Jumat, 31 Januari 2003
Windows Rootkit ierk8243.sys
Review of Windows XP Professional Security Posted
Good administration-oriented security books teach more than proper system configuration. They illuminate the inner workings of the operating system and explain why certain strategies work best. WXPPS doesn't just list OS settings; it explains what they mean and how they have consequences.
Senin, 27 Januari 2003
Port 1434 UDP Traffic
Sabtu, 25 Januari 2003
DALnet DDoS Attacks
SQL Slammer
Review of Hacker's Challenge 2 Posted
I've given up on seeing Mike Schiffman correctly abbreviate the Air Force Information Warfare Center as "AFIWC" in his biography. His use of "AFWIC" must refer to the UN's AFrican Women In Crisis program and not the talk he gave to the AFIWC in Apr 99!
Jumat, 24 Januari 2003
DNS Traffic Analysis Results
Scientists at the San Diego Supercomputer Center (SDSC) at UCSD analyzing traffic to one of the 13 Domain Name System (DNS) “root” servers at the heart of the Internet found that the server spends the majority of its time dealing with unnecessary queries.
The paper explains what is happening and offers recommendations. Observations made at one server for one day don't conform to rigorous statistical norms, but the findings are interesting nevertheless. slashdot is discussing the findings.
Selasa, 21 Januari 2003
Amazon.com Review Updates
While my review of Hacker's Challenge 2 appears on the book's page, it's not listed on my reviews yet. I guess Amazon.com is still having database issues.
Senin, 20 Januari 2003
FreeBSD 5.0 Released
Sabtu, 18 Januari 2003
Response from Amazon.com
Dear Richard,
Thank you for writing to Amazon.com.
At this time we have encountered some technical issues with customer reviews on the Amazon.com website. These issues have impacted the majority of our customers who submit reviews to the website and have resulted in the inability of customers to properly view their reviews in their About You Areas, the disappearance of previously posted reviews, and the delay in the posting of their most recent review submissions.
Our technical support staff is aware of each of these problems and are researching the cause of each of the issues. Please be aware that they have implemented changes to our database to resolve these issues. These changes will be affecting the website over the course of the next few business days. We appreciate your patience during
this time period.
Thank you for your interest in Amazon.com.
Kamis, 16 Januari 2003
Email to Amazon.com
Hello,
Amazon.com is a great site and I'm amazed you can manage as much information as you do!
I noticed Amazon.com appears to be having trouble with some of its book information. While I no longer see that books not yet published will arrive on "December 31, 1969," the review data seems out of sync. For example, when visiting this link to look at my reviews, the last one I see is for the book "BGP" by Iljitsch Van Beijnum, reviewed on 5 Jan 03:
However, a review I wrote on 8 Jan 03 for the book "Implementing Intrusion Detection Systems : A Hands-On Guide for Securing the Network" by Tim Crothers appears only at this link:
Also, I submitted a review for this book on 11 Jan, but haven't seen the review posted yet:
Is Amazon.com still experiencing some trouble with its reviews?
Thank you,
Richard Bejtlich
Rabu, 15 Januari 2003
Amazon.com Problem
Selasa, 14 Januari 2003
Response from Amazon.com
Hello Richard,
Thank you for writing to Amazon.com to bring this to our attention.
Our technical support staff is aware of the problem that has affected the proper displaying of customer reviews within each customer's About You area. It does appear that this problem is currently affecting almost all of our reviewers. As our technical support staff has not completed diagnosing the cause of this problem they have been unable to provide an estimate as to when the problem will be rectified. We appreciate your patience while they work to find a solution.
Thank you for your interest in Amazon.com.
I also noticed books with a publication date in the future are listed as "Availability: This title will be released on December 31, 1969. You may order it now and we will ship it to you when it arrives"!
Minggu, 12 Januari 2003
New TaoSecurity.com and Listmania Lists
I also updated my Listmania Lists, aka "Recommended Reading," at Amazon.com. I broke the lists down into five "Digital Security" categories:
- Weapons and Tactics
- Communications
- Scripting and Programming
- System Administration
- Management Essentials
While I've read most of the Weapons and Tactics and Communications books, I am only now starting the books from the other lists. Email me if you might recommend a better book, especially one on Windows system administration.
Sabtu, 11 Januari 2003
SecurityFocus Removes Exploits from Database
Story on DNS Root Servers
"The eight U.S. gTLDs are all currently operated by Network Solutions and run on IBM AIX servers using the same software. As with root servers, there are also international gTLDs, located in Hong Kong, Tokyo, Stockholm, and the U.K. The gTLDs get many more requests than the root servers and are in fact more critical to DNS operation. The root servers simply point to the gTLDs and ccTLDs. These servers, in turn, return the addresses of the authoritative name servers for most domains."
Amazon.com Error
Jumat, 10 Januari 2003
Review of Implementing Intrusion Detection Systems Posted
Rabu, 08 Januari 2003
First Post and Review of BGP Posted
My first published review of 2003 is a four star review of BGP (O'Reilly, Sep 2002) by Iljitsch Van Beijnum.
You can see my book reading (and reviewing) schedule by visiting www.bejtlich.net/reading.html. I will no longer try to review every security book which hits the shelves! That was a pipe dream, even when I started reading these sorts of books in 1998. The books I add to my schedule either address a topic about which I need to know more, or offer original content by an interesting author.
Thank you for visiting!
Richard Bejtlich
TaoSecurity