October 20, 2004, 4:08 pm
Looking for needles in enormous bulky repetitive haystacks? Many logfile reduction programs require investment in tuning and tweaking. In contrast,
SLCT, the Simple Logfile Clustering Tool is useful right out of the box, with no tuning for specific logfile formats; it figures things out on its own. I was going write something just like it (a generalization of previous logfile reducers I have done), now I can instead plan on improving on something that’s already pretty darned good (and fast and memory-conserving too).
[via the handy site LogAnalysis.Org]
October 13, 2004, 9:11 am
Paul Vixie shares his Thoughts About “Protection Against BIND”,
in which he reacts to the latest
SANS Top 20 Vulnerabilities List, pointing out that there
are no recent exploits, some of the configuration advice is lame or worse, and dDoS attacks on otherwise secure software is not a “vulnerability”.
While the SANS Top 10 and Top 20 lists have always been useful awareness tools and helpful basic guidance, there is always a tendency in a complex field for consensus guidance to turn to overgeneralized mush. Intelligent criticism like this is a good thing.
October 9, 2004, 12:59 pm
Computerworld (June 30, 2004):
When an employee from an Australian company that makes manufacturing software got fired in early 2000, he applied for a job with the local government, but was turned down. In retaliation, he got a radio transmitter, went to a nearby hotel where there was a sewage valve, and used the radio to hack into the local government’s computerized waste management system.
Using software from his former employer, he released millions of gallons of raw sewage near the hotel grounds and into rivers and parks.
“He did this 46 times before he was caught,” notes Joe Weiss, a process-control cybersecurity expert and consultant at the Cupertino, Calif., office of Kema Consulting. “The first 20 [times], they didn’t even know it was cyber,” meaning an external attack launched using a computer, he says. “From 20 to 45, they finally figured it was cyber, but they didn’t catch him until 46.” Though this person never worked for the wastewater utility, he was still able to break into its supervisory control and data acquisition system, which was designed with a big security assumption in mind — that only insiders would want to access it.
More links to the same incident: The Register October 2001, ComputerWorld February 2006
October 6, 2004, 9:17 am
Georgetown University sends spam and faces the wrath of one of its own students.
I’m also getting a little tired of “call for paper” spam sent by otherwise-legitimate conference organizers to lists of web-harvested email addresses. My most frequent offenders will remain nameless for now, but only because I’m busy.
Just because you’re not a fraudulent criminal enterprise doesn’t mean you’re not a spammer.
It would not be a bad thing if everyone started worrying about CAN-SPAM being enforced against them.
