Suggested Blog Reading – Wednesday January 2nd, 2007

ReadAlright Mother Nature. You and I have an issue that we need to work out. I’m not sure what I did to you but I don’t think dumping 60cm (~24in) of snow on my house is an appropriate response.

Here is the list:
iptables-1.4.0 – I can’t remember the last time that I saw an update to iptables.

The netfilter core team has released iptables-1.4.0. This is the first final release of the new iptables branch 1.4. This release contains lots of bugfixes and improvements for the previous release candidate which strongly improves IPv6 support. Please, upgrade!

wsScanner – Web Services Footprinting, Discovery, Enumeration, Scanning and Fuzzing tool – Another tool for you to try out.

wsScanner is a toolkit for Web Services scanning and vulnerability detection.

Tools to help protect your internet anonymity – Some good tools to help with your pen tests.

Ever need a disposable phone number or temporary login in credentials to stop receiving spam?

Here is a link to a number of websites that have potentially useful privacy tools.

The Visibility of Information Risk Management – I don’t anticipate this changing any time soon. Breaches don’t have the “sexy” factor that a political assassination or the US dollar falling would have. Sad times we live in.

I picked up today’s WSJ and got a cold, hard dose of reality. In it, is an article called “Data Security Breaches Reach a Record in 2007″. It’s a fairly retrospective article that discusses the four to eight-fold increase in compromised records for EOY 2007 vs. EOY 2006 (the discrepancy in increase estimates is due to Attrition.org using deposition information from Visa & Mastercard in the TJX case, vs. the “only” 46 million number used by TJX).

What is most disturbing to me is not the increase from 2006. It’s not that the AP article is inaccurate, or that I see how others report on our industry from afar and I find it lacking. What is disturbing is that it’s buried at the back of section B – right next to the page and a half or so of legal notices.

World’s Top Surveillance Societies — Updated with link – Interesting read. Apparently Big Brother is watching quite a few people 🙂

Privacy International, a UK privacy group, and the U.S.-based Electronic Privacy Information Center have put together a world map of surveillance societies, rating various nations for their civil liberties records.

Both the U.S. and the UK are colored black for “endemic surveillance,” as are Thailand, Taiwan, Singapore, Russia, China and Malaysia.

sshutout-1.0.5.tar.gz – Nifty.

sshutout is a daemon that periodically monitors log files, looking for multiple failed login attempts via the Secure Shell daemon. The daemon is meant to mitigate what are commonly known as “dictionary attacks,” i.e. scripted brute force attacks that use lists of user IDs and passwords to effect unauthorized intrusions. The sshutout daemon blunts such attacks by creating firewall rules to block individual offenders from accessing the system. These rules are created when an attack signature is detected, and after a configurable expiry interval has elapsed, the rules are deleted.

WebGoat 5.0 on Ubuntu – Take a read in case you’ve run into this problem.

Some days I love Ubuntu, some I friggin hate it. today I hate it.

WebGoat comes with a nifty little .sh script to check to make sure you have sun java 1.5x installed.

well, after installing sun java 1.5.x with synaptic finding the nifty directory its in “/usr/lib/jvm/java-1.5.0-sun” then pasting that in the script it still took a dump giving me

Please set JAVA_HOME to a Java 1.5 JDK install or JVM Is not 1.5 errors.

so I just deleted all that check code, put export JAVA_HOME=/usr/lib/jvm/java-1.5.0-sun/ at the top of the script and it now works…

Where to submit malware samples – If you’ve ever wondered where you submit malware that you find/discover/experience then check out these links.

Some of you might want to know where to submit virus/malware samples to security companies. This blog post might help.

First, each vendor has their own submission process. For example, Symantec has this page, McAfee has this page, Sunbelt has this page — and so on. However, email addresses are available — you can package your malware sample into a zip or RAR file, password protect it (common practice is to use the password ”infected”) and send off the sample. A full list of submission addresses is here.

Now, if you’re feeling lazy (or just plain too busy), you can always submit a sample to Virustotal. All the vendors that are part of VirusTotal receive samples, so it’s an easy way to get a sample to a lots of companies. I’m not particularly sure if it’s the fastest way to get samples out there to the security companies, but the samples do ultimately get to all of us. (Clarification — VirusTotal gets us the samples immediately. But it’s up to the vendors to get these samples into their threat signatures. For some, this takes a bit of time.)

Best Book Bejtlich Read in 2007 – It’s a good thing that Richard is such an avid reader. It’s an even better thing that he doesn’t pull any punches when it comes to his reviews. Of course, I saw that knowing that he wants to review my book when it’s released….gulp!

Last year I posted my first year-end ranking of books I had read and reviewed in 2006, titled Favorite Books I Read and Reviewed in 2006. I decided to continue the tradition this year by posting my 2007 rankings, and awarding Best Book Bejtlich Read in 2007 (B3R07).

2007 was not my most productive year in terms of reading and reviewing books. I read 17 in 2000, 42 in 2001, 24 in 2002, 33 in 2003, 33 in 2004, 26 in 2005, and 52 in 2006. This year I read and reviewed 25 books, several during the last week.

Phone-Shield set to increase police prosecution rates – Sounds interesting.

A new mobile phone faraday bag called the ‘Phone-Shield’ has been launched by Tamworth-based Disklabs, is set to increase the ability of the police to successfully and cost-effectively prosecute in cases where mobile phone data comprises an essential element of evidence. The new Phone-Shield has been designed by Disklabs to ensure that data on a suspect’s mobile phone can be investigated without that data being compromised when the phone connects to its relevant network…

Navy offers scholarships for IT pros – I think this is a great idea.

To help meet its demand for IT security specialists, the Office of the Navy’s Chief Information Officer will offer scholarships to civilian Navy and military personnel for postgraduate studies in the field of information assurance.

The scholarships are available from the of Defense Department’s Information Assurance Scholarship Program, and will pay for tuition, fees and books for master’s- and doctorate-level studies in biometrics, computer science, information systems, telecommunications, business management and administration, as well as other areas with a focus on information assurance, according to the Navy CIO’s office.

Scroll to top