danielowen.com

This came out of a discussion on the NLUG list about making sure that Windows boxes are not infected with malware. This goes beyond that and tries to look at what technologies are out there to protect and monitor your machines. It is somewhat Windows centered but the concepts are the same for any OS (OS X, Linux, *BSD etc). I’ll throw in here my regular comment about OS security. All operating systems have bugs. Some have less than others but any OS must be regularly patched or you will be vulnerable.

This is aimed toward the business market but many of the concepts still hold true for the home user.

For as long as I would say that I truly understood computer security I have believed that security in depth is one of the most important elements of security. Coming from this perspective I often find it interesting how many relatively easy elements are not implemented by practitioners. Some of these are the same practitioners that will go to extraordinary lengths in other areas to secure their systems.

This paper looks at the major spam filtering techniques in current use. In looking at methods both success rates and possible problems with each method are explored. Methods discussed include key word filtering, open relay filtering, open proxy filtering, dial-up filtering, non conforming mailing list filtering, cooperative sharing of spam samples, known spam origin filtering Bayesian filtering, Markovian discrimination, gray listing and challenge response.

This paper reviews the current state of Intrusion Detection Systems (IDS) with a particular emphasis on Network-Based Intrusion Detection systems (NIDS). Many of the topic covered will be applicable for any size business, but issues specific to the Small/Medium Business (SMB) sector are emphasized. The paper covers what an IDS is followed by implementation issues that should be considered when considering an IDS solution.

This paper was originally written in November of 2005. The concepts still hold true today. This article will be a good, no marketing spin, introductory overview of IDS technologies.

A recent study revealed that 73% of mobile users said they are not always aware of security threat best practices. To me this seems like a recipe for disaster. I consider security best practices akin to the rules of safe driving. I don’t think we would accept a society in which 73% of users said they are not aware of driving safety regulations.

Microsoft is reported to be looking at the idea of sending home editions of their OS set to automatically update unless the customer turns the functionality off. My initial thinking on this is that it could be a great boon to the security and stability of the Internet.

First let’s look at the negatives.

1) Bad patches. I think this will fix most of that by forcing Microsoft to write better patches and more importantly test more thoroughly. More on this later.

Much like much of what is called "safe sex" would be more accurately called safer sex, I will call this safer computing.

This is in some sort of order but I will not promise order of importance because it is all important.

Over the years anyone who is even vaguely familiar with the security world has had the idea of security through obscurity being worthless drilled into our heads. While I will agree that security through obscurity is exceptionally weak security there is still a place for it in a complete security plan.

After years of hearing the argument that security through obscurity is no security at all it becomes easy to assume that obscurity does not add any level of security to a security plan. As long as obscurity is a part of an overall security plan it should never hurt and will in most circumstances improve your security.

I will give a few examples where security through obscurity can and does help.

The intention of the guide is to give a quick and easy to read guide to the pros and cons of three different approached to firewalling your home or small office. This is far from a complete guide but it will get you started in the right direction to figure out exactly what you need in order to protect yourself. This particular guide comes out of my desire to provide a quick and easy comparison for a friend who had a small business and was trying to decide what to use for protection. If you are looking for specific reviews of products I recommend the Home PC Firewall Guide.