Posted on in Information Systems
Email communication has become so common, users often forget that there is no inherent security in the common implementation. For general correspondence it might be acceptable to forsake security in the interest of ease of use. After all, the sharing of recipes between old friends is not always a matter …
Posted on in Information Systems
In the field of information technology, there are two kinds of professionals. Those that seek to make information more accessible through applications and services, and those that strive to protect that same information. Information security professionals protect information by first striving to identify the individuals access the system and then …
Posted on in information_systems
It can be said that security policies are living documents that must be frequently reviewed and revised. As organizations evolve, their security needs evolve as well. Policies written before the evolution of the organization may not adequately reflect newly developed needs. Therefore, it should be considered standard procedure to review …
Posted on in System Administration
I manage servers and network devices that, for a variety of reasons, allow users to connect via SSH from anywhere in the world. Although the traffic generated by these connections is encrypted, leaving this open to the world does present a bit of a security risk. Would-be crackers use compromised …
Posted on in Software
After almost a year of development, the Internet Software Consortium (ISC) announced the newest release of their Domain Name System (DNS) server, BIND 9.4.3, today. This release includes over 140 fixes over BIND 9.4.2.
Although this maintenance release is mainly focused on bug fixes, it does …
Posted on in IT Management
Company X is a fictional manufacturer of gourmet snacks and treats.
Studies have shown that a large number of Internet users are concerned about privacy and security. According to one study, 87 percent of Americans fear their credit card information will be stolen or misused. Additionally, 89 percent fear that …
Posted on in Software
As you may know, Firefox 2.0.0.12 was released today, and it's no surprise that The Camino Project has followed suit with Camino 1.5.5. The Camino browser is a Mozilla-based web browser designed to integrate smoothly with Mac OS X. It sports a more OS X-like …
Posted on in Networking
Oops! I guess I'm way behind the times.
For quite a while, I've been using ip verify unicast reverse-path to prevent packets with spoofed source addresses from crossing my routers. Apparently, as of IOS 12.0 (12.4 is current as of this writing), that command has been replaced with …
Posted on in Networking
If you are at all familiar with <acronym title="Simple Network Management Protocol">SNMP</acronym>, you've probably heard of "community strings". Community strings are similar to passwords. They define and grant access to a device's <acronym title="Management Information Base">MIB</acronym>. If you've used SNMP in conjuction with a …
Posted on in Software
Internet Systems Consortium, Inc., makers of the popular BIND <acronym title="Domain Name Service">DNS</acronym> server and INN Usenet server, has announced the End of Life for BIND 8 . I received an email from ISC on this topic earlier in the month, but I wasn't aware that the <acronym …
Posted on in Networking
This isn't late breaking information, but there's an interesting post in the Cisco WAN, Routing and Switching Forum regarding a particular regular expression that, when used in conjunction with the show ip bgp regexp, results in a router crash. Here is the full command.
show ip bgp regexp (.*)(_\1 …Posted on in Networking
On most networks, there is a subset of IP addresses assigned to "management" hosts. These hosts might be the workstations of network administrators or monitoring servers. One of the keys to network security is restricting who has access to the device. Generally, we think of access restriction in terms of …
