Comments for LACUNAE RISK http://www.lacunae.org RISK. INTELLIGENCE. Sat, 17 Sep 2011 08:54:00 +0000 hourly 1 Comment on Ping? Why do I need to block ping? by James Hickman http://www.lacunae.org/ping-why-do-i-need-to-block-ping#comment-15 James Hickman Sat, 17 Sep 2011 08:54:00 +0000 http://www.lacunae.org/?p=455#comment-15 I'm always amazed at the number of people treating firewall config as a trivial afterthought. The default policy should be block all in both directions, followed closely by letting your users out to hit the web, either directly or only via the authorised proxy. Repeat ad nauseum per service. If you are googling port numbers for anything that isn't very obscure, you probably need to get some help with checking your work. Ping? Designate a node in the DMZ and give that one node responsibility for handling ping responses if you must. Routers are pretty good at this sort of role as they are built to handle lots of packets and generally have buffer protection to stop the kind of abuse we are discussing. But again, understand what is going on BEFORE you open the ports. I predict that finding out after an attack using wireshark and syslog is not a good educational episode in comparison to knowing beforehand and being properly protected. I’m always amazed at the number of people treating firewall config as a trivial afterthought. The default policy should be block all in both directions, followed closely by letting your users out to hit the web, either directly or only via the authorised proxy. Repeat ad nauseum per service. If you are googling port numbers for anything that isn’t very obscure, you probably need to get some help with checking your work. Ping? Designate a node in the DMZ and give that one node responsibility for handling ping responses if you must. Routers are pretty good at this sort of role as they are built to handle lots of packets and generally have buffer protection to stop the kind of abuse we are discussing. But again, understand what is going on BEFORE you open the ports. I predict that finding out after an attack using wireshark and syslog is not a good educational episode in comparison to knowing beforehand and being properly protected.

]]> Comment on 51 things women wish men knew by fussycat http://www.lacunae.org/51-things-women-wish-men-knew#comment-9 fussycat Fri, 07 Mar 2008 15:12:00 +0000 http://www.lacunae.org/51-things-women-wish-men-knew#comment-9 It's quite a lot of rubbish really... It’s quite a lot of rubbish really…

]]> Comment on Eye yam what eye yam by Shoaib Yousuf http://www.lacunae.org/eye-yam-what-eye-yam#comment-8 Shoaib Yousuf Wed, 20 Feb 2008 00:08:00 +0000 http://www.lacunae.org/eye-yam-what-eye-yam#comment-8 http://www.pageonce.com<br/><br/>is another good similar website... http://www.pageonce.com

is another good similar website…

]]> Comment on Social (pariah) networking by martijn-konijn http://www.lacunae.org/social-pariah-networking#comment-7 martijn-konijn Sat, 26 Jan 2008 21:34:00 +0000 http://www.lacunae.org/social-pariah-networking#comment-7 A busy little fellow he seems, our Mr. Lucas Wyrsch. I'm receiving his invitation on a regular basis. Hope someone will nuke his LinkedIn account to begin with. Yuck! A busy little fellow he seems, our Mr. Lucas Wyrsch. I’m receiving his invitation on a regular basis. Hope someone will nuke his LinkedIn account to begin with. Yuck!

]]> Comment on by Anonymous http://www.lacunae.org/158#comment-6 Anonymous Sun, 04 Nov 2007 06:31:00 +0000 http://www.lacunae.org/158#comment-6 It says Jo - na - sa - n, as in Jonathan. It says Jo – na – sa – n, as in Jonathan.

]]> Comment on Cheer yourself up for the weekend. by Jonathan Care http://www.lacunae.org/cheer-yourself-up-for-the-weekend#comment-5 Jonathan Care Fri, 26 Oct 2007 16:20:00 +0000 http://www.lacunae.org/cheer-yourself-up-for-the-weekend#comment-5 Thank you for the comment!<br/><br/>And you'd be surprised how many people ask that very same question... Thank you for the comment!

And you’d be surprised how many people ask that very same question…

]]> Comment on Cheer yourself up for the weekend. by Leigh Russell http://www.lacunae.org/cheer-yourself-up-for-the-weekend#comment-4 Leigh Russell Fri, 26 Oct 2007 14:36:00 +0000 http://www.lacunae.org/cheer-yourself-up-for-the-weekend#comment-4 I trust your interest in computer fraud is prevention not perpetration! You look far too jovial to be responsible for the recent attempted fraud on my credit card - or is that something different to computer fraud? I'm afraid it's all Greek to me! <br/><br/>I have my own professional interest in crime. Murder's my speciality.... (in fiction!!) I trust your interest in computer fraud is prevention not perpetration! You look far too jovial to be responsible for the recent attempted fraud on my credit card – or is that something different to computer fraud? I’m afraid it’s all Greek to me!

I have my own professional interest in crime. Murder’s my speciality…. (in fiction!!)

]]> Comment on First post by Anonymous http://www.lacunae.org/first-post#comment-3 Anonymous Sun, 26 Aug 2007 05:37:00 +0000 http://www.lacunae.org/first-post#comment-3 Test Comment Test Comment

]]> Comment on Cool Tool: Rule The Web by Jerry http://www.lacunae.org/cool-tool-rule-the-web#comment-2 Jerry Thu, 16 Aug 2007 10:19:00 +0000 http://www.lacunae.org/cool-tool-rule-the-web#comment-2 Well, I like the quote regarding how the Internet used to be referred to :<br/><br/>"It may be the Information Super Highway, but there are too many people with provisional licences."<br/><br/>I think that says it all :) Well, I like the quote regarding how the Internet used to be referred to :

“It may be the Information Super Highway, but there are too many people with provisional licences.”

I think that says it all :)

]]>