Yet another reason to block gambling sites at work- an article in The Sydney Morning Herald reports "Aussie exposes online poker rip-off ".
So, besides preventing a waste of time and bandwidth, you may be protecting your employees' finances by blocking access to gambling websites.
Astaro is renting an RV and taking some of the "Security Twits" and others on a road trip from Boston to Dayton for the Day-Con II hacker/security convention http://www.day-con.org/127.0.0.1.html. We have had a couple of people back out, so we have space for a couple more to join us. Interested in joining us for the trip?
We'll be leaving the Boston area Thursday 10/9 in the afternoon or evening and headed to the DC area, we'll leave the DC area on Friday morning for Dayton. Day-Con starts Friday evening and runs all day Saturday. The return trip kicks off Sunday morning 10/12, reversing the route back to DC and Boston. Astaro is covering the travel expense, you will need to cover your convention ticket (currently $150), hotel and incidentals. Tickets are still available for the conference, I think the conference hotel may be sold out, but I believe there are reasonable alternatives in the area.
Background and additional information:
http://blog.uncommonsensesecurity.com/2008/08/security-twits-road-trip.html
and http://blogs.zdnet.com/feeds/?p=255
If you would like to join us or for more information, please let me know- jdaniel [at] astaro.com
If you are a network administrator you probably have a couple of must-have tools installed on your systems. Personally, I can't imagine working without Wireshark and Nmap on every computer I use.
For these and many other programs, the core functionality may not seem very different than it did a few years ago- so there's no need to update regularly, right?
Wrong. I was reminded of this in last week's Pauldotcom Security Weekly podcast, they interviewed Fyodor (creator and lead developer of Nmap). He observed that he gets a lot of feature requests and bug reports...for things which have been added/fixed years ago- but people are still using "vintage" versions of Nmap. If you aren't using Nmap 4.76 you may have missed the fact that the Zenmap GUI now includes a topology mapping utility. That's right, Zenmap can now literally draw you a picture of your network. There are also multiple performance enhancements in the latest version, many based on developments made during Fyodor's "Scan the Internet" project.
The same happens with Wireshark, I see it frequently on the maillist. Besides the obvious bugfixes and security patches, you are often missing new features- if you are not using Wireshark 1.0.3 you don't have access to the thousands of per-protocol fields now supported (including hundreds of MIBs), nor do you have all of the 935 protocols and packet types now supported. You may not even have the "firewall ACL rules" function which can write a variety of packet filter/ACL rules for many different system for you based on the packet selected. (Of course, with an Astaro you don't need that kind of arcane rules).
What tools do you need to update now?
McAfee announced today that it is acquiring Secure Computing Corporation. Interesting timing- just last week Astaro moved from the SurfControl content filter database to Secure Computing's database.
Is that bad for Astaro? No, actually is is good in a couple of ways-
First, Astaro has used three different content filter catalogues since first offering content filtering, all selected because they were industry leaders at the time they were selected. Everyone claims to work with "industry leaders", but how do you prove who has real value? One approach is to ask the market, valuable companies often get acquired by the big players in the security market- and all three of the content filter providers used by Astaro have been acquired by larger players in the security field:
Cobion was used in ASG Version 6, they were acquired by ISS, which was later acquired by IBM.
SurfControl was used in ASG version 7 systems prior to last week's 7.302 update. Their value was obvious to WebSense, which purchased SurfControl.
McAfee has now seen the value in Secure Computing, and we wish our new partners the best.
Second, McAfee isn't buying SC just for bragging rights- they want to continue to develop the product line (with the added resources a giant like McAfee offers), which is good for Astaro and our customers.
Astaro Up2Date 7.302 is now available for download and installation. This Up2Date introduces a new Web Content Filter engine for faster and more accurate classifications. The new system offers 97 categories that have been fully integrated into WebAdmin and the previous categories have been imported.
To take full advantage of the new abilities of this Up2Date, administrators should review their Web Security categories after installation is complete.
Remarks:
Web Security Categories will be updated
System will be restarted
News:
- HTTP Content filter subcategories will be extended, please check your configuration
- Improved URL Filter for HTTP Proxy
- Increased Web Security Classification Categories to 97 (Up from 60)
- Improved device agent for ACC 1.9
- Added option to flush authentication cache
- Fixed clamav vulnerabilities CVE-2008-3912, CVE-2008-3913, CVE-2008-3914
Full update information is available at http://up2date.astaro.com/2008/09/up2date_7302_released.html#more
The National Information Security Group is a great resource for anyone with an interest in security, regardless of experience level. Founded in 2002 as a Boston-area user group, NAISG has grown into an international organization with 18 chapters and more coming. Unlike some security groups, NAISG is a very open and approachable group, meetings are free to attend and there are no prerequisites for membership.
That headline from this Network World article maybe be a little melodramatic, but they do raise a valid question: what should be done about controlling Internet access to potentially objectionable content now that American Airlines is offering Wi-Fi Internet access on some of their flights. The Network World article and a preceding one at Bloomberg discuss a problem with inappropriate content being viewed in flight. While some express opinions like:
"It's a tricky door to open,'' said Marc Rotenberg, executive director of the Electronic Privacy and Information Center in Washington. 'Where do you draw the line o
nce you start policing the information your customers can access?''
Even if the customers are paying for access, I think this one is a no-brainer- the airplane is a workplace and the airlines are required by law to prevent a hostile workplace, display of obscene content has been found to create a hostile work environment- so it needs to be filtered.
The airlines are already filtering to block VoIP, so they have proven that they are willing and able to filter some traffic. Sure, it can be taken too far, but I think the airlines should filter traffic- and they should clearly define what is and is not allowed when you sign up for in-flight Internet access.
Most people know that Astaro sponsors Security Now with Steve Gibson and Leo Laporte, and many know that ours is the longest-running sponsorship in the podcast industry. Security Now's target audience is the security conscious "power user", but it is a great podcast for anyone interested in security regardless of experience or skill level.
Some may remember that Astaro also sponsored Martin McKeay's Network Security podcast and the Pauldotcom Security Weekly podcast for a while.
I am happy to report that Astaro and Pauldotcom have renewed their ties, we are once again sponsoring Pauldotcom Security Weekly. PSW is a podcast "by security professionals, for security professionals"; hosted by Paul Asadoorian and Larry Pesce- with a mix of technical topics, the latest security news, interviews, and topical discussions. And beer. At http://www.pauldotcom.com/.
I want need one of these , the first-generation Android phone from T-Mobile and HTC. I want need one to play with test, because I'm a geek and like toys I need to develop guidelines and tutorials for connecting to Astaro VPNs with the new device.
Now, to craft my request to corporate IT.
A convicted spammer's conviction was recently overturned by the Virginia Supreme Court on First Amendment grounds. Details from this PC Magazine article include this:
Friday's ruling found that the Virginia law is "unconstitutionally overbroad because it prohibits the anonymous transmission of all unsolicited bulk e-mails including those containing political, religious, or other speech protected by the First Amendment."
Given the details of the ruling, I understand the justification- but I still don't want spam in my inbox. Regardless of whatever happens with laws and regulations, I expect the spam filters on my Astaro will do more to keep my inbox clean than anything coming from government.
Happy Birthday to everyone's favorite Intrusion Detection and Intrusion Prevention system, Snort! Snort is ten years old, and Astaro has been supporting the Open Source project for many years- and integrating Snort into the Astaro Security Gateway with an easy to use and intuitive web interface.
Here's to ten more years of protecting our networks, thanks Snort.
So, Black Hat and DefCon were great. But you probably know that by now. Kaminsky, DNS, BGP, and so on.
What you don't know is that I got to meet some customers face-to-face. I know, a lot of folks think DefCon is full of evil hackers- but in truth, the vast majority of attendees are hard-working IT and security pros like these two Astaro customers.
As far as future conferences, I'm headed to Day-Con next month, then we'll be at Shmoocon and SOURCE Boston next year.
Over at CIO, the article 20 amazing, amusing and alarming IT "facts" has a few interesting tidbits in it. This quote caught my eye:
"A new report warns that the cost from lost productivity at work related to the new NFL season could add up to $10.5 billion."
(the article is originally from Network World, but they have that annoying "page turn" ad on their version).
Not sure I buy their math:
"The average fantasy sports player earns about $38 per hour and based on an average of nearly 1.19 hours per week dealing with their team during work hours, companies lose about $45.22 in wages per worker each week"
In my experience, folks who earn ~$80k a year and can get away with spending unsupervised time in the Internet put in a lot more than 40 hours a week- so the number is questionable- but it still points out a lack of control of employee web surfing.
Apple's iPhone and iPod continue their media and marketplace juggernaut. Hot on the heels of last week's new iPod Nano ("the funnest iPod ever"), this week brings news that Kleiner Perkins has started an iPhone blog called iFundVC. Not sure what to think about it yet, but the iPhone continues to gain market share and buzz.
As far as Astaro and the iPhone and iPod, remember that we offer easy to configure VPN solutions for all Internet-connected iPhones and iPods.
In the article "Check Point Marries Virtual, Physical Security" over at CSO Online, there are some truths:
"Running virtual machines is easy. It's managing and securing them that's the problem, according to both users and analysts."
No arguments there. It is when we get down to:
"Check Point claims that it's the "first company to provide unified security management for both physical networks and virtual applications".
That seems like a stretch. And then there's this:
"The VPN-1 VE is a VMware-certified virtual application, which is designed to secure VMware virtual servers and applications by making them act as if they were on separate physical servers."
Act as if they were on separate physical servers? Isn't that what the virtualization platform already does (or at least is supposed to do)?
In fairness, the author, Steven J. Vaughan-Nichols, seems a bit skeptical, too. What do you think?
Jack
nce you start policing the information your customers can access?''