I haven't blogged for about 4 weeks and I wanted to fill you in on what I've been up to. I left Check Point at the end of Feb, having completed my part in the transition of NFR. I expect great things for Check Point as they further integrate the NFR technology. What followed for me was a two week vacation to Singapore/Malaysia to visit family - no phone, mostly no email and definitely no blogging. After getting back, I was floored with a flu bug that I must have caught yonder so it's taken me quite a bit longer to get back into the swing of things. I promise - I'll be back to posting on a more regular schedule shortly.

In the meantime, I've enjoyed reading ebizQ's other security blog, Peter Schoff's excellent Twenty Four Seven Security. In particular, his post based on the wireless security entitled Seven Steps to Safer WiFi is a great one!

There are a number of tools like Kismet that will enable someone of relatively low technical skill, the ability to sniff on wireless networks . Now, Paul Graham's company Errata Security plans on releasing a new open source sniffer called Ferret that will sniff on traffic across 25 protocols. According to Graham, the tool can help discover the kind of info we expose when we sign onto and use a wireless network

"You don't realize how much you're making public, so I wrote a tool that tells you," said Robert Graham, Errata's chief executive.

You can read all about it here, if you're interested.

Posted by andreyee in Network Security • Wireless Security | Permalink | Comments (1) | TrackBacks (0)

For the past 5 years, instant messaging has gone from the home to the enterprise. A number of companies focused on tackling corporate IM security emerged, only to find that the going much rougher than expected. The market simply isn't materializing as expected. IM security, while attracting attention in the press, didn't really register in the minds of security managers as a threat of highest priority.

Meanwhile, many of the IM security companies have sold out, closed up or limped along. It turns out that security for IM is melding into existing security solutions as a feature rather than a separate product. This doesn't mean there aren't threats associated with IM or that IM security should be ignored.

I've put together the Top 10 IM security best practices for your edification -

#10 - Treat IM Communication as Untrusted. IM is great for informal communication but when used in a corporate environment, it must be viewed as an "untrusted" communication medium. This means no communication of corporate sensitive information

#9 - Separate passwords for IM. If you're going to take #10 seriously, then ensure that you don't use thhe same passwords for trusted communication channels as you do for unofficial, untrusted channels like IM.

#8 - Host your own IM server. It's not always feasible for every company but if IM is to be used extensively as a corporate communication medium, hosting your own IM server and securing it is essential

#7 - Keep current with patches - Like any software, IM security starts with keeping patch currency on both client and server side software

#6 - Define and adopt user policies. - Educate users on what's appropriate to communicate on IM and what's not. Also, the security policies associated with the use of IM - see # 5

#5 - Reject all attachments from untrusted sources. This is not your father's IM. Today, IM can transmit files, stream video, audio and other content.

#4 - Do not click on links from untrusted sources. We're accustom to this policy on email but sometimes let our guard down in other mediums.

#3 - Use encrypted IM for sensitive info. If you're using IM for anything sensitive, use an encrypted IM channel

#2 - Link IM to corporate directory. It's a layer of security and makes it easier to switch IM systems, if you ever want to do so.

#1 - Mitigate risks through security tools. Having a corporate IM system is one thing, securing it is another. Make sure you have tools to filter out SPIM (IM Spam), firewalling and intrusion prevention tools with specific IM security packages to protect against IM specific attacks.

Posted by andreyee in Network Security | Permalink | Comments (0) | TrackBacks (0)