Tag Archives | security

Security – Just Another Risk

I made a conscious decision to move away from full-time information security work. I retain an interest, and try to keep up with developments, but I don’t want to be “the security guy.” There are several reasons for it, but a large part is due to the hype, the bullshit, and general inability for the […]

Continue Reading
Firewall Pair

Using Check Point Identity Awareness with NAT

Check Point Identity Awareness is problematic in environments that have multiple customers, overlapping private address space, and NAT. It can be done, if you understand the traffic flows, the connections needed, and how to combine several features. Here’s how I did it. Background: Typical Check Point Management Flows A quick reminder of the traditional flows used […]

Continue Reading

DNSSEC – Moving the Needle

The New Zealand ISP market is dominated by Spark, Vodafone & CallPus/Orcon. A side effect of this is that if one player does the Right Thing™, it really moves the needle. Recently, Spark has done the Right Thing with DNSSEC. DNSSEC takeup has been low with New Zealand ISPs. The APNIC stats indicated that around […]

Continue Reading

Complexity vs Security

Many of the ‘security’ measures in our networks add complexity. That may be an acceptable tradeoff, if we make a meaningful difference to security. But often it feels like we just add complexity for no real benefit. Here’s some examples of what I’m talking about: Multiple Firewall Layers: Many networks use multiple layers of firewalls. If […]

Continue Reading
shellshock logo

Shellshock: One Month On

Shellshock was released a little over a month ago, to wide predictions of doom & gloom. But somehow the Internet survived, and we lurch on towards the next crisis. I recently gave a talk about Shellshock, the fallout, and some thoughts on wider implications and the future. The talk wasn’t recorded, so here’s a summary […]

Continue Reading
Kiwicon7 Logo

Kiwicon 7

Kiwicon 7 has just wrapped up in Wellington, New Zealand. Kiwicon is “New Zealand’s own Hacker Conference.” It’s a top-notch event that’s been running for 7 years now, and highly recommended for anyone in New Zealand with even a vague interest in IT Security. I’ve been to at least 4 editions of Kiwicon now, and I […]

Continue Reading

“Black Tuesday” – Isn’t it Just Business as Usual?

Microsoft patches are released on a (mostly) monthly cycle, and other vendors have started following suit. When this first happened, people treated it like a major event. But I think that it is now treated as “Business As Usual”, and maybe it’s time for the headline-writers to realise this. Ten years ago, patching was a […]

Continue Reading