Posts tagged ‘black hat conference’

Avoid DNS Poisoning: USE Open DNS

I’m going to go into the DNS thing in a bit more detail later, probably.  DNS is a Domain Name Server.  As I recall–being senile, I’m probably wrong [I’m not] you had to type in the whole thing, http[s]:/ etc. and at least sometimes actual IPs.  If you go to Open DNS you’ll see an example.  You don’t have to set up your router, if you have one.  The internet actually “sees” your router as one IP address.  This is an added layer of (trusted) protection named at the Black Hat Conference.  That’s not fedoras, it’s hackers.  So I hear, never having known how to program.  Here’s one of Erik Larkin’s comments on lines of protection: “5. Your fix-it options: Apply the patch for your particular DNS server.  Or switch to a protected service like Open DNS where you use their servers.”  [If you don’t use a router, then your Internet Service Provider is the source of your servers…which pretty much means you actually just use their servers.  Nor have any of the providers been particularly speedy or adept at applying any fixes.  That may–not that I sympathize in the least–have been because the management felt overwhelmed and unable to dedicate enough tech support time.  If I were daring, I’d say it was actually mainly because they didn’t give a damn, but I believe in, well, everything.  It’s why I’m so cheerful.  Note that I linked to Erik’s article twice, because it’s nearly a must-read for anyone who uses the internet, especially for businesses.  It’s serious, and it’s a simple fix.

–Glenn

August 12, 2008 at 1:39 pm Leave a comment

The Black Hat Conference and a Memorable Hack

I wasn’t involved; the reporter who was I’m sure would verify that if pressed.  eWeek is one of the more respectable business publications, with information varying from ‘CIO-only’ to general interest.  The Black Hat Conference, held yearly in Las Vegas, is where security researchers meet and discuss issues.  I intend and expect to bring up some more news from this one, but this nearly tops them all.  Bear in mind that the demonstration did violate the rules of the conference and the ones who…got the eWeek reporter’s password from a hack…might face criminal charges.  I don’t know.  It would depend on how much of a sense of humor is involved.

 

It’s also a glaring demonstration of how vulnerable we all are.  I currently use the Avant Browser simply because it’s so easy to turn off most of the dangerous features.  Firefox 3.0 and Opera…9.5 (okay, my memory isn’t photographic any more), anyway the most recent [it is 9.5]; IE 8 is still in beta and has to be used on an IE7 emulation for a lot of things.  I will also cover the trick that was used to get Brian’s password.  He is an excellent reporter and an intelligent man.  I’ll have to put him down when I reach perfection.

–Glenn

August 11, 2008 at 10:56 am Leave a comment