NIST just released three great guides relating to network security. SP 800-45 is entitled Guidelines on Electronic Mail Security [pdf], and addresses topics such as securing a mail server, content filtering, various email standards, and of course email encryption and signing.
Also new, SP 800-84 is called Guide to Intrusion Detection and Prevention Systems [pdf]. It discusses IDPS technologies that are network-based, host-based, designed for wireless networks, and those that do network behavior analysis. The document has a good overview of how IDPS works in general, and goes into details of the various implementations. There’s even a section on how to select the right product for your situation.
The third new document is SP 800-97, Establishing Wireless Robust Security Networks [pdf]. This is basically a guide to the IEEE 802.11i standard, which provides much-needed security enhancements to the familiar 802.11 family of wireless standards. The first few sections are an overview of 802.11, with some history lessons on WEP and why it was such a failure, but the rest of the document is great for anyone trying to understand what 802.11i has to offer. Now if I could just get my neighbor to put a password on her access point…
I thought this list of common blunders made during an investigation was very practical, and it’s always interesting to hear war stories of prior screw ups. A lot of them are common sense and simple, such as keep good notes, and maintain the chain of custody. Some other tips were more insightful, such as keeping an eye out for exonerating - not just incriminating - evidence.
OpenID is a specification for doing decentralized authentication of users on the Internet. It allows you to send your credentials to multiple OpenID-enabled sites, while using only one password to authenticate to your OpenID provider - which can be your very own server. It’s a neat idea to move closer towards a single sign-on implementation for the web at large. So far some pretty big names have committed to using OpenID, including Microsoft, AOL and, most recently, Digg. But, as with any new security protocol, it will take time to analyze and discover potential vulnerabilities.
If you’d like to try it out for yourself, simply register at MyOpenID and go to a supported website (they will provide some examples after you register).
A guy who runs SETI@home on a bunch of his computers used it to locate and recover his wife’s stolen laptop! The SETI client application sends its results to the main database every few days, and then downloads new work to do. Well, when this connection happens, the SETI database logs the client’s IP address. After his wife’s laptop was stolen, James Melin repeatedly checked his SETI page to see if the laptop was checking in. Sure enough, whoever stole it didn’t bother to reinstall anything, and just hooked it right up to the Internet. His IP address was logged and provided to the police, who then subpoenaed the ISP for the physical address of the customer it was assigned to. An excellent use of SETI, if you ask me.
Ars Technica did an in-depth review of the newly released Lightroom application for digital photography. I’ve been using the beta version for a while, and it’s pretty much taken over my work flow from Photoshop CS. It’s available at a big discount through the end of April, so I’m sure to pick it up before then.
