Sun, 02 Oct 2005
Toorcon 2005 Slides Available
I've never been able to get to a Toorcon but from reading the Toorcon 2005 slides it
seems they have a number of quality speakers. The three highlights from
this years sessions seem to be Introducing the Bastille
Hardening Assessment Tool by Jay Beale, How Big is that Foot
in the Door by Foofus and Simple Nomads How Hackers Get
Caught.
The intro to Bastille does both a good job of explaining why you should care about hardening, which includes some great quotes: The NSA's Information Assurance Directorate evaluated a system locked-down following CIS's Windows 2000 guide. 90 percent of all the vulnerabilities in this platform were mitigated by the guide. It also introduces some of the knowledge required to add your own Bastille checks.
Foofus's talk is an ideas spring board and well worth a read. His slides show mapping out relationships between machines and how a single compromised password can bring down a large chunk of your infrastructure. I can't wait for a canned tool, sysadmin friendly, that I can use for this.
Simple Nomads talk is less technically focused but more entertaining. He covers some of the back and forth of attacking and the stupid thing skiddies do. It's worth a read and serves as an amusing refresher.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2005/10/02 10:39 | /security | Permanent link to this entry | This entry + same date
Rollyo - Nice UI But Nothing New
I've spent a couple of minutes (yep, very in-depth :)) playing with Rollyo, a way to run searches over
multiple sites. The site's pretty slick (and looks quite
Basecamp/37signals inspired) but I can't help but think I've been here
before...
Mozilla, and FireFox with a plugin, have something called the search sidebar. This little piece of magic allows you to run a search over multiple sites at the same time and integrates the results; each site search is implemented using a mycroft search plugin. Except that those are text files and easier to customise if you know a little about HTML.
One thing that did bother me though was the lack of meaningful page titles. Look at the front page and the title says "ROLLYO". Look at a profile and the title says "ROLLYO". Spot a pattern?
Now don't get me wrong, Rollyo looks a lot prettier and makes this functionality available to a lot more people but it's not quite the power-tool the Mozilla version can be.
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2005/10/02 09:37 | /tools/online | Permanent link to this entry | This entry + same date
Copyright © 2000-2005 Dean Wilson
