SC - Security In Perspective

tag:blogger.com,1999:blog-41442817601480799692012-02-16T15:00:24.494-05:00SC - Security In PerspectiveThoughts and insights into security issues and their impact.Brian Dowlinghttp://www.blogger.com/profile/14159988866428252543noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-4144281760148079969.post-54189262463577775672009-01-14T05:30:00.007-05:002009-01-14T05:36:44.917-05:00Rovio - mobile wifi-enabled survellience - "I can See and Hear you now!"

Why is it that I am unable to touch a new piece of technology without finding problems with it? Ok, so I've been around long enough to know that's just the unfortunate state of technology. Companies should at least consider a consult with outside security resources before releasing the next best thing. Getting a fresh set of eyes looking at something and you are guaranteed that you'll find

Brian Dowlinghttp://www.blogger.com/profile/14159988866428252543noreply@blogger.com0tag:blogger.com,1999:blog-4144281760148079969.post-25186966523397188712008-08-07T18:32:00.009-04:002008-08-07T20:07:40.904-04:00DNS Vulnerability Disclosure - PowerDNS - Lack of Response Considered Harmful

As an aside to my previous discussion about my own investigation into DNS, I had also been curious if there was any "lack of response" issues impacting today's DNS servers. Afterall DNS spoofing attacks generally involve a race, if you can initiate a race and leave the competor at the starting blocks, you'll always win. In my invesitgation, I started submitting malicious requests with

Brian Dowlinghttp://www.blogger.com/profile/14159988866428252543noreply@blogger.com0tag:blogger.com,1999:blog-4144281760148079969.post-69106903329374691132008-08-07T16:00:00.000-04:002008-08-07T19:34:29.408-04:00The Critical DNS Vulnerability

Unless you've been sheltered for the last month, you are by now well aware of the important news about the critical DNS vulnerability. You have patched or otherwise protected your networks, right?One thing that was immediately apparent about this vulnerability was the unique way that it was disclosed simultaneously by a number of vendors and their claim that the patch itself did not disclose the

Briannoreply@blogger.com0tag:blogger.com,1999:blog-4144281760148079969.post-13801070520782057932008-07-31T21:00:00.007-04:002008-08-01T12:53:24.300-04:00So what is all this hype about the DNS being broken?

As you have no doubt heard by now, there is a security problem with DNS or the Domain Name System that has gotten a lot of attention lately. You may be wondering exactly why all the hype, there are security problems everyday right? Well, unfortunately, this problem is at the core of the Internet -- DNS is a foundation infrastructure that allows us to use cool names like www.google.com and

Brian Dowlinghttp://www.blogger.com/profile/14159988866428252543noreply@blogger.com0tag:blogger.com,1999:blog-4144281760148079969.post-31045211120215663482008-07-29T20:30:00.002-04:002008-07-30T16:21:22.699-04:00Security In Perspective

Welcome to my new blog -- yes, yet another blog about security. You may be asking yourself, who the heck is this guy, and is he really that audacious that he thinks we need another mono-blog about information security and that he actually does have something of interest to add to topic? Well, my answer to that is obviously a yes, as I've taken the effort to stake a claim on this tiny part of

Brian Dowlinghttp://www.blogger.com/profile/14159988866428252543noreply@blogger.com