If you haven't looked at "HowtoForge" it's a neat site that's valuable to bookmark and check regularly.
There is a good article up there titled "How To Test Your Linux-Distro Firewall", that gives a brief introduction to FTester. FTest is a security policy enforcement point (think Firewall or IDS) testing tool based on a couple of Perl scripts.
Anybody out there in the world that has been working with the PIX for more than ten years will tell you that this isn't a new idea. The PIX developers originally developed tools to do this (using PIX appliances) about ten years ago. Those tools were used for testing and never left Cisco (or did they?) and were called Hoover and Hooker. Hoover was named after the vacuum company because it was a powerful packet sniffer. Hooker was a packet injector named after the then popular TV cop show character played by William Shatner (after Star Trek and before ST: The Motion Picture). Well, at least that's what we told people when they asked.
"On the Firewall" is a online journal on the subject of network Firewalls and all things Internet security.
May 10, 2006
ICE References
ICE = Interactive Connectivity Establishment
"The Interactive Connectivity Establishment (ICE) draft, developed by the IETF's MMUSIC working group, provides a framework to unify the various NAT traversal techniques. This enables SIP-based VoIP clients to successful traverse the variety of firewalls that may exist between a remote user and a network."
The above is from a good intro article that appeared in Network World magazine online.
The ICE draft is here.
The ICE wiki page from VoIP-info.org
"The Interactive Connectivity Establishment (ICE) draft, developed by the IETF's MMUSIC working group, provides a framework to unify the various NAT traversal techniques. This enables SIP-based VoIP clients to successful traverse the variety of firewalls that may exist between a remote user and a network."
The above is from a good intro article that appeared in Network World magazine online.
The ICE draft is here.
The ICE wiki page from VoIP-info.org
May 08, 2006
MS Vista to shrink need for Personal Firewalls and Host Intrusion Prevention?
ZDNet has an article on a new Yankee Group report out today that says Microsoft's new Vista operating system will have improved security capabilities and "significantly shrink" the market for add-on anti spyware and personal firewall software. "Yankee Group expects Vista to significantly shrink the aftermarket for antispyware and desktop firewalls," analyst Andrew Jaquith wrote in the report. I saw Jaquith present at this spring's RSA conference in San Jose, CA and I think he is one of the better analysts covering the computer and network security industry right now.
May 05, 2006
BlogThis! Firefox extension seems broken...
I don't know if anyone else is seeing this but the BlogThis! extension that I frequently use with Firefox seems broken. If you use it and try to port a entry either as a draft or published to your blog you may see the word "null" in the link field. When I see that BlogThis! isn't working and there is no blog entry.
I wish I had noticed this sooner. I lost some interesting blog entries over the past couple of weeks and I think it is due to this problem.
I wish I had noticed this sooner. I lost some interesting blog entries over the past couple of weeks and I think it is due to this problem.
Subscribe to:
Posts (Atom)