Author Archives: admin

Ping? Why do I need to block ping?

Posted on September 16, 2011 by admin

On one of the security lists I follow, a firewall admin (who I assume is new at his job) asked the following question: All this while I’m not allowing any public ping to the website I’m maintaining, but it’s making …

Posted in Uncategorized | 1 Comment

Blocking twitter to stop a riot?

Posted on August 13, 2011 by admin

In an effort to control the communications used by rioters, the UK government are seeking ways to limit access to social media during a riot. There’s an old saying amongst techie types – “The Internet interprets censorship as damage and …

Posted in anonymity, current affairs, cynicsm, privacy, world news | Leave a comment

I know what you did this summer

Posted on July 23, 2011 by admin

Seriously? deathrun? Anyway, yes I have noticed you. Well done. Best thing about active defense? Drops people onto the naughty step, saves the logging data, reports it to the SOC. Correlation Alert (6 alerts): Multiple failed login against a single …

Posted in Uncategorized | Leave a comment

Broken Windows and Information Security

Posted on June 30, 2011 by admin

I first came across the broken window theory reading a novel. It basically says that there are two approaches to fighting urban crime. In the first, you set up a big program, trumpet that you are “tough on crime, tough …

Posted in computer security, data protection, information warfare | Leave a comment

At some point, people will point to the last month and say

Posted on June 3, 2011 by admin

“This is when the cyberwar started”. We are seeing an explosion of internet attacks. Organisations of all sectors – be it tech, non-tech, commercial, non-profit or whatever. If you are on the internet, you are being attacked. If you can’t …

Posted in Uncategorized | Leave a comment

Business Intelligence : What’s going on inside your network?

Posted on May 15, 2011 by admin

SIEM (otherwise known as good old fashioned Log management) is the forgotten child of information security, and is applied business intelligence at its finest. Information Security is now a recognised business function, and business intelligence for this area is found …

Posted in computer security, innovation | Leave a comment

SCADA vulnerability alert

Posted on May 12, 2011 by admin

A story has come to light which I think is worth replaying. If you don’t feel the value of a threat intelligence service and you are running a utility, then you are missing out. This one came to us via …

Posted in SCADA | Leave a comment

New vulnerability scan service launched

Posted on May 12, 2011 by admin

So we’re pleased to announce that we’ve got our scanning towers launched. We’re able to offer you internet and (if you are a MSSP customer) LAN based scans which will feed into your portal account. We’re happy to provide one-off …

Posted in News | Leave a comment

Watching a breach in progress

Posted on April 29, 2011 by admin

Before I start, I have to tell you that I have deliberately obscured the names of this company to protect the sources. However, this is a live story, and absolutely true. Let’s call the company Eckgle ltd. Eckgle make their …

Posted in certification, computer security, cynicsm, PCI DSS | Leave a comment

It’s not your phone, its the wifi (and you)

Posted on April 26, 2011 by admin

I see that the Guardian have managed to re-publicise a well known flaw in WiFi. SSID’s (the name of the network you’re connecting to) are just a string of characters. Couple this with a WiFi devices propensity to reconnect to …

Posted in BT, computer security, WiFi | Leave a comment