May 13th, 2008 Drazen Drazic
As I mentioned before, we’re putting together a Blog Directory of Australian and New Zealand security bloggers and independent news sites. So far, not so many, but if you’d like to be on the list, email me or get me through the “Contact Me” section of the website.
Posted in news | 3 Comments »
May 9th, 2008 Drazen Drazic
Is there anything bad happening on the net not being blamed on “Chinese Hackers”? Forget the story….same old stuff. Some of the comments here are priceless:
www.theregister.co.uk/2008/05/08/belgium_india_china_warnings/comments/
Now just in case there is some language issues thing here in translation, this is a sarcastic post and in no way talking bad about Chinese Hackers. Point those probes in another direction. 
Posted in Bad Stuff, Dumb Security, To cool, WTF, cyber crime | 2 Comments »
May 9th, 2008 Drazen Drazic
Interesting and good to see IPv6 get a mention/submission in Australia’s 2020 Summit. The submission is here. Not sure where it is headed as I couldn’t see any mention in the Initial Summit Report. Maybe others have heard more about this?
We haven’t lacked in some good write-ups on IPv6 in recent times. Thanks to Donal for passing this one from Arbor Networks onto me.
The Google IPv6 2008 Conference panel video is well worth seeing if you haven’t already.
Are we getting much closer?
Previous Beast or Buddha posts:
http://beastorbuddha.com/2008/03/31/some-good-ipv6-links/
http://beastorbuddha.com/2007/05/10/ipv6whenwhysecurity/
From 2001; IPv6 and the Future of the Internet.
Posted in Research | 3 Comments »
May 8th, 2008 Drazen Drazic
Declan’s recent post on logging being a double edged sword started some interesting discussion. Anton Chuvakin follows-up further on his blog and writes:
“Reverse compliance” is a motivation to purposefully avoid technologies that have a chance of telling you that you are NOT in compliance. Sadly, logging is featured very high on the list of such technologies that a) tell you about all the problems with your compliance posture (e.g. direct violations of regulatory requirements, lack of controls, inefficient controls, policies not followed, etc) as well as b) are mandated by various regulations (e.g. PCI DSS) and c) actively used by auditors for finding compliance issues.
Read the rest of Anton’s post.
Posted in Disclosure Laws, Forensics, PCI, PCI DSS, Risk Management, cyber crime, governance | 3 Comments »
QualysGuard is the widest deployed security on-demand platform in the world. For all your vulnerability management, assessment and compliance requirements. Test it now. It is that quick and simple. Risk free, no commitment and no software to download!
