Kurt Seifried

Every once in a while, I see some new security development that really sets me on edge. The latest one is courtesy of DERA (Defense Evaluation and Research Agency), an agency of the MoD (Ministry of Defense) in Britain. Like many agencies that deal with computer security, they periodically come out with some new idea […]

There are basically two established Linux distributions with a serious bent on security, ImmunixOS and NSA’s SELinux. They both have released working, mature code that you can get ahold of and use. There are possibly other projects, but to the best of my knowledge none are shipping code right now. The NSA’s SELinux is extremely […]

The physical world is a large, messy place. It’s full of people, and some of these people might be hostile attackers. Most companies respond to this threat with locked doors, CCTV, security guards and, if they can afford it, secure installations. Most companies are not at all equipped to deal with an attack via the […]

Wireless networks are becoming de rigeur, something you must have if you want to keep up with the Joneses. You can now surf the Web and pick up email while sitting in an airplane lounge, have your laptop in a conference room with no unsightly cables, or read email while in bed. The cost of […]

Firewalls are usually seen as a requirement if you are going to attach your network to other networks, especially the Internet. Unfortunately, some network administrators and managers do not understand the strengths a firewall can offer, resulting in poor product choice, deployment, configuration and management. Like any security technology, firewalls are only effective if the […]

Kurt’s Closet Archive People constantly discuss the issue of secure systems and often get it wrong. Comments like “once an attacker has physical access, your security is useless” are wrong because no security measure will protect you 100% from all attacks. Consider a server that is secure against network attacks by being physically separated from […]

Kurt’s Closet Archive There has been a long, ongoing debate about this issue, and recently it has resurfaced in public. Should companies hire hackers convicted of computer crimes? The general theory is that these “hackers” are elite commando style computer security experts that can tighten up your network in a weekend marathon of pizza and […]

Oddly enough, this is something many people don’t think about a whole lot. In some cases, you can simply deny everything and have a few specific allow rules, resulting in a pretty tight configuration. However, you will more likely have specific blocking rules and allow most other things. This is usually based on port numbers […]