Friday 28 January 2011

Truly Amazed

Over the last few weeks we have been carring out security scans for new & prospective clients. I thought the commercial world was getting more savvy about security but too many organizations still have nothing more the ADSL routers.

The truly alarming aspect of all of this is that they are so remvoed from reality that when discussing it with them they seem to be oblivious to the gravity of such situations.

All those WIndows 2003 unpatched servers with all ports forwarded straight on through to them. Script kids and professionals alike still have easy pickings as the world does not seem to be catching on.

Tuesday 30 November 2010

IE9 Search Results

Before I start I accept what follows is not quite Security but indirectly relevant!

For those testing the IE9 beta i am sure you all immediate noticed the missing Search box in the top right corner.

I (like many) have come to rely on that being their as the fastest & most convenient way of searching and with the mighty Google set as the default and only search provider running it was always very happy with the results.


So - install IE9 & start it up. First thing I notice is it looks very like Chrome and its fast. These are both good things and I am happy. Habitually I load about:blank so I immediately go for the Search box to find its gone!


A quick read and I find Microsoft have introduced the "OneBox". The address bar and the Search box are one again which is what they have been trying to do all along since the "Search from Address Bar" back in IE6.


Nothing new but this time they automatically directly you to the top result (default setting).


Annoying - Yes!


A quick hunt around and I find the option to switch this off so I can actually read the Google search results and I am no longer directed to the site with the most expensive SEO effort!


Although I now have my setup the way I want it if Microsoft leave IE9 this way in the RTM version they will have made the No1 search result a far greater prise than every before.


How many less techno savvy people will not be able to turn this off and therefore be taken to sites they have no desire to see?


Although this is a minor problem and can easily be turned off there are many that will just live with the "out of the box" setup and never change it with the obvious consequences.

Wednesday 27 October 2010

Riverbed purchased Cace Technologies

So for all those people who love Cace Technologies packet capture equipment what will happen now they have been acquired by Riverbed?

Will this see these wonderful devices destined to the EOL statement or maintained for us all to use?

Fingers crossed no EOL for Cace-Pcap devices please Riverbed! The Riverbed press statement below doe not give us any real clues.

http://www.cacetech.com/
http://www.riverbed.com/us/company/news/press_releases/2010/press_102110.php

Its only a matter of time...

A recent article published by the SANS team talks about pattern based malware detection catching around 35% of current threats and falling!

No real surprise and it lends huge weight to the argument that application aware firewalls, intelligent scanning using non-pattern based technologies, internal firewalling within the organisation, Endpoint security, NAC solutions and many other "enterprise only" technologies are going to have to appear in the SME space if they want to have any chance of staying safe!

Regardless of all these technologies in place exploits will get in to networks, vulnerabilities will be used and data will be leaked or lost!

Although many of the articles on these subjects talk about defence technologies and reaction techniques to truly combat this we are going to have to take on the most difficult challenge of all - User Education.

It is always going to be difficult to educate users engough to stop them clicking that link, opening that file, plugging in the freebie flash drive of exciting stuff but if we want any chance of stopping the malware we are going to have to try........and the sooner the better!