Snowden, NSA Exploit Kits and Commercial Espionage

A few months back, Der Spiegel published a carefully selected cache of documents about the NSA Exploit Kits used to compromise a wide range of commercial network and security hardware and software. I haven’t seen anyone discussing the implications for commercial espionage. NSA Exploit Catalog A few months back, Der Spiegel published a carefully selected […]

Response: Cisco Closes Sourcefire Acquisition; Delivers Threat-Centric Security Model

Response Logo

The announcement is a major change in Cisco Security strategy and perspective and, I think, a promising step forward: From a strategic standpoint, we will focus on a “threat-centric” security model moving forward – meaning that we will put a heavier focus on the threats themselves versus policy or controls. Given the fast-changing threat landscape, […]

A Decade Later – My Predictions for 2003

Stairs To Nowhere

In December 2002, I wrote an article for SearchNetworking at Techtarget about ten predictions for 2003 – Greg Ferro’s 2003 predictions. I stumbled across the article recently & was struck by just how many of these predictions are still valid & somewhat accurate. Let score how accurate I was:

Response:How to remain secure against NSA surveillance – Bruce Schneier

Response Logo

Bruce Schneier has been reviewing documents from Snowden and believes that all security platforms have been compromised by governments : Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent […]

The Huawei Security Problem Isn’t the Hardware, it’s Engineers Fixing the Bugs.

I’ve been thinking about the security issues of working with Huawei equipment and Huawei the company. I’ve spoken with a number of people who, off the record, talk of working with Huawei as customers and their experiences of the product have been less than excellent but the price is low. What I’ve realised is concerning. […]

Cisco White Paper on IPS 4500 & 4300 Series Sensors

Vendors are rarely believable when data sheets state the performance of IPS systems. That’s partly the fact that IPS performance is variable according to types of inspection rules that are configured and the amount of traffic hitting those rules, in use. In short, IPS performance is determined by the complexity of the rules you choose to […]

Restrictions on Multi-Context Enhancements for Cisco ASA Software Release 9.0 – Updated

Another sign that it’s time to stop buying service modules for Catalyst 6500. This is not the time for dedicated hardware appliances such as ACE or ASA Service Modules. Mulitcontext support for routing and VPN is not available on C6500 ASA Service Module.   Multi-Context Enhancements Enhances the current ASA Multicontext capability to include support for […]