« January 2005 | Main | March 2005 »

February 23, 2005

What's in a Security Certification?

Those of us who don't have any certifications in the InfoSec industry often glaze over at the acronym soup of certs offered by various groups. Daniel Miessler (who just passed his GSEC) has blogged about the popular ones on several dimensions (difficulty, respect gained, renown, etc.), including his own comments as a holder of some and observer of all. A worthy resource:

Information Security Certifications

Posted by steve at 06:05 PM | Comments (0) | TrackBack

February 16, 2005

Crypto hashes in the news again

Last summer, I wrote about the weakenesses found in the MD5 hash while I introduced my tech tip on hashes in general. Now Bruce Schneier reports that SHA is under attack, and it seems like a great time to repost this:

Unixwiz.net Tech Tip: An Illustrated Guide to Cryptographic Hashes

Posted by steve at 11:22 AM | Comments (0) | TrackBack

February 04, 2005

Rejecting spammers with HELO

I had posted this in my old weblog before The Big Crash, but I think it needs an encore. There is obviously no single silver bullet in the spam problem, but I've found one technique that's been very effective at reducing it on my own webserver, with a guaranteed zero false positive rate. It relies on spammers being stupid.

The short description is that when our mailserver receives an inbound SMTP connection and the other end uses our own IP address in the HELO message, we reject the message out of hand. No real MTA has ever done this, so it's guaranteed that this is spam (and usually from Trojaned machines).

Unixwiz.net Tech Tip: Blocking spammers with Postfix HELO controls

It's turned away more than 18,000 connections just in the last week.

Posted by steve at 10:55 AM | Comments (0) | TrackBack