[ Aug 2, 2006 ] If you’re an information security administrator/analyst…
China Illustrates How Not To Do Firewall Filtering
Someone’s noticed a very interesting fact about firewall filtering that…
How To Advance In InfoSec: Don’t Study, Do.
I’ve been thinking a lot about how to get to the next level in my field…
Without A Castle
As a consultant, the one thing I really miss is the feeling of owning a network…
Information Security is Not a Permanent Cashcow
I’ve been saying for years that the time of the mediocre security professional…
Security: Identification, Authentication, and Authorization
Many grapple with the concept of authentication in information security. What…
Markus Ranum: An Idealist To A Fault
Markus Ranum is a highly-respected (for good reason) information security professional…
Good DRM
I will, in the course of my information security career, become well versed on…
A Thought On Identity Theft
As we all know, tons of people are having their identities stolen — the…
Jousting From Unicycles – Addressing Design Rather Than Adding Armor
My GSEC paper finally got posted, and for anyone interested it presents a significantly…
A Browser Security Idea
One of the comments “How To Fix The Internet” article that’s…
Lame Online Password Logic
I’m getting so tired of sites that don’t allow for the use of long,…
CISSP vs. GSEC
With my recent attainment of the GSEC credential, I’ve had some discussions…
The Infosec Trinity
Well, I just passed the final exam for the GIAC GSEC credential from SANS, and…
Windows Security Analogy
Here’s an analogy for the Windows users trying to fight malware. Imagine…
Network Intrusion Prevention Systems
Anyone keeping track of the security vendor/technology hype knows that IPS has…
CSRF is Wicked
I’ve been studying web security again recently and decided to do a POC of…
