MinimalCD, maximum effect
January 21, 2008
Very well hidden within the ubuntu wiki, I found this little (literally) gem. Possibly, this is the solution to a very nasty install failure I had today due to a cdrom error: (Please insert the disk labeled: Ubuntu 7.10_Gutsy Gibbon_-Release i386 (20071016) in drive /cdrom/). From what I see of people running into this error on the net, something seems to be seriously amiss. Good luck figuring it out, I’m hoping to evade the problem with this MinimalCD.
Afterpost: I tested it IRL, and it really is the alternate, including lvm+cryptdisk stuff! To whomever came up with this bright idea: THANK YOU!
Link
January 6, 2008
Culture of security, a site by the Organisation for Economic Co-operation and development (OECD)
onesixtyone
December 30, 2007
onesixtyone takes a different approach to SNMP scanning. It takes advantage of the fact that SNMP is a connectionless protocol and sends all SNMP requests as fast as it can. Then the scanner waits for responses to come back and logs them, in a fashion similar to Nmap ping sweeps. By default onesixtyone waits for 10 milliseconds between sending packets, which is adequate for 100Mbs switched networks.
Kerckhoffs’ principle
December 30, 2007
Found this through a post by Chad Perrin
Kerckhoff’s principle
The law was one of six design principles laid down by Kerckhoffs for military ciphers. Translated from French, they are:
1. The system must be practically, if not mathematically, indecipherable;
2. It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience;
3. Its key must be communicable and retainable without the help of written notes, and changeable or modifiable at the will of the correspondents;
4. It must be applicable to telegraphic correspondence;
5. It must be portable, and its usage and function must not require the concourse of several people;
6. Finally, it is necessary, given the circumstances that command its application, that the system be easy to use, requiring neither mental strain nor the knowledge of a long series of rules to observe.
see: Claude Shannon as “the enemy knows the system”.
see: Eric Raymond extends this principle in support of open source software, saying
“Any security software design that doesn’t assume the enemy possesses the source code is already untrustworthy; therefore, *never trust closed source*.
The controversial idea that open-source software is inherently more secure than closed-source is promoted by the concept of security through transparency.
