Thanks JABR
On 12/06/2014 04:07 PM, John Abreau wrote:
The video of Jeff Schiller's BLU talk a couple weeks ago is up on youtube
now.
http://youtu.be/Auuiwr9NKxA
--
Jerry Feldman g...@blu.org
Boston Linux and Unix
PGP key id:B7F14F2F
PGP Key fingerprint: D937 A424 4836 E052 2E1B
The video of Jeff Schiller's BLU talk a couple weeks ago is up on youtube
now.
http://youtu.be/Auuiwr9NKxA
--
John Abreau / Executive Director, Boston Linux Unix
Email: abre...@gmail.com / WWW http://www.abreau.net / PGP-Key-ID 0x920063C6
PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23
Samuel Gechter samgech...@gmail.com writes:
Looking for a recommendation for a computer security firm. Anyone have a
firm that they have experience with and would recommend?
A security firm to do what exactly?
Thanks,
Sam
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media
Looking for a recommendation for a computer security firm. Anyone have a
firm that they have experience with and would recommend?
Thanks,
Sam
___
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss
Jared - thank you very much.
Sam
On Mon, Nov 4, 2013 at 2:12 PM, Jared Carlson jcarlso...@yahoo.com wrote:
VSR
http://vsecurity.com
George Gal is the principal. Very good guy, has a really good team.
On Nov 4, 2013, at 1:51 PM, Samuel Gechter samgech...@gmail.com wrote:
Looking for
I've become interested in Security Information and Event Management (SIEM)
and comparing or learning more how open source products stand in the
marketplace. This book http://www.amazon.com/books/dp/0071701095 compares
AlienVault OSSIM (which appears to operate on the freemium model)
On Thu, Mar 28, 2013 at 10:49:57AM -0400, Rich Pieri wrote:
That's what I find so amusing about security discussions like this.
So many get caught up with the idea of keeping attackers out or
slowing them down without really thinking about how to protect
what's actually of value.
I fully
On Thu, Mar 28, 2013 at 02:51:05PM -0400, Richard Pieri wrote:
On 3/28/2013 2:21 PM, Derek Martin wrote:
This is nonsense. A script kiddie will go away after at most a
handful of meager attempts. A well-informed, extremely determined
Wow. You utterly missed the point. When I say assume
On 3/28/2013 7:01 PM, Derek Martin wrote:
I utterly did not. I addressed that directly, in the part you didn't
No. You did miss it.
In my model I'm less concerned if an intruder exploits a zero-day
vulnerability in mod_ssl than you are. Said intruder is trapped in the
DMZ between web server
One person wrote:
Wow. You utterly missed the point.
And another wrote:
I utterly did not.
Keep in mind when you participate in threads like this that your
audience is the BLU readership, and not the individual that happens to
be constantly posting counter arguments. Have confidence that
[Please update subjects when a thread veers off to a distinctly
different topic.]
Derek Martin wrote:
Rich Pieri wrote:
Security by obscurity is no security at all.
This is a popular mantra of paid security professionals, but it is a
fallacy, and in fact is a tool that those very same
--On Wednesday, March 27, 2013 6:42 PM -0400 Tom Metro
tmetro+...@gmail.com wrote:
We're getting a bit wrapped up in dogma. This isn't a black-and-white
issue. If you take a broad enough definition of obscurity it could be
taken to mean your knowledge of a password - it's obscure, you know it,
Rich Pieri wrote:
Tom Metro wrote:
We're getting a bit wrapped up in dogma. This isn't a black-and-white
issue. If you take a broad enough definition of obscurity it could be
taken to mean your knowledge of a password - it's obscure, you know it,
and yet it's guessable, just like the oddball
On Wed, Mar 27, 2013 at 08:19:12PM -0400, Rich Pieri wrote:
--On Wednesday, March 27, 2013 6:42 PM -0400 Tom Metro
tmetro+...@gmail.com wrote:
We're getting a bit wrapped up in dogma. This isn't a black-and-white
issue. If you take a broad enough definition of obscurity it could be
taken to
--On Wednesday, March 27, 2013 8:47 PM -0400 Tom Metro
tmetro+...@gmail.com wrote:
This is exactly my point...it's a spectrum of complexity, without a
crisp delineation between what is obscurity and what is secret.
Either a password is a secret (known to authorized personnel) or it isn't.
On Thu, Nov 03, 2011 at 07:56:41AM -0400, Daniel Feenberg wrote:
On Wed, 2 Nov 2011, Dan Ritter wrote:
Everyone wants to connect their iPad or phone... so we got a
cheap cable modem from Comcast, wired up a WiFi router, and
let them play.
You don't really need a separate uplink - just
Dan Ritter wrote:
Everyone wants to connect their iPad or phone... so we got a
cheap cable modem from Comcast, wired up a WiFi router, and
let them play.
Good approach. Obviously it can also be implemented using appropriate
router/firewall/VLAN rules, rather than a physically separate WAN
On Thu, Nov 03, 2011 at 05:43:13PM -0400, Tom Metro wrote:
I can point to complete physical separation when the auditors
come. That's worth more than the Comcast bill.
Sure, but aren't there dozens of other places in your infrastructure
where your security *is* dependent on firewall rules,
At my work, here are a few vending machines. One of these machines has a
nice little antenna on it. Presumably, it communicates via cellular
network to the vendor in order to report on usage and supplies. Yes, good
idea. Cool.
It occurs to me that this machine, most likely, did not have to go
On Wed, Nov 2, 2011 at 1:10 PM, ma...@mohawksoft.com wrote:
At my work, here are a few vending machines. One of these machines has a
nice little antenna on it. Presumably, it communicates via cellular
network to the vendor in order to report on usage and supplies. Yes, good
idea. Cool.
It
Every Ethernet device has a unique MAC address. If you document
every MAC address of all your company's legitimate systems and
devices, then any unknown MAC address will be a rogue device.
Tracking them down should then be fairly straightforward.
On Wed, Nov 2, 2011 at 2:19 PM, Matt Shields
Every Ethernet device has a unique MAC address. If you document
every MAC address of all your company's legitimate systems and
devices, then any unknown MAC address will be a rogue device.
Tracking them down should then be fairly straightforward.
Little known fact, you can change the mac
On Wed, Nov 2, 2011 at 1:10 PM, ma...@mohawksoft.com wrote:
At my work, here are a few vending machines. One of these machines has a
nice little antenna on it. Presumably, it communicates via cellular
network to the vendor in order to report on usage and supplies. Yes,
good
idea. Cool.
It
On 11/02/2011 01:10 PM, ma...@mohawksoft.com wrote:
At my work, here are a few vending machines. One of these machines has a
nice little antenna on it. Presumably, it communicates via cellular
network to the vendor in order to report on usage and supplies. Yes, good
idea. Cool.
It occurs to
On Wed, Nov 2, 2011 at 4:18 PM, Jerry Feldman g...@blu.org wrote:
On 11/02/2011 01:10 PM, ma...@mohawksoft.com wrote:
At my work, here are a few vending machines. One of these machines has a
nice little antenna on it. Presumably, it communicates via cellular
network to the vendor in order
On Wed, Nov 2, 2011 at 2:19 PM, Matt Shields m...@mattshields.org wrote:
I think his point was more that these smart vending machines are becoming
more commonplace. Even these days companies put ethernet jacks in the
kitchen, so what *if* someone who was malicious put something inside a
On Nov 2, 2011, at 8:41 PM, Gregory Boyce wrote:
Rogue Vending machine strikes me as a movie theater threat. Rogue
devices can be a very real problem, but you're much more likely to be
hit by a users virus infected home laptop or potentially a malicious
device other than a vending machine.
Case in point: a few gigs back we got hit by Slammer on the inside
of our firewalled network. It wasn't ourselves. It was a visiting
vendor or some such who brought it in on his own laptop and it
spread when he plugged it into our network.
Not trying to open a rathole, but are any of ya'll
On Wed, Nov 02, 2011 at 09:33:18PM -0400, d...@geer.org wrote:
Case in point: a few gigs back we got hit by Slammer on the inside
of our firewalled network. It wasn't ourselves. It was a visiting
vendor or some such who brought it in on his own laptop and it
spread when he plugged it
29 matches
Mail list logo