
Internet & Web security
An update to the Cloud Security Alliance guide is a reminder that cloud computing is, of course, heavily
dependent on network security.
Some, potentially millions of HP LaserJet printers attached to Internet-connected computers or networks
appear to be vulnerable to being hacked through a flaw in the way they accept unauthenticated software updates from the network. A few years back, a very similar vulnerability was described at Black Hat: Vulnerabilities in Not-So Embedded Systems described hacking a Xerox mulitfunction device (copy-scan-print
). The machine has an embedded AMD CPU running Linux and Apache with the Xerox applications layered on top. Accessing the device remotely thanks to its web and telnet interfaces, the hacker exploited
vulnerabilities in parameter handling by the applications to compromise the root account - game over.
  Know Your Enemy: Learning About Security Threats by the Honeynet Project (~US$35 from Amazon) is a technical guide to
configuring and using honeypot systems to analyze hacker exploits and malware in the wild. Read our book review.
Lance Spitzner’s book Honeypots: Tracking Hackers (~US$31 from Amazon) is another gripping read for technical folks involved in
defending networks against hacker attacks.
Defense Intelligence Systems Agency (DISA) occasionally conducts network penetration tests against US
military networks and publishes interesting statistics such as the proportion of attacks that go unnoticed and unreported, presumably to shame the network/system administrators into improving their security
responses. Given that their targets are (or at least should be) highly security conscious, the figures are a salutary lesson for all of us since the implication is that, if the vast majority of network intrusion attempts
are not recognized as such, then how many successful intrusions are also being missed?
James Madison University advises students on Internet security. Their Start Safe initiative looks good.
The Internet, and hence modern civilization as it has come to be, is essentially founded on Transmission Control Protocol/Internetworking Protocol (TCP/IP). TCP/IP is a suite of communications protocols that
works over almost any communications medium, including bongo drums. Does this prove that the roots of
modern civilization are in the jungle? Maybe not ... but it sure is a fun way to learn about TCP/IP.
A US-CERT Cyber Security Tip covers browser security settings - fine if your users understand the issue and can alter the settings.
The WWW security FAQ addresses the sorts of web security queries typically raised by clued-up technically
-minded end-users and novice sysadmins. It is useful albeit nearly a decade old (= an Internet eternity).
Stay Safe Online publishes advice for home users about computer security including, of course, Internet security aspects.
CERT published an historical overview of Internet security in a 1997 paper. It is interesting, though rather
sad to note that the risks they identified in ’97 are still with us, plus more besides.
Other network security stuff
Geek Tools has the tools to analyze IP addresses - useful to find out who has put suspicious entries in
your firewall logs (you do analyze your logs regularly, don’t you?).
A CERT CyberSecurity Tip on firewalls starts from ground zero: what is a firewall and why would I want one?
If you’re trying to shut unnecessary ports at the firewall to reduce your exposure to risky packets, take a look at this long listing of most well known TCP/IP ports.
Russ McRee’s Toolsmith columns (originally published in the ISSA Journal) are well worth a read if network security is your day-job.
CERT is overflowing with advice on securing home networks.
QualysGuard is a suite of tools to identify and remedy system security vulnerabilities on networked systems.
Tools like this make the job of tracking and checking IT assets for compliance much less tedious, and hence more likely to be done properly.
Related NoticeBored links collections
Wireless security, Bugs!, hacking, identity theft, information security management, change management, secure development, incident management, social engineering, email security, IT fraud, gizmos and malware
NB: we do not necessarily endorse or agree with the third party websites accessible through the links. Use at your own risk. Please let us know about new or broken links.
|