
“CareerBuilder’s new survey finds: ‘Of those hiring managers who have screened job candidates via social networking profiles, one-third (34 percent) reported they found content that caused them to dismiss the candidate from consideration.’ Some red flags: content about applicant using drugs or drinking, inappropriate photos and bad-mouthing former bosses.”
That is why I am [...]

Interesting Podcast on Chinese Hackers – “The Dark Visitor #1″…

…is here.
The blog is interesting too.

WTF is This Captcha?

How the heck is a normal person supposed to “see” this anti-spam  CAPTCHA (found at Moodyloner) with over lapping letters:

Yikes. It took many tries to post a comment.

The (new) US Cyber Security Chief is the Co-author of the “The Starfish And the Spider”

I did not realize this: The newish US Cyber Security Chief (and National Cyber Security Center boss) is Rod Beckstrom who is one of the authors of the interesting COIN/4gw/5gw/network related book The Starfish and the Spider which Arherring blogged about. This could be interesting.

I have been meaning to blog the book. I read it [...]

Information Security Podcasts That I Listen to…

…in case you are interested (you most likely are not).
I subscribe to and listen through iTunes (in order of importance/priority to me) these podcasts:
- Security Now – The most useful of them; I fast forward through the Spinrite masturbation congratulatory ads embedded into each one
- Rear Guard Security – sparse and irregular, may now be [...]

Tattoos for Informaton Security

So, I was listening to Security Now Podcast #110 while blogging the last hour or so.
At the end of the podcast I heard something weird in the context of remembering a TrueCrypt password:
Here is the transcript (the bolding is my own):
Leo: Well, we’re going to get them now. This is from an anonymous listener in [...]

Sick Fucks Are Using Flickr Photos to Pretend to Be Children On Social Networking Sites

You can read about it here and here.
Attention all you parents, grandparents, aunts and uncles out there:
Do not store photos of your kids in a public accessible way.
Just don’t do it.

The Alternative to Endpoint Security Software Sprawl

RationalSecurity comments on Endpoint Security:
However, we’ve also come to realize that the locus of the threats
and vulnerabilities demands that we get as close to the assets and data
we seek to protect, so now in an ironic twist, the industry has turned
to instead sprinkle software-based agents directly on the machines instead.
After all, the endpoint is the [...]

Hey Bloggers: If you were wondering why you get all of that comment spam…

…the recent SANS incident Handler diary entry explains it:
So, the spammers do the following. They first “poison” Google so that a particular search returns their wanted web site as the first match. This isn’t too difficult to do because they don’t need to “poison” proper searching keywords – they can use whatever they want because [...]

Defining “Firewalls” [Updated]

In my day job I work as Information Security Engineer.
I have been having a bit of a friendly mini-debate with a few co-workers as to what exactly constitutes a firewall (e.g. “is a firewall a single device or a set of device?”, “is the firewall just that thing doing stateful inspection, or is it the [...]