Recently S. Lott published a post on what’s a clear definition of Enterprise-level applications. Even though I agree with him that “Enterprise-scale” definition has been streched by marketing to mean about anything, I have to disagree with his conclusions: The fact that an enterprise running a mission-critical piece of software can actually survive to bad [...]
Tag Archives: security
What Enterprise-grade really means
Posted in Coding Also tagged code reuse, disaster recovery, enterprise, fault tolerance, performance, reliability, standards Leave a comment
Top 25 vulnerability RSS feeds
One way to receive up-to-date reports about vulnerability issues is subscribing to vulnerability RSS feeds: they update on demand, they don’t rely on your mail subsystem and they don’t fill up your mailbox. The only drawback is that you could miss alerts if you don’t sync your feeds for a long time, but if you’re [...]
Posted in Sysadmin, Tips Also tagged cert, checkpoint, cisco, feed, gentoo, linux, Mac OS X, microsoft, nist, opensource, opml, securityfocus, solaris, ubuntu, vulnerability, windows 1 Comment
LUKS mermaids of remote unlock
Recently, I’ve browsed several how-to’s regarding the possibility of unlocking a LUKS root volume remotely using an SSH connection. For reference, the first of its kind is the one for Debian, published at Coulmann.de. Some of these how-to’s were posted to forums and mailing-lists and received many thankful comments from sysadmins wondering how to make [...]
Posted in Rants, Sysadmin Also tagged autistici, crackdown, cryptsetup, dm-crypt, linux, LUKS, paranoia 6 Comments
Windows back-to-the-future bug
According to this advisory written by Tavis Ormandy, Windows has been exposed to a vulnerability for over 15 years! Microsoft will only release a patch for supported products, so if you have any Windows 2000 or earlier in your lab, the only way to fix is disabling DOS and WOWEXEC.
Security through obscurity
If anyone ever, ever, ever dares saying again that open-source-ness is not relevant to security assessment (or worse, that it’s counter-productive), I will kick them to China. Freedom of choice, yeah right.