danielowen.com

Over the years anyone who is even vaguely familiar with the security world has had the idea of security through obscurity being worthless drilled into our heads. While I will agree that security through obscurity is exceptionally weak security there is still a place for it in a complete security plan.

After years of hearing the argument that security through obscurity is no security at all it becomes easy to assume that obscurity does not add any level of security to a security plan. As long as obscurity is a part of an overall security plan it should never hurt and will in most circumstances improve your security.

I will give a few examples where security through obscurity can and does help.

The intention of the guide is to give a quick and easy to read guide to the pros and cons of three different approached to firewalling your home or small office. This is far from a complete guide but it will get you started in the right direction to figure out exactly what you need in order to protect yourself. This particular guide comes out of my desire to provide a quick and easy comparison for a friend who had a small business and was trying to decide what to use for protection. If you are looking for specific reviews of products I recommend the Home PC Firewall Guide.

This paper explores the elements involved in implementing a Snort IDS and associated software. The considerations and steps taken in building the IDS are discussed, as are the pitfalls and compromises inherent in the implementation discussed in this paper. This paper should be helpful to anyone considering setting up and IDS for the first time regardless of the final software solution that is chosen.

Malware, broadly defined as any type of malicious and probably secret software, has been an issue in the personal computer (PC) industry since at least the mid 1980s. This paper outlines the current state of malware with an emphasis on non-viral malware such as spyware, adware, worms, Trojan horses, keystroke loggers, dialers, and browser hijackers. Viruses are mentioned only as a comparison point where appropriate. This paper reviews the types and behaviors of malware, infection methods and mitigation techniques.

This paper looks at the major spam filtering techniques in current use. In looking at methods both success rates and possible problems with each method are explored. Methods discussed include key word filtering, open relay filtering, open proxy filtering, dial-up filtering, non conforming mailing list filtering, cooperative sharing of spam samples, known spam origin filtering and Bayesian filtering.

I finished this paper in December of 2004 so the most recent techniques of both spammers and spam filters are not covered. Most crucial is the absence of coverage of image spam. Even with the slight age that this article has it will still be valuable to anyone trying to figure out how to minimize the amount of spam coming into their companies.

I’ve spent this week working with a consultant on moving to a Win 2k AD environment. As if that wasn’t enough of a task we decided to add our Exchange 2000 upgrade to the mix. There is nothing like tempting fate and making error correction more tricky. The plan was to do all this with a goal of near zero downtime for all users. What was I thinking?