archives  If you want an RSS feed try this xml rss V0.91 feed

Saturday, November 29, 2003

Net Not Reliable: BBC's Bill Blog gets cut-off.

BBC Bill BlogThe BBC's Technology commentator Bill Thompson did not have any e-mail on Tuesday and he is not best pleased, we think he's only go himself to blame. In the recent article published on his BBC Blog Bill actually refers to the solution; multiple redundant connections, he should consider if being deprived of his internet connection is as devastating as he believes. In truth he probably doesn't really care that much but some companies really do. In a recent survey most small to medium sized businesses rated their internet; by which we assume their email; connection was more important than their telephone line.
In practical terms there are several devices such as the Radware LinkProof application switch that allow a user to use multiple ISP connections to provide highly resilient load balanced connections to the internet. These devices are now becoming aggressively priced to the extent that even a relatively small business using cable and ADSL would be able to create a highly cost effective resilient connection.
Some people however don't get the point, rather like anti virus and firewall solutions were 10 years ago, they still take the attitude that '..it won't happen to me.'
In discussion with a customer recently, we considered that they actually processed at least £40,000 every day over a single Internet connection. They have not invested in the basic infrastructure to provide any kind of fault tolerance on that connection,choosingg to continue with a single ISP, one web server and one firewall. The cost of providing the resilient infrastructure would have been around £50k. Why? one might well ask!
Related Links
Radware LinkProof
Can the net take the strain? Bill Thompson BBC.

posted by Robert Campbell 8:16 PM

FreeBSD-SA-03:19.bind: bind8 negative cache poison attack

free BSDA CERT Advisory from the security team at Free BSD Project, FreeBSD-SA-03:19.bind: bind8 negative cache poison attack details the recently exposed vulnerability in the DNS deamon. Initial evidence is that this affects all bind8 implementations and may not be restricted to BSD.
All current implementations of BSD from 4.4 to builds of 5.1 prior to correction date are affected, patches are available from the usual ftp sources on the freebsd.org web site.
Related Links
Free BSD Org
BorderWare NameVault High Performance Secure DNS Appliance
Security Focus Advisory

posted by Robert Campbell 2:34 PM

Tuesday, November 25, 2003

Wanted: reasoned thought

Robert Campbell AuthorOpinion Having spent two days last week mixing it at the NEFF with various members of the police force and various fraud specialists form a wide variety of industries and public sector bodies including the National Audit Office and security specialists from the several of the high street banks. I'm even more paranoid than I was before, if that were possible.
I was especially impressed with the afternoon's discussion on the second day headed by Colin Wittaker of APACS on e-commerce fraud. I was, however, equally very depressed with the technical session on corporate security where at least one participant told the amazed audience his answer to the problem of email viruses was to only allow one PC, not connected to the corporate LAN, to be attached to the Internet.
There seems to be plenty of evidence that real criminals are getting more organised and the risks are increasing every day for all of us, as individuals and companies alike. Yet the willingness of otherwise well educated decision makers to enter into meaningful discussions regarding investment in multi-level security measures is woefully lacking, staggeringly so in my opinion.
Why is this ? There are probably many facets to the answer to that question, but as technologists we have a responsibility to adjust our responses and participate in the bigger debate as grown ups and not continually snipe at the most obvious without thinking first. Like adolescent school kids with half formed ideas or brainwashed middle class left wing pinkos with shallow reasoning and single issue politics, 7/10th of our industry seems to think nirvana can be obtained if we just dumped Windows and Bill into the Pacific.
Thank god for people like Tim Mullen a reasoned analyst if ever there was one.
Related Links
Busting the Worm Writers
Microsoft's hacker bounty is wasted money
Proposed: a Bounty for Bugs
The Flaw of Security Through Diversification by Mark Burnett
The 7 Top Management Errors that Lead to Computer Security Vulnerabilities

posted by Robert Campbell 8:44 PM

Exchange 2003 and OWA concerns

Concerns seem to be appearing over the latest version of Exchange and Outlook Web Access. In an article over at ZDnet by Matthew Broersma posted yesterday he reports that Microsoft's initial explanation relates to the use of the Kerberos authentication mechanisms. This is just the latest in a series of issues that have affected the OWA component, and while remote access to one's Exchange server is a highly desireable thing doing it with Exchange, IIS and OWA alone is asking for serious trouble and cost. Using BorderWare's MXtreme can easily put most of these risks behind you.
Related Links
MXtreme and OWA

posted by Robert Campbell 5:45 PM


Powered by Blogger Pro™