2.24.2007

New Checkpoint UTM appliance is on Crossbeam! w00t!

Finally, Checkpoint has come out with some good news! Their new small to medium business appliance is on crossbeam hardware. The appliance follows the all-in-one trend most security companies are following. The list of features include: Firewall, Web Application Firewall(isn't this included in firewall? lol), VoIP security, SSL VPN connectivity, anti-spyware, URL filtering, and IM/P2P blocking. I haven't seen the pricing yet, but I'm hearing it's not cheap. I'm going to try and get my hands on one, so that I can write a proper review. A little birdie told me that 5 SSL VPN user licenses are included. Finally, Check Point's marketing team is doing something right.

Check Point / CrossBeam UTM Appliance

2.20.2007

Packet Sniffing 101 with Pcap

This a good article on packet sniffing and has some example uses of Net::Pcap in Perl.

Reliable Packet Dissection and Sniffing

2.16.2007

Fingerprint authentication on latest Toshiba Smart Phones

Toshiba isn't really known for bleeding edge cell phones. However, they have recently made a major leap towards a more secure cell phone. I think this is cool and I expect more cell phones to follow. Supposedly, this is the year for mobile device security. There has been mobile device encryption out for some time from companies like PointSec. Also, two-factor authentication has been around for mobiles from the likes of RSA and others. I bet that Paris Hilton and other celebs wish that they had this technology back when their phones got jacked.

Fingerprint authentication on latest Toshiba Smart Phones

2.14.2007

People are still using telnet?

Apparently, there are people out there still using telnet. If that's not bad enough, recently a nasty zero day vulnerability in the telnet daemon of Solaris 10 & 11 was discovered. Nowadays, almost everything has SSH support so there is no excuse to be using telnet. I really don't think telnet is a good idea even behind your perimeter line of defense. In my opinion, if something needs a password, then it needs encryption too.

More on the Solaris telnet zero day...