www.flickr.com
|
Just because the NSA's website looks like it was created in the Geocities generation doesn't mean it doesn't have some good content. An update to the 60 minute security guide was released this week. In addition to their other security guides it makes a good starting point for system hardening. Of course, this is just in addition to our favorite resources at the SANS.org site and the US-CERT.
Due to an increased network threat condition, the Defense Department is
blocking all HTML-based e-mail messages and has banned the use of
Outlook Web Access e-mail applications, according to a spokesman for
the Joint Task Force for Global Network Operations.
An internal
message available on the Internet from the Defense Security Service
(DSS) states that JTF-GNO raised the network threat condition from
Information Condition 5, which indicates normal operating conditions,
to Infocon 4 “in the face of continuing and sophisticated threats”
against Defense Department networks.
FCW.com - DOD bars use of HTML e-mail, Outlook Web Access.
If you're not already blocking or filtering by country, now is the time to think about it. Easy to do using country based RBLs. The US tops the list at 23.2% while China follows up with 20%.
HNS - Sophos reveals latest spam relaying countries.
CERIAS Weblogs » Security Myths and Passwords
In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and thus may get propagated to environments they were not meant to address. It is also the case that as technology changes, the underlying (and unstated) assumptions underlying these bits of conventional wisdom also change. The result is a stale policy that may no longer be effective…or possibly even dangerous.
http://www.keykatcher.com/tutorial/index.htm
http://astalavista.com/index.php?page=76
File under the "DUH!" category.
http://www.ebcvg.com/articles.php?id=743
