The BBC had this article on the latest round of scareware. Nothing like getting the end user to pay to install your trojan. What's really sad is the people who get scammed this way not only pay for the trojan but then their identity gets stolen since they give a credit card number to the scammers.
I had to laugh when I'd get these during an earlier round of scareware adverts a couple of years ago since I've been running Linux as my primary OS since 1998. SIGH.
Cheers,
Dave
Monday, October 19, 2009
Tuesday, October 13, 2009
In-depth Look at Wal-Mart Hack
Wired has a long and detailed article looking into a hack of Wal-Mart in 2005 and 2006. The hack wasn't reported because, apparently, no customer data was compromised. Besides the discussion of how the attack was perpetrated the article also goes into some of the Payment Card Industry (PCI) requirements and how they should have played into making the hack impossible had Wal-Mart been in compliance.
Cheers,
Dave
Cheers,
Dave
Monday, October 12, 2009
SSL Still Mostly Misunderstood
"The biggest issue is the general population doesn't know what SSL is, why they're using it, and it's ingrained in them that it always makes them secure, which is not always the case," says Tyler Reguly, senior security engineer for nCircle. While 83 percent of users check they're using an SSL-secured session before entering their credit card information on a Website, only 41 percent do so when typing in their passwords. To make matters even worse, "You see surveys saying that anywhere from 30 to 60 percent of users are using the same password everywhere, so they're probably using it for on-line banking, too."
According to this article at DarkReading, this problem isn't confined to just end-users. More than half of the respondents don't know what Extended Validation SSL (EVSSL) is and how it differs from SSL, while 36 percent say they do. Interestingly, most of them are aware that SSL traffic can be sniffed without their knowledge. Even so, nearly one-third say the only purpose of SSL is to encrypt their traffic so it can't be sniffed.
Lots more interesting statistics in the article regarding how many people in the survey commit a variety of security sins.
Cheers,
Dave
According to this article at DarkReading, this problem isn't confined to just end-users. More than half of the respondents don't know what Extended Validation SSL (EVSSL) is and how it differs from SSL, while 36 percent say they do. Interestingly, most of them are aware that SSL traffic can be sniffed without their knowledge. Even so, nearly one-third say the only purpose of SSL is to encrypt their traffic so it can't be sniffed.
Lots more interesting statistics in the article regarding how many people in the survey commit a variety of security sins.
Cheers,
Dave
Friday, October 9, 2009
A question of subnets and net masks
This really isn't a security story but I found it amusing and it includes some good stuff about netmasks, subnets and such. As usual with stuff from the CentOS mailing list, click on the subject to get to the rest of the discussion thread. The link I posted avoids some of the preliminaries.
Cheers,
Dave
Cheers,
Dave
Monday, October 5, 2009
Sunday, October 4, 2009
How to build/acquire a firewall
This discussion thread on the CentOS mailing list has some fairly good advice for deciding which of several options to go with for a home based business firewall. Click on the e-mail's subject to get to the rest of the discussion thread.
Most of the folks running CentOS (like me) are cheap (like me) and so the majority of the solutions are free.
Cheers,
Dave
Most of the folks running CentOS (like me) are cheap (like me) and so the majority of the solutions are free.
Cheers,
Dave
You aren't safe just because you run Linux
I picked up a link to this article that was posted on Slashdot. It appears that the compromised systems were hacked by either exploiting an exposed user's ssh access (probably a brute force attack that found a weak password) or by finding an unpatched remote admin tool (e.g., roundcube was mentioned in one of the links that came up when I Googled the attack name).
The sad thing is that there are a number of ways to keep brute force attackers at bay for ssh. Fail2ban is probably the most comprehensive and can be used to protect other exposed logins such as web mail. Another alternative is to use the built-in Linux firewall (iptables) to only allow so many connection attempts from a specific IP address before blocking future connections from the offending IP address. I posted an extensive article on my personal blog on how to set up this particular method (and a few other ssh "protection" tricks) if anyone is interested.
Cheers,
Dave
The sad thing is that there are a number of ways to keep brute force attackers at bay for ssh. Fail2ban is probably the most comprehensive and can be used to protect other exposed logins such as web mail. Another alternative is to use the built-in Linux firewall (iptables) to only allow so many connection attempts from a specific IP address before blocking future connections from the offending IP address. I posted an extensive article on my personal blog on how to set up this particular method (and a few other ssh "protection" tricks) if anyone is interested.
Cheers,
Dave
Subscribe to:
Posts (Atom)
About Me
- DaveAtFraud
- B.Sc. ('78) and M.Sc. ('80) in Math from Ohio State followed by 12 yrs at TRW and a variety of software development positions since then. Currently living in Colorado and enjoying "trial retirement". For fun I climb mountains in the summer and ski down them in the winter, fix gourmet food and have an excellent wine cellar.