Friday, August 21, 2009

Cisco Team Infiltrates Botnet.

A great quote from the story is "Typically, administrators patch vulnerable machines or deploy some sort of intrusion prevention system (IPS) to protect against exploits. Both approaches are effective the majority of the time, but neither approach protects systems against the uneducated user." It's such a polite way of saying something I've heard several times a week since becoming responsible for infosec..."you can't secure 'stupid' ".
In this story, that goes both ways. Read on.

http://www.cisco.com/web/about/security/intelligence/bots.html

Friday, August 14, 2009

Blackhat Papers

In case you didn't go or didn't know....
http://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html

Friday, August 7, 2009

Personal Safety. Personal Responsibility.

Look, it's BAD out there. Trust me. ( OR start reading any of the material linked here on a regular basis ) Being aware of how to compute securely is no less important than knowing how to drive a car. For that you need to be a certain age and pass a couple exams. It's too bad we can't enforce this for computing yet. But to be truly safe you really need to internalize and live the information you learned in driver's ed. Plus practice quite a bit ( every day for the rest of your life, eh ? ). Otherwise you can get really hurt, and your actions can hurt others.

Computing is very much the same. If you're not operating with certain basic awareness and protections, you will definitely get pwned, and in getting pwned, your system will be used by "the dark side" as part of a botnet to conduct attacks on others. Millions of home systems are "serving two masters" every day.

Do the right things and you can lower your risk.
At Home
1. Sign up for OpenDNS, and configure your home router ( you DO use a router, don't you ?!?!?!? [ Linksys, Netgear, etc...] ) with OpenDNS DNS Servers in place of your ISP's DNS servers.
2. Configure your router and it's clients with AT LEAST WPA2 security.

On the road, or at the coffee shop

1. If you really must join someone else's wireless, first disable all sharing on your laptop and turn on the firewall.
2. DO run some comprehensive endpoint protection ( this is MORE than just anti-virus ). And yes, do this even on a Mac. ( Here's why )

In General, everywhere1. Patch your systems !!!! Windows, MacOS, Ubuntu...they all need it ! Do it! Daily!
2. Whenever possible browse the web only with Firefox loaded with the essential add-ons NoScript and WOT ( Web of Trust )
This is key because 90% of the way you'll be pwned on the web will be through malicious javascript hidden in legit websites ( and definitely on illegit sites ! Shame on you ! )
3. Be careful links, attachments in email, and all content. Where is it from? Who is it from? Do you really need to open it ?

Do you have other tips ? Add-'em ! C'mon!

Noteable stories from favorite RSS feeds.