Don Parker Blog

Don Parker is lead analyst, and technical trainer at Bridon Security & Training Services located in Ottawa, Ontario, Canada. He has worked for SANS in the capacity of Local Mentor for the Intrusion Detection In-Depth track, and has enjoyed speaking at various security conferences, as a guest speaker. Being a widely published author he continues to write for various online, and print media like Securityfocus, and SCMagazine in an effort to share knowledge. Don also does technical book editing for various publishers, and enjoys teaching various custom courses for clients. Rounding out his activites he volunteers his time to various local efforts.

Rebinding attacks

There is an interview with some security researchers about the perils of rebinding attacks. Now the reporting of this new attack vector, as it were, was of some interest from a technical standpoint. The thing of it is though that I can’t say I have heard of it being widely exploited. Have any of you? This exploit brings to memory the big fuss several years ago about the reset attack. That research was presented at CanSecWest amongst much angst that the whole Internet was now ripe for exploitation and that any session could be disconnected. Well, thing of it is, nothing of the sort ever happened. While the attack was possible it was not very feasible, hence the lack of its use. That brings me back though to this DNS rebinding. Is it also one of those attacks? While technically feasible, it is not very practical in nature for those people who would use it? Your thoughts?
Technorati Tags: Rebinding attack, DNS, Exploit

Reader thoughts?

It has occurred to me that many sites or blogs only expend air on what it is that they think is important. With this in mind I think it important to open up the floor to what you would consider interesting or topical? Any thoughts that you would like to not only share with me, but also with other readers of the blog? Computer security is after all a community. We are only as strong as the individual contributor. Don’t be shy! Send me your thoughts and or discussion points.
Technorati Tags: Blog, Computer securitiy, Community

Cybersecurity and the military

Well it would seem Uncle Sam is once again becoming focused on Cyberwarfare. This only makes sense as militaries don’t only use machine guns and hand grenades to carry out the business of going to strange lands and blowing up people . Computers are very much an integrated component of any modern military. More so even for the American military. It then only makes sense to try and secure those assets. One of the biggest reasons for computer breaches is the lack of timely patch management. That plus the judicious use of 0 day code. The former is easily mitigated by enforcing proper patch management practices. The latter is a different beast entirely but one which can be minimized by the usual defense in depth. A network is only as strong as its weakest link ie: Layer 8, the human interface. Perhaps it is time to ratchet up the pressure on people when it comes to best practices by ensuring they carry them out.
Technorati Tags: Cyber-warfare, Hacking, 0 day

Collecting of personal information

It seems that almost everywhere you go for shopping today they are asking you to provide a lot of information. If I buy a pair of pants or paint at the hardware store I am being asked for my phone number, postal code and so on. There is absolutely no need for this, beyond it being of benefit to the retailer in terms of marketting. The recent upsurge in database breaches though has some retailers asking for relief from having to electronically warehouse credit card transactions. While a welcome development it is only coming about due to self-interest on the part of retailers. A good number of whom have been on the hook for a lot of dollars due to database breaches. For me though it all comes back to us having to give out an unreasonable amount of information every time we conduct some transaction. There is absolutely no need for it. Anyone have any thoughts on this?
Technorati Tags: Database breach, Credit card fraud

P2P and your networks

I have spoken to some people recently who have begun to aggressively filter out P2P protocols on their corporate networks. After having undergone some performance issues a network survey was undertaken at one colleagues place of work. It was found that an enormous amount of bandwidth was being used by people using several types of P2P protocols to download various media at work. The sole reason for the crackdown was not because of bandwidth consumption only, but also the very real problem of copyright infringement and the possible legal fallout arising from that. Question is, are any of you undertaking any similar style crackdowns?
Technorati Tags: P2P, Copyright infringement, Network survey

Bot master taken down

Boy oh boy, Christmas has come early! The scum of the Internet has finally come up against US law enforcement and lost. I remember hearing about CastleCops coming under DDoS attack. DDoS attacks are nothing new to the forums part of this website. Several times we have come under attack by such losers who have nothing better to do. The bizarre part are these fsck_wits think they are elite or talented in some way. Where the heck is the talent in exploiting vulnerable computers? Any monkey with a keyboard can do it. It takes far more to actually learn something vice using someone else’s exploit code, or better yet, actually have some ethics. I have spent years developing my skills and not once have ever thought about exploiting a vulnerable computer, of which there are tons. Technorati Tags: DDoS, DOS, CastleCops

Soft skills and IT Security

For those of you in IT, be it security or sys admin, you are likely beginning to realize the importance of having soft skills, or people skills as it were. This is no longer the 1980’s with the mystique that computers once had with only a very small minority in the know. We are now faced with an ever increasing crop of talented IT talent. Just how do you distinguish yourself from the masses? Well that is where the all important soft skills come in.
Use the following example as a premise. You are the sys admin/IT security person in a corporate network. You find that one of your users is surfing porn at work. What do you do? Do you follow possible existing guidelines ie: report them immediately, with them possibly being fired, or do you give them a friendly visit first? That is but one small example. My point is, you must exercise judgement first. It is not always about following guidelines or best practices. There is a human facet to computers. One would be wise to pay attention to it.
Technorati Tags: Sys admin, Corporate network, Soft skills

Physical security and IT

We have all read and heard tons of information about computer security. What about physical security though and how it impacts your IT assets? After all there is little point having the best of breed for your network if you are going to leave the door to your cabling closet wide open. While this is a rather obvious example of access control in the overall physical security strategy there is a whole lot more that you can do. Have any of you ever actually worked on physical security strategies for your company? I have done so in the past and found it to be an often neglected portion of a company’s overall security posture.
Technorati Tags: Physical security, Network security, Computer security

Hiring computer criminals

It would seem that some employers just don’t know when not to hire someone. Hiring a convicted computer hacker is not the way to go, though it would seem some companies would rather buck conventional logic. As has been shown in some cases, the supposedly reformed hacker is anything but. The present landscape of network security has changed drastically from what it was twenty years ago. You no longer have to hire a thief to catch a thief, as it were. There are many talented professionals out there, and quite a few who are looking for work. On that note, why the heck would you hire a criminal?
Technorati Tags: Hacker, Network security

Training needs

We all have different training needs for we all occupy different jobs. That said, who are your preferred training vendors. What are your various training requirements? Problem is though, once you begin to advance there are less and less vendors available to you. What if you wish to develop your diasassembly skills? Who do you go see? How about this, let’s collaborate, please feel free to list who your preferred trainers are. Moreover, what areas are you trying to develop.
Technorati Tags: Training, Programming, Computer security

Scroll to Top