wehuberconsultingllc.com

At my new place of employment we had some firewall problems over the last couple of weeks. Eventually I figured out that the firewall was rebooting at random intervals during the day. Hint: Turn on email notifications. So I started scouring the market for an inexpensive firewall that could share two WAN connections without screwing up the SSL sessions. One of the first firewalls I found was pfSense.

[ April 22, 2008; 5:30 pm to 7:30 pm. ] April’s meeting will feature the premiere of Fortify’s movie, The New Face of Cybercrime, followed by a reception and round table discussion.

Last night I went to the Cincinnati chapter of OWASP. The second presenter was Blaine Wilson and he talked primarily about the OWASP tool called WebScarab and how it can be used it to test web applications. I immediately thought this would be a great tool to unit test web applications for security issues.

[ March 25, 2008; 6:15 pm to 8:15 pm. ] Session Topics:

• Source Code Reviews and Open Source Static Analysis Tools
• An Introduction to Web Proxies

The meeting starts at 6:30 PM and for more info go to the OWASP – Cincinnati chapter site:

http/www.owasp.org/index.php/Cincinnati

One of the common uses of disk encryption is to protect this confidential information. For people who have confidential information on their laptops the use of disk encryption is highly recommended if not mandatory. Recently a group at Princeton University published a paper called Lest We Remember: Cold Boot Attacks on Encryption Keys which presented a suite of attacks that exploit DRAM remanence effects to recover cryptographic keys held in memory. Can we continue to use and recommend these disk encryption programs?