On March 18, 2010, In security, by Chad Stewart
The idea of this tool is that you can run just about any program and/or copy files to/from the machine, say an ssh session, using DNS packets to/from the client. In other words, a workstation sitting on a network somewhere, behind the companies firewalls, IPS/IDS, AV, etc., etc. could communicate with a system on the [...]
On March 11, 2010, In Blogs, by Chad Stewart
http://blogs.csoonline.com/the_fbi_supply_chain_illustrated Funny!
On March 11, 2010, In security, by Chad Stewart
defense in depth (which includes egress filters) and Network Security Monitoring (NSM). This diary post on isc.sans.org is a good example of why companies need to practice defense in depth. I have spent many years involved with messaging, back in 1995 I didn’t know what SMTP meant, but thanks to a gentleman at then Xerox [...]
Recent Comments