DNS Security....

What the heck is DNSSEC? This article does a darn good job of explaining it.  If your company isn't using it might be time to get it roll-out. When you can this is a great way to secure your DNS and still let users work.

Brian Wagner

Brian started working with *nix in while a student at Kent State University in the early 90's. In 1995, as an E-Mail Administrator for Caliber Technology (now part of Fedex) he was tasked with administering Sendmail on both Slackware Linux and Solaris Systems. His first home install of Linux was MkLinux DR1 in 1996 on his 60 Mhz PowerMac. Since then Brian has been working and consulting on Linux and it's uses in the Enterprise to support everything from E-Mail, Firewalls, Web and File serving to custom cluster solutions and grid solutions. Brian has had the opportunity to work in both Fortune 500 companies and small 2 person organizations. This has given him the unique insight into the differences every size business faces.

Fedora Project and others have been hacked recently...

We found an article that discusses the fact that the Fedora Project was hacked on 1/22.  It seems that they aren't alone in the problem here of late.  Both the Free Software Foundation and Proftpd have also recently been hacked into.  To our knowledge no real damage has been done but it is a great reminder to change your passwords and make the tough.  Also updating/changing SSH Keys also helps since the Fedora hack used the users SSH Key.

Brian Wagner

Brian started working with *nix in while a student at Kent State University in the early 90's. In 1995, as an E-Mail Administrator for Caliber Technology (now part of Fedex) he was tasked with administering Sendmail on both Slackware Linux and Solaris Systems. His first home install of Linux was MkLinux DR1 in 1996 on his 60 Mhz PowerMac. Since then Brian has been working and consulting on Linux and it's uses in the Enterprise to support everything from E-Mail, Firewalls, Web and File serving to custom cluster solutions and grid solutions. Brian has had the opportunity to work in both Fortune 500 companies and small 2 person organizations. This has given him the unique insight into the differences every size business faces.

Ponemon Institute says Cybercrime costs companies 3.8Mill/year

Network World is reporting on a Ponemon Institute report sponsored by Arcsight.  Remember when reading this that Arcsight makes some really good security monitoring software.  The headline is that the 45 companies surveyed spent an average of 3.8 million dollars per year on Cyber Security.  The range of the companies is pretty large as the smallest was 1 million dollars and the largest was 52 million dollars.  The company size was an equally wide split with the smallest being 500 people and the largest being over 105,000 people.  The nit-picking aside the article is interesting.  They talk about how they came up with the numbers and some of the observations the auditors made.  What makes the numbers the most interesting is that this average dollar amount only includes the participating companies expenses related to actual attacks.  This is not things like firewalls or antivirus software.

The quote of the article was this one on the last page: "The eye-popping thing we found is a lot of organizations are very disorganized in even understanding the environments they're dealing with," Ponemon says.  Ponemon is the director of the institute.  The full article is a quick read and worth sharing with colleges.

Brian Wagner

Brian started working with *nix in while a student at Kent State University in the early 90's. In 1995, as an E-Mail Administrator for Caliber Technology (now part of Fedex) he was tasked with administering Sendmail on both Slackware Linux and Solaris Systems. His first home install of Linux was MkLinux DR1 in 1996 on his 60 Mhz PowerMac. Since then Brian has been working and consulting on Linux and it's uses in the Enterprise to support everything from E-Mail, Firewalls, Web and File serving to custom cluster solutions and grid solutions. Brian has had the opportunity to work in both Fortune 500 companies and small 2 person organizations. This has given him the unique insight into the differences every size business faces.