Response: Rate-limiting State and Internet Frailty – ACM

This article from the Association of Computing Machinery and written by no less than Paul Vixie. It is a detailed review of the basic facts of the Internet being smart at the edge and dumb in the middle. By design, the Internet core is stupid, and the edge is smart. This design decision has enabled […]

Response: NTP and the Winter of 2013 Network DRDoS Attacks – Network Time Foundation

The Network Time Foundation published this blog post on the problem and solution of the NTP reflection attacks which is a classic case of a “tragedy of the commons”. If everyone involved has done what was right for the community, the situation would never have occurred. If the fix is that easy, why isn’t it […]

Snowden, NSA Exploit Kits and Commercial Espionage

A few months back, Der Spiegel published a carefully selected cache of documents about the NSA Exploit Kits used to compromise a wide range of commercial network and security hardware and software. I haven’t seen anyone discussing the implications for commercial espionage. NSA Exploit Catalog A few months back, Der Spiegel published a carefully selected […]

Response: How bad is the OSPF vulnerability exposed by Black Hat? | Routing Freak!

Manav breaks down the OSPF vulnerability from Black Hat 2013 and confirms that it practical and viable failure of the OSPF protocol. So it was with certain skepticism that i started looking at yet another OSPF vulnerability exposed by Gabi, again at Black Hat. Its only when i started delving deep into the attack vector […]

Response: Targeted Internet Traffic Misdirection – Renesys

The report shows strong evidence that very specific prefixes were hijacked and diverted to countries where legal jurisdiction could be reasonably assumed to be weak. Renesys does not say which prefixes were hijacked but consider hijacking a corporate PI space and capturing a copy of all the email to & from a large company (email […]

Response Logo

Mac OS X Maverick – AnyConnect Client Not Working – Cisco Support Community

Cisco software development fails again. Nine months to prepare for Apple OS X Mavericks and the AnyConnect client doesn’t work. Cisco’s poor reputation for software competency is often well deserved.


Response: Digital Attack Map

This site displays a list a DDOS attacks that are happening at any time. This graphic shows a 300Gbps DDOS in the United States that lasted for six days. Fascinating (and a reminder that you can’t handle DDOS on your enterprise WAN connection).   Digital Attack Map is a live data visualization of DDoS attacks […]

Response Logo

Response: Cisco Closes Sourcefire Acquisition; Delivers Threat-Centric Security Model

The announcement is a major change in Cisco Security strategy and perspective and, I think, a promising step forward: From a strategic standpoint, we will focus on a “threat-centric” security model moving forward – meaning that we will put a heavier focus on the threats themselves versus policy or controls. Given the fast-changing threat landscape, […]

Response: So What ? Chaos Computer Club breaks Apple TouchID

Although yet to be confirmed, the Chaos Computer Club have been able to circumvent the fingerprint reader on an iPhone.

Big Deal. Big Hoopy Doo Deal. Golf Claps for the Kleva Kids.

Let me explain. The idea of retina or finger print scanning for any serious security application has long been discredited but not for the reasons that most people expect.

Response Logo

Response:How to remain secure against NSA surveillance – Bruce Schneier

Bruce Schneier has been reviewing documents from Snowden and believes that all security platforms have been compromised by governments : Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent […]

Response: Application Visibility and Control | Aerohive Networks

More confirmation that the end of the firewall era (as we know it) is nearly here. Palo Alto and Aerohive are partnering to: Aerohive’s Cooperative Control networking infrastructure equipment along with Palo Alto Networks next-generation firewalls provide a comprehensive and robust solution for optimizing the user experience on a mobile first network Looks like a […]

The Huawei Security Problem Isn’t the Hardware, it’s Engineers Fixing the Bugs.

I’ve been thinking about the security issues of working with Huawei equipment and Huawei the company. I’ve spoken with a number of people who, off the record, talk of working with Huawei as customers and their experiences of the product have been less than excellent but the price is low. What I’ve realised is concerning. […]

Cisco White Paper on IPS 4500 & 4300 Series Sensors

Vendors are rarely believable when data sheets state the performance of IPS systems. That’s partly the fact that IPS performance is variable according to types of inspection rules that are configured and the amount of traffic hitting those rules, in use. In short, IPS performance is determined by the complexity of the rules you choose to […]

Cisco Adaptive Security Appliance (ASA) Software Q&A – Cisco Systems

The Cisco ASA must have new product managers in place. Haven’t seen the Cisco ASA software gets a  dedicated place on Cisco’s web site before. Usually I have to go rattling around the product support pages to find out information about the latest release. For what’s it’s worth, Cisco ASA 9.0 has following major features […]


Basics:Threat Asymmetry and Security Posture

Define Threat Asymmetry

11 Things About Using A Transparent or Layer 2 Firewall ?

You can deploy some modern firewalls in Layer 2 mode such that they are transpart

Check Point launches ZoneAlarm Free Antivirus and Firewall 2013

Once upon a time, ZoneAlarm was the best personal firewall available. It was free, stable and excellent. I seem to remember using it from 2002-2003 or so – then Zonealarm was acquired by CheckPoint and the product was lost to the retail market. CheckPoint moved the product to corporate desktops and was lost to the […]


Deleting Social Media Accounts. Running Scared.

I’m deleting social media accounts with a sense of fear. Who wants to share _everything_ ? I did, until I realised how dangerous Network Theory is for exposing information about you. And everyone you know.

Security Humour: “Packets Don’t Lie; Bob Loves Alice”

Who said people in security don’t have a sense of humour ? My crypto presentation that I teach in my InfoSec classed boiled down to a 4 minute original music video with labs. Even if you don’t like the music, if you do the labs and understand what is happening, it should help anyone pass […]

Why Do Hackers Want Facebook Data, Part I of II – Imperva Data Security Blog

Everyone thinks that Facebook doesn’t know much about you. But a 1200 page PDF file of personal data seems excessive. And this article explains why it’s bad for your social health if entities can get at that data (usually via Facebook apps). I’m worried, you should be too. Also, Security and Networking  Professional should not […]

Subscribe For Weekly Updates by Email

Get a Weekly Summary of Latest Articles and Posts to your Email Inbox Every Sunday

Thanks for signing up. Look for the email from MailChimp & make sure you confirm your email address. You may need to check your spam or gmail settings to be sure of receiving the email.

Note: You can unsubscribe at any time using the link at the bottom of every email.