A previous Dr. I. Doctor blog item (VOMIT: Diagnostic Tool Lets Hackers Target VoIP) discussed Voice-over-IP, noting that Skype was one of the few public VoIP services that encrypts its traffic. This was a good feature, providing a necessary layer of protection for Skype users. Unfortunately, since then several discoveries about Skype have led many network administrators to bar it from their networks.... Read the rest of entry >>
Posted @ 12/15/2005 9:09 AM By Mel Beckman
• • •
If you've spent much time at all analyzing network traffic, you've run into an infamous plague swarming the Internet known as botnets -- the interconnected web of compromised PCs that virus writers use for intelligence gathering and distributed denial of service attacks. But unless you've actually disassembled botnet code, you likely don't have much information about how botnets work. The Computer Emergency Response Team (CERT) whitepaper Botnets as a Vehicle for Online Crime is a first-rate... Read the rest of entry >>
Posted @ 12/06/2005 7:55 AM By Mel Beckman
• • •
Microsoft usually wins all awards for quantity and quality of network vulnerabilities, but don't be distracted. There are enough security holes for everyone, and it's easy to become complacent about seemingly innocuous devices like routers and switches. A case in point is a just-announced bug in Cisco IOS that affects all devices -- both routers and switches -- from version 11.0 through 12.4. The problem is with IOS' HTTP interface, a not very useful option that nevertheless is turned on by... Read the rest of entry >>
Posted @ 12/06/2005 7:07 AM By Mel Beckman
• • •