Interesting Information Security Bits for 09/30/2008

September 30, 2008

Good afternoon everybody! I hope your day is going well.
Here are today’s Interesting Information Security Bits from around the web.

  1. *nux Live Acquisition Techniques
    Cutaway gives us a nice walk-through of how he dealt with some issues when trying to acquire drive images during a recent incident response.
  2. Fiction Versus Function: Three Unspoken Annoynaces of Cisco & VMware’s Virtualization “Partnership”
    Beaker pens another interesting missive about VMWare and Cisco getting together and what that might mean for both server admins and network admins.
  3. Impact of the Economic Crisis on Security
    Rich has a great post up with some insightful observations about what effect the current financial situation may have on our industry and our jobs. You should go read it.
  4. FAQ: Clickjacking — should you be worried?
    A very good explanation for what Clickjacking is.
    Hat tip: @jeremiahg
  5. Dark Reading – New DOS Attack Is a Killer – Snake Bytes
    Some interesting stuff coming out of Sweden, interesting as in the sky is falling.
  6. Sex, death and Gartner IT security summits
    David give’s us an overview of the opening day of the Gartner IT Security Summit in London. Interesting stuff being talked about there.
  7. FOXNews.com – For Sale: Used Spy Camera With Top Secret Terror Records – Science News | Science & Technology | Technology News
    When things like this happen, you just want smack yourself in the forehead and ask how can people not get it to this degree?

    Hat tip: @cre8tn

  8. Andrew Hay >> Blog Archive >> Secure Life Ep 1
    Neat cartoon that really gets to the point.

That’s it for today. Have fun!
Kevin

Advertisements

It’s quicker, but don’t forget to fix it…

September 30, 2008

Good morning/afternoon/evening everybody.

Hope your day was/is/will be great! 🙂

Lori MacVittie over at DevCentral, who you should all read, wrote Which security strategy takes more time: configuration or coding? recently. It’s a good article with some very valid points, but it made me think of something else we need to be aware of when we make “time trade-off” choices.

I agree that WAFs, ACLs, black holing traffic, etc. are all good and
effective methods of mitigating risk and protecting against known
threats and in some case unknown threats. For example, how often have you whipped up a solution to a problem and slapped it into place?  You know it is not an appropriate long term solution, but you say to yourself, “I’ll come back and do that better when I have time.”

Fast forward 3 years and your quick fix is still in production causing all sorts of grief because it was never intended to be a long term solution and/or nobody knows what this things is doing and they remove it, again, causing all kinds of grief.

Maybe I’m stating the obvious, but we need to make sure we have effective policies and procedures in place to ensure that we are addressing things in an appropriate manner, independent of the “this is quicker” mentality. Again, I am not saying that quicker shouldn’t be used.  It has it’s place and often is the best short term choice.  I just want to remind everybody that we need to keep that long term horizon in sight also.

Agree, disagree, think I’m looney?  Leave me a note in the comments with your thoughts.

Kevin

Image courtsey of jakeliefer