Tag Archives: security

Choosing the Right Security Tools to Protect VMs

Posted on by

As enterprises move towards virtualizing more of their servers and data center infrastructure, protective technologies—plentiful and commonplace in the physical world—become few and far between. When your Windows Server or SQL database is running in a virtual machine (VM), you still need to protect it from viruses and other attacks while providing the same level of access controls you have for physical servers. Let’s look at the different approaches to protecting your VMs, as well as the major issues involved with deploying these technologies.

via Choosing the Right Security Tools to Protect VMs.

Anyone seriously invested in virtualization is going to need more than one protection product. So before you dive into this marketplace, you should carefully consider the types of protective features you really need at present, and where you want to end up in the next 12 months. You should look at covering five different functional areas:

QubesOS

Posted on by

Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps. [more]

via Home.

Architecture page here.

Qubes lets the user define many security domains implemented as lightweight Virtual Machines (VMs), or “AppVMs”. E.g. user can have “personal”, “work”, “shopping”, “bank”, and “random” AppVMs and can use the applications from within those VMs just like if they were executing on the local machine, but at the same time they are well isolated from each other. Qubes supports secure copy-and-paste and file sharing between the AppVMs, of course.

Snort :: Home Page

Posted on by

Snort :: Home Page.

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.

Microsoft Certificate Was Used to Sign “Flame” Malware

Posted on by

Microsoft certification authority signing certificates added to the Untrusted Certificate StoreWhile these security issues are not Flame-specific, and could be used in other forms of unrelated malware, Microsoft was able to identify components of the Flame malware that had been signed with a certificate that ultimately chained up to the Microsoft Root Authority.

via Microsoft Certificate Was Used to Sign “Flame” Malware | SecurityWeek.Com.

Microsoft did not say what algorithm was exploited in order to generate the rogue certificates, though SecurityWeek did reach out to Microsoft for comment and we will update the story if a response is recieved.

IBM Faces the Perils of “Bring Your Own Device”

Posted on by

The trend toward employee-owned devices isn’t saving IBM any money, says Jeanette Horan, who is IBM’s chief information officer and oversees all the company’s internal use of IT. Instead, she says, it has created new challenges for her department of 5,000 people, because employees’ devices are full of software that IBM doesn’t control.

via IBM Faces the Perils of “Bring Your Own Device” – Technology Review.

Horan isn’t only trying to educate IBM workers about computer security. She’s also enforcing better security. Before an employee’s own device can be used to access IBM networks, the IT department configures it so that its memory can be erased remotely if it is lost or stolen. The IT crew also disables public file-transfer programs like Apple’s iCloud; instead, employees use an IBM-hosted version called MyMobileHub. IBM even turns off Siri, the voice-activated personal assistant, on employees’ iPhones. The company worries that the spoken queries, which are uploaded to Apple servers, could ultimately reveal sensitive information.

A closer look into the RSA SecureID software token

Posted on by

Widespread use of smart phones by employees to perform work related activities has introduced the idea of using these devices as an authentication token. As an example of such attempts, RSA SecureID software tokens are available for iPhone, Nokia and the Windows platforms. Obviously, mobile phones would not be able to provide the level of tamper-resistance that hardware tokens would, but I was interested to know how easy/hard it could be for a potential attacker to clone RSA SecureID software tokens. I used the Windows version of the RSA SecurID Software Token for Microsoft Windows version 4.10 for my analysis and discovered the following issues:

via extern blog SensePost;.

Stealth wallpaper keeps company secrets safe

Posted on by

A type of wallpaper that prevents Wi-Fi signals escaping from a building without blocking mobile phone signals has been developed by a British defence contractor. The technology is designed to stop outsiders gaining access to a secure network by using Wi-Fi networks casually set up by workers at the office.

via Stealth wallpaper keeps company secrets safe – 08 August 2004 – New Scientist.

Copper coated

Solid metal antennas normally give a very strong reflection to enemy radar scanners. To hide them, FSS sheeting can be electrically set to allow through only the precise frequency the antenna wants to transmit and receive, while absorbing all other frequencies including those of the incoming radar.

BAE’s anti-Wi-Fi wallpaper is made from a 0.1-millimetre-thick sheet of kapton, the same plastic used to make flexible printed circuit boards in lightweight portable gadgets like camcorders. The kapton is coated on each side with a thin film of copper.