Catching Up At Year-End

Sometimes during the week between Christmas and New Year’s I spend some time doing those things that I should have done earlier in the year. I have a foot high stack of magazines to go through and a couple late reports to file. I also have a few things on my personal security agenda to […]
Read More ›

Skimming, leaking and guessing — some followups to earlier posts

One thing that’s difficult when I teach course 468, System and Network Security Introduction, or anything else, for that matter, is to follow up on topics we’ve discussed in the past. The format of a blog, however, makes this quite easy. Here a few follow-ups from earlier posts. In Real Keylogging Threats I talked about point-of-sale […]
Read More ›

Password Rules Accomplish Things, But Not Necessarily What You Expect Or Want

I am very skeptical of passwords. Rules for password length and complexity may offer a feeling that you are behaving safely but they provide much less security than promised. As we see in Learning Tree’s Cloud Security Essentials course, the major cloud providers configure their Linux servers providing the majority of the cloud Infrastructure-as-a-Service so […]
Read More ›

Is This A Real Dip In Password Guessing? And If So, What Does It Mean?

I’m quite certain that I’m seeing a trend. I just don’t know what the trend means. SSH password guessing attacks used to be almost constant. Any Internet-connected host running an SSH service would be probed frequently. But things have been changing over the past year. I collect data on about ten publicly reachable Linux machines […]
Read More ›

Your Computer is Too Fast

Yes, I am still obsessed with authentication. This article didn’t dissuade me. Earlier this week I was looking at password cracking tools to use in the hands-on exercise in Learning Tree’s introduction to security course. We currently use an older tool that cracks based on a limited wordlist (usually called a dictionary) and a tool […]
Read More ›

Type to search

Do you mean "" ?

Sorry, no results were found for your query.

Please check your spelling and try your search again.