Category: security

Aug 10 2008

trusting DNS

Dan Kaminsky has (quite rightly) been hitting the press a lot in the weeks since 8 July when he announced the work done to fix a flaw he had discovered in DNS. The vulnerability itself was new, but its impact (cache poisoning) was not. Indeed, we’ve known about the dangers of poisoned DNS caches for …

Continue reading »

Permanent link to this article: http://baldric.net/2008/08/10/trusting-dns/

Jul 22 2008

implementing mailman and postfix with lighttpd on debian

I recently needed to set up a mailing list for a group of friends (my bike club). I had become tired of mail bounces and failures because we were all relying on an out of date list of addresses originally cobbled together by one member. That list of addresses was routinely used in “reply all” …

Continue reading »

Permanent link to this article: http://baldric.net/2008/07/22/implementing-mailman-and-postfix-with-lighttpd-on-debian/

Jun 20 2008

backtrack 3 released

Any half decent sysadmin will routinely test the security of his or her own systems. A good, and sensible, sysadmin will follow up those tests with an independent security audit by a professional company – preferably one which is a member of a recognised industry body (such as CREST). Finding the holes in your security …

Continue reading »

Permanent link to this article: http://baldric.net/2008/06/20/backtrack-3-released/

Jun 19 2008

dental dos

On Tuesday 17 June, Craig Wright, supposedly “Manager of Risk Advisory Services” in an Australian Company called “BDO Kendalls”, posted a rather odd note to Bugtraq and a few other security related lists titled “Hacking Coffee Makers”. In that posting he said that the Jura F90 Coffee maker (which can apparently be networked) was vulnerable …

Continue reading »

Permanent link to this article: http://baldric.net/2008/06/19/dental-dos/

Jun 05 2008

xkcd on the openssl fiasco

I’ve had my attention drawn to Randall Munroe’s take on the openssl coding change problem. Beautiful.

Permanent link to this article: http://baldric.net/2008/06/05/xkcd-on-the-openssl-fiasco/

Jun 02 2008

debian and the openssl flaw

Ben Laurie wrote about the Debian SSL problem a couple of weeks ago. That particular post has attracted a huge response which is well worth reading if you care about free open source software and/or privacy/security issues (or even if you don’t). The key point to take from the discussion is that about two years …

Continue reading »

Permanent link to this article: http://baldric.net/2008/06/02/debian-and-the-openssl-flaw/

Mar 01 2008

ssh through http proxy

On a mail list I subscribe to I have recently been involved in a discussion about the restrictions sometimes placed on users of WiFi hotspots or hotel networks (to say nothing of the restrictions placed on corporate networks). Some of the suggested solutions involve tunnelling ssh connections over http(s). Other solutions assume that the network …

Continue reading »

Permanent link to this article: http://baldric.net/2008/03/01/ssh-through-http-proxy/