27 August 2010

Show 15 – Saving the Web With Dinky Putt Putt Firewalls

Web Application Firewalls, Talking Puppets, ATM to IP migration and Dinky Putt Putt Firewalls.

Internets of Interest:30 Jul 10

Collection of useful, relevant or inane places on the the Internets for 30 Jul 10:

Packet Pushers Podcast – Show 12 – Get on the Ring!

Short, sharp and awesome. And covering more about FibreChannel over Token Ring.

Cisco and Their Security Strategy

poster-security-strategy-20100703.jpg

Recently, the Security Strategy from Cisco has become vague and ill defined.

Packet Pushers Show 6 – Chewing on DDOS

We had planned a number of topics this week. Once we started on DDOS we didn’t stop before the time was up.

Packet Pushers – Show 3 – Defense in Depth – Phase Alpha

Ethan, Dan and Greg are Deep Diving into the Security Topic of “Defense in Depth” and what it really means. We had an open discussion that really didn’t go far enough. That’s why it’s Phase Alpha.

Cisco ASA Failover License Changes in Version 8.3

Quick notes on the Virtual Context licensing requirements when using a Active/Standby (Failover) pair and looking for gotchas and traps.

How to Create a Strong Yet Memorable Password.

We’re often told ‘make sure you use a good password’. When we change our passwords at work we’re often forced to add random characters into it to make it more complicated. This can have a detrimental effect on how how easy it is to remember. For a rant on the importance of passwords being memorabl

Google: Meet Skipfish, Our Automated Web Security Scanner. Security Industry – You Failed.

googlesecurityblog.jpg

Google releases Skipfish into open source for automated web security scanning. The fact that this exists is an inditement on IT Security and their failure to address threats.

Internets of Interest:9 Mar 10

Collection of useful, relevant or inane places on the the Internets for 9 Mar 10:

Blessay:Firewalls Are Like Noses:Everyone’s Got One.

firewalls-are-noses-1.jpg

The thing about firewalls is that all networks have them. Once, firewall expertise was rare and a special job focus. Now, firewalls are like noses – everyone’s got one.

Cisco IPSec VPN Client – 64 Bit – In Beta

cisco-vpn-64-bit-client-beta-1.jpg

Cisco has released a new beta of their IPSec VPN client including a 64-bit for Windows.

Internets of Interest:12 Feb 10

Collection of useful, relevant or inane places on the the Internets for 12 Feb 10:

DDOS – A Problem Bigger Than You Can Ever Be

C9270838-3943-41C7-939E-7D15035AFF3A.jpg

Taking data from the Arbor Networks DDOS report for 2009 and applying it to real life makes for some ugly choices.

Cisco Releases BETA IPSec VPN Client for Windows 7

cisco-beta-vpn-client-1.jpg

I recently stated the Cisco IPsec VPN Client would have no future development. Cisco has released a Beta version for Windows 7 and looking for feedback from Windows users.

Internets of Interest: 16th Aug

Collection of useful, relevant or inane places on the the Internets for 16th Aug:

Design: Cisco Firewall Services Module Virtualization Design Traps

fwsm-classifier-1.jpg

The Cisco Firewall Service Modules (FWSM) has a design limitation based on its ability to discriminate packet forwarding between multiple contexts. It also applies to ASA/PIX software. Lets review this in detail and learn the evil consequences.

Blessay: Designing Enterprise DMZ and Multilayer Firewall Clusters

In modern Enterprise networks, you typically have many clusters of firewalls protecting assets in your network. Since we use two or more layers of firewalls, we can put our DMZ for intermediate security zones in different places in our network. Lets gather together the different options and consider the merits or not, and sometimes how they ‘self-build’.