Random Tech-Bits is a periodic roundup of interesting technology related links & news stories.
- SSL bypass method described at Black Hat D.C. – Link here to the actual presentation. SSLStrip will be posted here within a few days.
- Security Assessment of TCP – Comprehensive assessment of TCP weaknesses and vulnerabilities, from the UK’s CPNI.
- Call for DNSSEC deployment – Dan Kaminsky pushes for DNSSEC adoption: “It’s time to sign the root and be done with it.“ Check out my DNSSEC related posts here: DNSSEC 101 and Enabling DNSSEC on BIND.
- Recent legislation introduced into the U.S. House and Senate will apparently require service providers maintain all access logs for 2 years. It has interesting implications: “not just public Wi-Fi access points, but … individuals, small businesses, large corporations, …every employer that uses DHCP for its network”. Full story here.
- Thwarting an Internal Hacker – WSJ article by Bruce Schneier analyzing insider threat protection; the recommendations are mostly common sense.
- Conficker / Downadup worm variant, Conficker B++ spotted in the wild.
Filed under: Random Tech-Bits | Tagged: Conficker, Conficker B++, DNSSEC, Downadup, internal threats, Internet SAFETY Act, SSL, SSL Bypass, SSLStrip, TCP Security, TCP/IP Security
