Thursday, July 30, 2009

Squid v. DDoS

This is hardly more than worth a tweet but longer than 140 chars but Squid Defense against DDoS caught my eye.

I see two lessons here:

  • Using Open Source tools to respond to an incident is a crude but powerful technique that can get the job done. Try doing this with commercial products.
  • Environments that were properly engineered with caching and load balancing and could respond to DDoS wouldn't have to worry about the attacks in the first place.
  • Tuesday, July 14, 2009

    CyberSecurity isn't new and needs domain knowledge

    I agree with Joe 100% on this. So much so that if you replace "Smart Grid" with "Cyber Security" everything is also true.

    If all one had to draw from was the flood of conferences, webinars, and advertisements, it would appear that CyberSecurity is a very recent invention that will be achived en-masse in the near future. In reality, elements of CyberSecurity first appeared in the 1998-2000 time-frame. Additionally, decades old best practices will continue to be used in "CyberSecurity" for at least the next 5-10 years. Until about 6-8 months ago, domain knowledge was a given for those participating in the "CyberSecurity." Now, domain knowledge doesn’t seem to be a requirement.

    Saturday, July 11, 2009

    How Chinese CyberSpies Really Compromised the Grid



    Now that I've got your attention. Honestly, I have no idea, but it will be really amusing to see my google analytics stats on this one, I wonder how much malware gets spread through typos in the most popular web sites. Maybe everybody else allows their browser to get them to the right place, but not me. I end up at some weird sites, or at least sites that people in Frederick, Maryland would consider weird.

    BTW, the site above is from dgmail.com but it would be an interesting research project to analyze the content of fat-fingered sites. Sure, most are probably ads, but may be some goodies lurking in there.