Category Archives: Security

Fax Signatures

Posted on 3. Juni 2008 by jplasser

Bruce Schneier writes about fax signatures and why they are still used though they do provide almost no security.

Posted in Security | Tagged , | Leave a comment

Windoze: "Built-In" Security Tools

Posted on 30. Mai 2008 by jplasser

For those of us who didn’t know this: Built-in Windows Command-Line Security Tools. “Built-In”, haha …

Posted in Security, Tools | Tagged , , | Leave a comment

Debian's poor OpenSSL Randomness

Posted on 16. Mai 2008 by jplasser

This is worth reading. Update: The Debian people created a website with instructions to rollover keys. And there’s also a Perl script for testing SSH servers an other packages for vulnerabilities. Update 2: Bruce Schneier jumped in. And here is … Continue reading

Posted in Linux, Security | Tagged , , , | Leave a comment

I don't use "personal firewalls"

Posted on 9. Mai 2008 by jplasser

I have never used personal firewalls on my computers. And I really tend to refuse such piece of software. Maybe it’s related to my habit not to work on Windows over the last years, but I generally think you don’t … Continue reading

Posted in Security | Leave a comment

Quotes from Schneier's "Beyond Fear"

Posted on 9. Mai 2008 by jplasser

Just found some interesting quotes from Bruce Schneier’s book “Beyond Fear: Thinking Sensibly about Security in an Uncertain World”. I really like this one: “Anyone can understand security. The people who think they know best, and the people who think … Continue reading

Posted in Books, Security | Leave a comment

Security Engineering

Posted on 6. Mai 2008 by jplasser

One of the best books in the security engineering field is now available in its second edition. The first edition ist entirely free for download and you can even download some chapters from the latest edition.

Posted in Security | Leave a comment

Feeling Secure, being secure?

Posted on 25. April 2008 by jplasser

Bruce Schneier had a good article the other day: The Feeling and Reality of Security. I also recommend this one (from the comments) and an older article which is quite informative. We are all much to sensible regarding the security … Continue reading

Posted in Security | Leave a comment

Read then write …

Posted on 19. April 2008 by jplasser

After reading this article on The Daily WTF I found Mike Andrews’ blog post that said it all.

Posted in Security, Web | Leave a comment

The 10.000 web sites infection mystery solved

Posted on 18. April 2008 by jplasser

SANS has a report about an attack that for example caused the latest outage of the Austrian WKÖ website. The WKÖ website was carrying Chinese malware at least for one hour and they are titling “Hackerangriff erfolgreich abgewehrt”? Do they … Continue reading

Posted in Hacks, Security, Web | Tagged , | Leave a comment

Asterisk PBX behind NAT

Posted on 17. März 2008 by jplasser

I had a lot of problems with an Asterisk BPX behind NAT. Asterisk dropped all incoming calls after 20 seconds because of an unanswered packet. This is a well known problem when NATing Asterisk, but even Google does not provide … Continue reading

Posted in Random, Security, Software | Leave a comment