Free IPv6 Magazine 27th July 2012 ONLY

I am always a fan of freebies and of course I am always eager to learn new things so when I saw a post by Admin Magazine on Facebook to advise that to celebrate Sysadmin day  2012 they have partnered with Splunk to offer a free IPv6 download special.

The special covers numerous subjects covering what IPv6 is and how it works through too how to programme using IPv6. Be aware however the download is only available today.

You can download the special here.

On a related note those interested in the free download may also be interested in a guide that Burst.net have provided regarding IPv6 as well which you can download from here.

You never know, one day the world might be ready for IPv6 and we will need to know this stuff.

Finally Some Good Domaining News

A couple of years ago I used to be a mod and staff member on 1 of the bigger domaining forums. Namely Namepros. Being a member of staff over there I got to know about things as they happened.

Back on the 28th of February in 2009 I started to become aware of the theft and attempted sale of some domain names. 1 of these domain names was very good indeed. That domain was rpg.org. By the time the theft came to light it was too late for the rightful owner to do anything about it as the domain had been transferred from GoDaddy to eNom. Continue reading “Finally Some Good Domaining News”

Potential Security Issue With iPhone App

I recently decided to purchase an app from the iPhone app store. I do not do this often but I believe that this app would be extremely useful.

The app I decided to download was SSH Term Pro. As the name suggests this is a SSH terminal app for the iPhone and iPad. Of course this makes it extremely easy to manage your server on the move. The application allows you to add unlimited amount of servers details so you can quickly and easily connect up to a server that you manage. The application also allows you to lock it down so that you can only access the application fully once you have entered a password that you had set up.

Unfortunately on investigation everything is not as good as I had hoped: Continue reading “Potential Security Issue With iPhone App”

Security Implications With iPhone’s Siri Feature

Recently Apple released the iPhone 4s with IOS5. One of the more exciting features that came from this is the Siri feature. Siri enables you to give your phone voice commands to carry out certain tasks and is very intelligent in that it understand context etc.

Unfortunately however it appears that Apple have opened up some security implications with this feature. Continue reading “Security Implications With iPhone’s Siri Feature”

Are Twitter Psychic

The obvious answer to this is course  no however I did wonder for a while.

I recently signed up to Twitter (begrudgingly) and after a while I started to find people I really knew being suggested as people in my “Who To Follow” list.

This got me thinking, I have been very specific with the information that I have posted on Twitter. I have also been very specific with who I follow. None of my posts relate or are similar subjects to tweets by other people I know, nor do any of the people I follow (or follow me) have any relation to the people I know out in the real world. This of course got me somewhat confused as to how Twitter knew I had a link to these people. Continue reading “Are Twitter Psychic”

Secrets and Lies: Digital Security in a Networked World (Bruce Schneier)

While doing my usual browsing of Amazon I came across Secrets and Lies by Bruce Schneier. I of course added this to my wish list and decided I would take another look at a later date. Some time later I decided to do a cull of my wish list. Unlike most people thou when I do a cull I tend to buy the item to remove it from my wish list.

When I bought the book I though that it was a bit of a gamble but looked ok so worth the risk. How more wrong could I be, this was certainly not a gamble at all.

Bruce starts the book by requesting that you read it numerous times so that the information sinks in and so that information obtained later in the book can be better understood.

The main part and bulk of the book explains many security concerns and explains why traditional thinking of security is incorrect (such as using a 256 bit encryption key is pointless and contains little security if the key was generated from for example the word password). Many aspects of security are covered within this ranging from network security to standard O/S security. At this point the book appears very negative and seems to suggest that there is little you can do to actually stop the impending security breaches.

Luckily as the book goes on the mood changes slightly and prepares you for methods to help combat the security implications that any system will have. These methods range from creating attack tree’s and how you can best decide on the viability of any attack vector and how to start bringing things into your favor instead of the intruders.

Since this book was written there have been many security breaches that have cost the companies involved large amounts of money both from lost revenue and the cost of picking up the pieces. For example this year Sony had a succession of attacks and the cost of the clean up was estimated to be around $140,000,000, this estimate could quite easily increase substantially as Sony’s insurer is also seeking methods for removing their own liability over the issue meaning that any law suits will come out of Sony’s pocket instead of the insurer.

A short while after this Lockheed Martin were found to have been compromised. On investigation it became clear that RSA had been compromised allowing someone to obtain information on the systems which aided in the Lockheed Martin compromise. As a result of this RSA were essentially forced to replace 40,000,000 secure ID devices.

It is not only the financial cost that these companies have suffered there is also the untold damages to their company profile with which the cost can never really be calculated.

Now you may be wondering my point at this stage, well the point is that if only the security of these companies read this book they may have been better prepared. The frightening thing however is that too many companies take security as an after thought. If the price is too high they decide to disregard the advice or not bother.

Conclusion

Although this is a 10 year old book this is certainly worth a read. You can learn so much from this book and it will completely change your perception of security. This book is highly recommended.

Title: Secrets and Lies: Digital Security in a Networked World
Author: Bruce Schneier
Publisher: John Wiley & Sons
ISBN 10: 0471453803
ISBN 13: 978-0471453802
Official Site – Buy On Amazon

When A Company Should Man Up

On the 20th of April Sony found that they had a security breach within their services. 7 days later they closed the PSN network and the Quriocity service and announced that 75 million customer details have been stolen. Continue reading “When A Company Should Man Up”

Securing Your Domain Name

THIS WAS WRITTEN A FEW YEARS AGO AND WILL BE REWRITTEN SHORTLY

Since the dot-com bubble burst in the early 2000’s the value and profile of domain names has again been on the increase. Apart from recent financial turmoil caused by the world recession the average value of domain names has increased dramatically and shows no sign of stopping.

Due to the higher profile of domain names and the value that this brought it has unfortunately resulted in a rather unsavoury side effect. The number of stolen and hijacked domain names has increased dramatically over the last few years.

Now many of you may be forgiven for wondering how a virtual item can be stolen or hijacked. Domains, as we know, are not tangible items and are more virtual items. Over the course of this article, I hope to make you aware of ways that can be used to steal your domain name. Only by knowing how domain names can be can we actually protect against it. Continue reading “Securing Your Domain Name”