Category: Security
biometrics and passwordsbiometrics and passwords
In a comment on my post more about securing an office someone suggested using biometrics. The positive aspect of biometrics is that they can’t be lost, no-one is accidentally going[...]
more about securing an officemore about securing an office
My post about securing an office received many comments, so many that I had to write another blog entry to respond to them and also add some other things I[...]
a good security design for an officea good security design for an office
One issue that is rarely considered is how to deal with office break-ins for the purpose of espionage. I believe that this issue has been solved reasonably well for military[...]
The benefits of SE LinuxThe benefits of SE Linux
Today I discovered a bug in one of my programs, it called system() and didn’t correctly escape shell eta-characters. Fortunately I had written custom SE Linux policy for it which[...]
Ruxcon and SLUGRuxcon and SLUG
This weekend I was in Sydney for Ruxcon. Ruxcon is a computer security conference with a focus on penetration testing and related skills. The presentation on Unusual Bugs by Ilya[...]
SAK, ctrl-alt-del, and Linux keyboard mappingSAK, ctrl-alt-del, and Linux keyboard mapping
A common problem with Linux systems is when Windows users press CTRL-ALT-DEL at the login prompt and reboot the machine. To fix this some people change the ^ca line in[...]
tcpdump and pstcpdump and ps
Today I was doing some network tracing and figured out how to track the start and end of TCP connections. The following tcpdump command will get all SYN, FIN, and[...]
sendmail – the MTA for insecure systemssendmail – the MTA for insecure systems
Sendmail is the most prevalent Unix MTA. It is the oldest MTA and is still one of the most powerful ones that are available. However it has never been known[...]
SE Linux is like a moat filled with sharks with laser attached head gearSE Linux is like a moat filled with sharks with laser attached head gear
Here’s an interesting blog entry comparing SE Linux and AppArmor. It has some amusing comments, one of which I used for the title of this entry. There are two things[...]