Home of The Fire Monkey

By Fire Monkey  on Fri 19 of Nov., 2004 14:13 EST

I've come up with a great way to deal with phishing. Let's call it the Fire Monkey Doctrine or Preemptive Phishing. That's right, I said pre-emptive. Let's face it, it's impossible to stop incoming phishing emails. You have no authority over the senders, and spam filters will only stop some, but not all. What you do have control over are the victims. So here's what you do:

1) Create phishing emails, 2) Send them to all your network users, 3) Fire anyone who falls for them.

That's it. Period. If you have users who are dumb enough to post their bank login information, then there's no way you can secure your network with them on it. So get rid of them.

Permalink 2 comments

By Fire Monkey  on Wed 10 of Nov., 2004 10:49 EST

Okay, I've had enough of the current bookmark model. Even with complex organization through folder, bookmarks are pretty impossible to keep track of. I want bookmarks I can meta-search, like the filesystem on the new Mac OS X Tiger. Also, what about Bayesian bookmarks that auto-organize? Bookmarks with similar content get automatically grouped. And groups should be views, so that a single bookmark can appear in multiple groups. Anybody know of anyone working on something like that?

Permalink 0 comments

By Fire Monkey  on Tue 21 of Sep., 2004 15:18 EDT

If you're a Cisco shop, and you're looking to go to a IP telephony solution, seriously consider Cisco's. They're really doing some nice stuff, including device authentication (certificates on the phones), voice call encryption (128-bit AES), and other neat stuff like disabling GARP on the phone's PC port. They're Network Admission Control (NAC) and "self-defending network" stuff is nice too. It's all 802.1x-based, so no more MAC-based authentication. You logon to the actual layer 2 network, which logs you on to the domain. Other neat stuff:

• ) DHCP snooping: the switch sees a DHCP lease and then locks that leased IP to the port that requested it.
• ) The new Cisco Security Agent prevents dumb users and dumb software from doing dumb things.
• ) NAC code is being integrated into anti-virus software (Trend, Symantec, McAfee) so that the anti-virus software can validate your virus signatures and OS patches to the network before you're allowed to talk. If you fail, you get thrown into network quarantine (perhaps you can connect to the Internet to get patches, perhaps you can get nowhere, it's the admins choice).
• ) Security zones: ACLs on all the switches so that if you 802.1x into the "web designer" group, you can only access systems in the "web designer" ACL group. All automated, all 802.1x.
• ) If you plug into a port, and you're not 802.1x authenticated, you get nowhere, or maybe you get dropped onto a "guest" network.

All of this integrates with the wireless network, too. Combine 802.1x with WPA and SecurID, and you'll sleep much better at night, instead of having nightmares about your wireless infrastructure.

Permalink 0 comments

By Fire Monkey  on Thu 16 of Sep., 2004 16:38 EDT

I've probably said this a million times, but it's worth repeating: with so much of security based entirely on the strength of passwords, it is absolutely critical that you choose a strong password. Weak passwords are a hackers wet dream; don't give them the pleasure. Studies have been done on the strength of "pass phrases" versus passwords, and they found that pass phrases are just as strong as passwords, and much easier to remember. The idea behind a pass phrase is that you use a phrase as the basis for you password, like this:

Phrase: How much wood would a woodchuck chuck if a woodchuck could chuck wood?

Password: Hmwwawciawccw?

See, it's simple. Just take the first letter of each word in the phrase, including capitalization and special characters, and turn it into your password. That's all there is too it. The strength of passwords like that are just as good as a random password of the same length. And it's easier to remember. Two caveats, though: 1) Make sure the resulting password is long; short passwords, no matter the phrase, are subject to attack with Rainbow tables and are effectively useless, and 2) for goodness sake don't use a common phrase, or my example, or any other example. Make the phrase something only you would know, and not anything common. Any questions?!

Permalink 0 comments