<< November 2009 | Home | January 2010 >>

Google Public DNS Infrastructure

 

 

Google is digging into the core of the Internet by offering their own DNS infrastructure. Google Public DNS is a free, global Domain Name System (DNS) resolution service, that you can use as an alternative to your current DNS provider.

Why using Google DNS?

Security? Yes - that's the answer google gives

http://code.google.com/speed/public-dns/docs/security.html

I am not totally convinced in the idea of giving the core ip to fqdn translation into googles hand. One that is on a company interest. But this is my first thought about it. 

Have a safe day

E1

 

 

Add a comment is disabled RSS feed for responses to this blog entry
Posted by Ivan Buetler on December 17, 2009 11:39:00 AM CET #

Protect our kids in the virtual space - UBS Netcity Campaign


I really appreciate the idea of the 2010/2011 UBS campaign "netcity.org" for our kids and children. The awareness bus will tour in Switzerland the next year where the kids will learn interactively to stay safe in the virtual space.

Download the UBS info letter here: UBS Netcity.org Awareness Campaign

Regards
E1


Add a comment is disabled RSS feed for responses to this blog entry
Posted by Ivan Buetler on December 11, 2009 1:28:00 PM CET #

Guest Visit @ ISSS


Yesterday evening, I was invited by ISSS to join their board meeting in Bern. First, we had the chance to visit "Der Zytglogge" Tower - that was quite nice. Especially the 400 year old clock and the weird gears and cables make this place just awesome to me. I took a picture from the window ...




Afterwards, they had their ISSS strategic meeting where I must admire the high profession and power to change things. I will take my time to think about joing the board member group soon (if they want me too).

Have a safe weekend
E1
Add a comment is disabled RSS feed for responses to this blog entry
Posted by Ivan Buetler on December 4, 2009 5:04:00 PM CET #

Update Etterfilter MitM


Exactly 1 year ago, I wrote about arp spoofing and traffic content replacement with ettercap and etterfile. Martin Suess from Compass Security now discloses a nice video in how such an attack could performed.

How can we protect our assets?
  1. Do not download binaries from untrusted sources
  2. Verify available hashes and signatures (if available)
  3. Run your program as standard user (if possible)
  4. Be defensive

Watch the video from Hacking-Lab
http://www.hacking-lab.com/download/

Have a safe day
E1
Tags :
Add a comment is disabled RSS feed for responses to this blog entry
Posted by Ivan Buetler on December 3, 2009 11:40:00 AM CET #

Tomcat Server Banner Hiding Technique


I am not a big fan of security by obscurity. But if this helps to stop automated scanners from attacking our servers day and night, I am more than willing to change the server banner of my web server. This is an easy task for Apache web servers, but how to change the banner in your Tomcat application server?

Use the "server" directive in your web.xml!
<!-- Entry for intranet.csnc.ch -->
  <Connector port="8081" maxHttpHeaderSize="8192"
     maxThreads="150" server="Compass-Coyote" 
	 minSpareThreads="25" maxSpareThreads="75"
     enableLookups="false" redirectPort="8443" 
	 acceptCount="100"
     proxyName="www.mypage.com" proxyPort="80"
     connectionTimeout="20000" disableUploadTimeout="true" />

Thanks to Daniel Stirnimann for sharing this tipp.
E1
Tags :
Add a comment is disabled RSS feed for responses to this blog entry
Posted by Ivan Buetler on December 2, 2009 10:18:00 PM CET #