Feed on
Posts
Comments

Archives for the ‘News’ Category

First Impressions of pfSense Open Source Firewall

By • May 24th, 2008 • Category: Lead Story, News, Security

At my new place of employment we had some firewall problems over the last couple of weeks. Eventually I figured out that the firewall was rebooting at random intervals during the day. Hint: Turn on email notifications. So I started scouring the market for an inexpensive firewall that could share two WAN connections without screwing up the SSL sessions. One of the first firewalls I found was pfSense.


April Meeting of OWASP

By • Apr 2nd, 2008 • Category: Events, News, Security

[ April 22, 2008; 5:30 pm to 7:30 pm. ] April’s meeting will feature the premiere of Fortify’s movie, The New Face of Cybercrime, followed by a reception and round table discussion.


OWASP – Ideas for unit testing web security

By • Mar 26th, 2008 • Category: News, Security

Last night I went to the Cincinnati chapter of OWASP. The second presenter was Blaine Wilson and he talked primarily about the OWASP tool called WebScarab and how it can be used it to test web applications. I immediately thought this would be a great tool to unit test web applications for security issues.


March Meeting of OWASP – Cincinnati

By • Mar 25th, 2008 • Category: Events, News, Security

[ March 25, 2008; 6:15 pm to 8:15 pm. ] Session Topics:

  • Source Code Reviews and Open Source Static Analysis Tools
  • An Introduction to Web Proxies

The meeting starts at 6:30 PM and for more info go to the OWASP – Cincinnati chapter site:

http/www.owasp.org/index.php/Cincinnati


Office Live, Windows Server 2008, and SMB Software as a Service Strategy

By • Mar 5th, 2008 • Category: News, Small Business Server

The Office Live and the Server 2008 products address the office environment with different technologies. What is a small business supposed to do? When you add in the security implications from various regulations and privacy issues that exists outside of the security requirements, the analysis can be a daunting task. To make this a little easier let me take you on a tour and review the tradeoffs between remote access and security.


The Impact of Cold Boot Attacks on Disk Encryption

By • Feb 26th, 2008 • Category: Features, News, Security

One of the common uses of disk encryption is to protect this confidential information. For people who have confidential information on their laptops the use of disk encryption is highly recommended if not mandatory. Recently a group at Princeton University published a paper called Lest We Remember: Cold Boot Attacks on Encryption Keys which presented a suite of attacks that exploit DRAM remanence effects to recover cryptographic keys held in memory. Can we continue to use and recommend these disk encryption programs?


Redesigning this web site to use WordPress

By • Feb 18th, 2008 • Category: News, Web Design

There are a variety of reasons why an organization should redesign their web site. Technology is changing continuously and the site that looked smart and fresh last year looks dull and lifeless this year. This web site was originally constructed using an open source CMS called phpwebsite. This was a nice choice a couple of years ago for a magazine style web site but WordPress has caught up and passed it on the technological front. There are many low cost or free CMS systems out there but I think WordPress is leading the pack. Here are some of the reasons that led me to convert this web site to WordPress.