[SecurityRatty] tag: covers

Presentation on Unusual Use Cases for Log Management

Mon, 13 Oct 2008 07:11:00 +0000

Ok, so I will be a good blogger and plan a few scheduled posts while I am away. Here is the first - another presentation that I am unleashing upon the world. It covers a few "less common" use cases for log management: eDiscovery, database monitoring, etc.

It is also embedded below:

Log Management For e-Discovery, Database Monitoring and Other Unusual Uses

View SlideShare presentation or Upload your own. (tags: logs logging)

Enjoy!

Threat Modeling at Microsoft

Mon, 13 Oct 2008 02:21:53 +0000

Interesting paper by Adam Shostack:

Abstract. Describes a decade of experience threat modeling products and services at Microsoft. Describes the current threat modeling methodology used in the Security Development Lifecycle. The methodology is a practical approach, usable by non-experts, centered on data ow diagrams and a threat enumeration technique of 'STRIDE per element.' The paper covers some lessons learned which are likely applicable to other security analysis techniques. The paper closes with some possible questions for academic research.

40 Security Flaws Fixed In Mac OS X Security Update 2008-007

Thu, 09 Oct 2008 20:56:07 +0000

Apple has released another pack of patches that cover a total of 40 documented vulnerabilities affecting the Mac OS X. The Security Update 2008-007, available for Tiger and Leopard, covers a range of third-party components and Mac OS X flaws that could users at risk of remote code executions attacks. The more serious vulnerabilities include: Apache: CVE-2007-6420, [...]

Speaking of Security Podcast #124

Mon, 06 Oct 2008 20:00:00 +0000

Art Coviello on Security for Innovation

Speaking of Security co-host, Amanda VanVeen, introduces a new video featuring RSA President, Art Coviello. Art covers new IDC research on the topic of security and business innovation. Forward-thinking security leaders are driving tighter linkages between innovation goals and security strategies.

AT&T Extends Free Wi-Fi to Cheapest DSL Plans

Tue, 16 Sep 2008 09:30:32 +0000

AT&T seems to have added free Wi-Fi for its lowest-priced DSL customers: The Atlanta Journal-Constitution is the only one with this story, and they've garbled a few of the details, but checking AT&T's public sites seems to confirm it. Previously, AT&T customers had to either have a fiber-optic U-Verse subscription, or a DSL line running at 1.5 Mbps downstream or faster to get free Wi-Fi Basic. The Basic pool covers most of the 17,000 U.S. hotspots, excluding some hotels and premium locations.

AT&T now says that any "FastConnect" subscription, even its DSL Lite offering of 768 Kbps down/128 Kbps up, qualifies for Wi-Fi Basic. The new statement reads: "AT&T Wi-Fi Basic service is FREE and already included if you subscribe to AT&T High Speed Internet, AT&T U-verseSM High Speed Internet, or AT&T FastAccess® DSL—all speed plans included.

There's still a $10 per month fee to upgrade to Wi-Fi Premier, which includes over 70,000 locations worldwide, along with the missing U.S. hotspots, but their Web site says that you have to have a 1.5 Mbps or faster connection to get the $10 per month upgrade. That may be out of date. That ordering page also says you need 1.5 Mbps or faster for free Wi-Fi, so that tends to confirm it hasn't been fixed. (It's even hosted at sbc.com, so perhaps that's part of the vestige of an older system, harder to update.)

Please note that iPhone subscribers still don't get free Wi-Fi on AT&T's Basic network.

Apple MacOSX 10.5.5 Patch Covers 34 Security Vulnerabilities

Tue, 16 Sep 2008 07:19:02 +0000

Apple has released another update to address security vulnerabilities affecting Mac OS X users, warning that some issues could lead to arbitrary code execution attacks. The update, available for Tiger and Leopard, addresses a total of 34 documented vulnerabilities, some in third-party components like ClamAV, BIND, OpenSSH and Ruby. Built into 10.5.5 is Security Update 2008-006, [...]

Intro to DD-WRT Firmware: Mod your wireless router to do more

Sat, 13 Sep 2008 09:31:07 +0000

New Video: Intro to DD-WRT: Mod your wireless router to do more
DD-WRT is a Linux firmware available for many Linksys, NetGear, Belkin, D-Link, Fon, Dell, Asus and other vendorâs wireless routers. DD-WRT is far more feature rich than the stock firmware that comes with most routers. This video covers the basics of installing and configuring DD-WRT.

Two side notes: My Nmap class will be held at Ivy Tech in Sellersburg Indiana at 1PM on Sat Sept 20th 2008 in room P5. If this one goes well the next presentation will be on sniffers. Also, thanks to all of the folks who have signed up for Dreamhost using my discount code, it's really helped support the site with extra revenue.

Wee-Fi: Routing Out an Address; Badger-Fi

Fri, 12 Sep 2008 07:34:26 +0000

Slashdot breathlessly posts an item by coderrr that Skyhook Wireless is exposing people's addresses: Yeah, whatever. Skyhook has accidentally offered an API that lets you query their Wi-Fi positioning system for latitude and longitude using a MAC address. Skyhook constantly drives major cities around the world and integrates scans created by users of their systems as well. The poster defines a non-existent problem: first, a scammer needs to get someone's MAC address; then you need to pair a rough lat/long with their street address; then, coderrr says, you'd get a phishing email with your home address. Whatever. If my machine is compromised enough that you can obtain my MAC address and then launch a phishing attack, I have worse problems already than my street address being in the email--which is unlikely given that most Wi-Fi scans will be in urban areas. It's likely Skyhook will modify their systems to prevent submission of such queries, or perhaps open their API further.

Madison Wi-Fi network sold to Atlanta firm: Xiocom purchases Mad City Broadband, a firm that has suffered significant criticism over the performance of its Wi-Fi network in Madison, Wisc. The press release from Xiocom (some quoted in the Badger Herald article) are a bit over the top about a network that reportedly has few users, inconsistent performance, and covers only a fraction of the city.

Employee Fraud Spiralling Out of Control in the UK

Tue, 09 Sep 2008 06:08:00 +0000

You have read it before on TheBulletProofBlog - the tougher times get, the more likelihood that people will resort to criminal measures.

We reported it regarding the theft of copper from Churches, Hospitals, Schools - even from new homes still under construction. We brought to your attention the fact that thieves have become bolder, evidenced by the theft of manhole covers in public streets and drilling into fuel tanks on vehicles as petrol and diesel prices rise.

In "Personneltoday", it is reported that employers have been put on "red alert" as the downturn in the economy is prompting employees to make ends meet by dishonest means. One figure that employers every where are bound to find shocking is the fact that employee fraud has cost UK companies more than 77 Million Pounds Sterling (approx. $150,000,000.00),just in the first half of this year alone.

The most disturbing aspect of this figure is the fact that it is up from 10 Million Pounds Sterling (approx. $18,000,000.00)in the same period last year. This represents more than an 8 fold increase in employee fraud in a 12 month period.

The report was conducted by the accountancy firm BDO Stoy Hayward. Mr. Simon Bevan, the head of fraud services there attributes the escalation in criminal activity amongst employees to; "spiralling personal debt as a result of mortgage,food and fuel price hike". Sound familiar?

The population of the UK is one sixth that of the United States. It is frightening to imagine what the figures will look like from U.S. businesses at the end of this year and beyond. In 2002, employee fraud and abuse cost U.S. businesses $6 Billion Dollars (independently reported by the "Association of Certified Fraud Examiners" of which SEXTON is a member).

What would be the outcome to U.S, businesses if fraud costs escalated 8 fold to $48 Billion Dollars by year's end? How many would go under? How much further damage would that inflict on the already struggling economy? The economic circumstances in the U.S. are certainly similar to those of the UK.

U.S. businesses beware. Be proactive and fight fraud and abuse before it is too late. Your very survival just may depend upon it.

Thieves Target Homeowners and Builders

Fri, 29 Aug 2008 15:51:00 +0000

We have written about thefts of copper wire and even street manhole covers in the past. It appears that new homes and those being foreclosed upon are ripe targets for unscrupulous thieves.

Thankfully, there are many more solutions than in days past. Global Positioning Systems can now be hidden in materials and the thieves can be tracked in real time and the Police notified by the security consultant who has been hired to monitor their movements.

The highlighted link from "The New York Times", tells the sad story of a young couple and their 7 month old child who had to live onsite at their new house for many months in order to deter thieves.

We have spoken with home builders in the past regarding supplying security officers to monitor unfinished homes. One of the hurdles has been the cost of security. The escalating cost of these thefts may now make Home Builders think twice though.

The National Association of Home Builders claims that $5 BILLION a year is being stolen nationally by theives from homes under construction. That would purchase a lot of security services. Not to mention the cost of labor to replace that missing copper wire, plumbing fittings, doors & windows, etc.

Like we always say, thieves are opportunists. If you give them an opportunity such as leaving valuable building supplies unprotected, they will take them. On the other hand, if you put an obstacle in their path such as a site that is monitored by security cameras (with somebody on the other end of the camera - you'd be surprised how many businesses put in cameras but have nobody to monitor them)or a roving security vehicle, they will move along and ply their trade elsewhere.

That is called "target hardening". Quite literally, you make yourself (or your property) a harder, more difficult target. They then move along to some other target. Bad for someone else, but good for you.