Monitoring for NDP Spoofing
I have previously posted a blog post describing how to monitor for ARP Spoofing. With IPv6 on everyone’s mind today (It IS on your mind, right?), it would seem that it is a good time to talk about a similar concern for IPv6 networks. IPv6 networks do not support multicast, but they DO have a comparable protocol. Unfortunately, it is also subject to the same exploits using similar techniques. Like ARP however, there are tools available to assist in monitoring and detecting NDP spoofing attempts. Let’s look at how we can proactively monitor this critical function of our network.
Monitoring for ARP Spoofing
Of the many ways that a network can be infiltrated, one of the most difficult to detect and manage is ARP spoofing. This is due to the fact that ARP does not take security into account in its design. Fortunately, there are tools available to assist in monitoring for and detecting ARP spoofing attempts. Obviously, the first steps in addressing a security incident is knowing that there IS an incident, so let’s look at how we can proactively watch for these incidents on our network.
Centralize Your System Logging Using Syslog
System logs are a critical part of system and network maintenance. They are, in fact, one of the key components for managing just about ANY system related incident. Unfortunately these logs are completely inaccessible or untrustable if a system reaches an unbootable state, suffers a catastrophic disk failure, or is compromised by an attacker. For these scenarios, and for general ease of maintenance, one of the best moves that you can make toward converting a group of machines into a manageable network is to set up remote Syslog services.
Should You Take Your Eyes Off the Cloud?
Questions you should ask before considering “Cloud Computing” applications.
More and more, it seems, business and IT managers are being told that “Cloud Computing” is the wave of the future. We are being bombarded with salesman who want to explain this “new technology” to us, and show us why putting our applications in the cloud is a great way to improve services and cut cost. There are many critical considerations which are often not being discussed. It often boils down to asking the right questions. Do you know what to ask?
We’ll take a relatively non-technical look at some questions that should help you make a better decision.
Setting Context Sensitivity in VIM
VIM is one of the kings of the editing world. Built for speed and for flexibility, it is a critical
tool for *nix admins. the one thing it lacks for many people, though, is context sensitivity. This is
easy enough to fix. Read more
Hello world (again)!
OK, so the last design was alot of fun. I have decided, however, to spend a little less time designing the site to make more time for adding content to it. A little less fun for me, but much more enjoyable for everyone else. The latest version of Coehome, v3.0, is running WordPress. There is a certain elegance in being able to simply click a button to add a feature or to upgrade to the current release. Let’s see if this gives me a little more time to post articles…
I will move the posts from the last site over in the next few days. In the mean-time, please feel free to browse around.
Donating Hair for a Cause
It can never be said that helping others is a bad thing.
There are many people looking for ways to “stimulate the economy” with their refunds. Sony, RCA, Dell, GM, Ford, and many other companies are anxiously waiting for our refunds to arrive. There are also a few forgotten uses for this money, and many of these can be far more rewarding than anything we could put on a shelf.
My choice for charities this year is “Children with Hair Loss” (CWHL). Read more
A Letter to Senator Feinstein of California
I sent a letter to Senator Feinstein today after reading a disturbing news headline about the senator attempting to slip an amendment into the stimulus package. You can read a copy of her submission here.
I am not sure what motivated her to try this, but I told her that her methods were a little dubious, and gave my opinion. since I told her that she should debate this issue in the public, and not try to slip amendments in behind closed doors, it is only fair to do the same. here is the text of my email to her, in verbatim… Read more
Suggestions for the Obama Administration's Digital Policy
The new Administration is ready to take office, and one of it’s stated objectives is “reshaping our economy to compete in the digital age.” I applaud the new Administration’s recognition of the fact that we must push to advance our position in the digital frontier to maintain stability, security, and safety. I have a couple of suggestions for their direction, but first I have to put this in scale. Read more
Making Your Go-Kit
The Go kit is one of the hot button-issues in amateur radio. Everyone has their own idea of what a go-kit should be. Let’s start simple and work our way up from there. Read more
From HaDak.orgRemember Aaron Swartz
Aaron spent his life, a brilliant but short burst of light, pursuing his dream of the free and open flow of information. Let us remember his contribution to our lives by making this dream a reality.
