Welcome!

Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Hurricane Labs

By: Bill Mathews - Anyone who listens to our podcast should know that I hate all anti-virus and anti-virus vendors. I really don’t have too many shades of grey when it comes to it, so it’s pretty hard to make me want to do anything regarding anti-virus technology that isn’t just recommending you get rid of the platform that is so susceptible to it. I’ve argued (and still argue) that even though there is clearly a malware issue with Android phones (unless lots of folks are lying), it is not as bad as the vendors make it out to be. They have a whole new platform to infect…err, get adopted on so what is not to like about smartphones being cesspools? I got really curious though and started wondering if these anti-virus tools are as bad on Android as they are on Windows. Do they slow down the phone? Do they drain the life out of the battery (if you’ve ever owned a Thunde... (more)

Review of HTTP 2.0 – The Ever-Changing Web We Live In

Review of HTTP 2.0 – The Ever-Changing Web We Live In By: Aaron Croyle You may have heard recently that Facebook will be implementing SPDY. In that light I’d like to give you a basic understanding of the upcoming improvements to HTTP (HyperText Transfer Protocol). As you probably know, this is the protocol that moves most of the HTML documents and images around the web. Here’s a few definitions to get you up to speed: HTTP/2.0 This is the new version of HTTP currently in development by the httpbis working group of the IETF. The last update was HTTP 1.1 as described in RFC 2616 i... (more)

Creating a Self-Defending Network Using Open Source Software

By: Steve McMaster This past weekend, I presented the idea of a self-defending network at Ohio LinuxFest 2012. The accompanying slides are now available here. So let’s talk about network security. You’ve got a firewall and a DMZ, you’re all set, right? Not so fast slugger. We preach a theory called “defense in depth” here at Hurricane Labs. And that means you need something to defend you when your firewall admins make a mistake. And something to protect you when that layer fails. And so on. So what are these other layers? Well one of them is having a good IDS/IPS system. An IDS/... (more)

Open Source Firewalls - Untangle and pfSense comparison

So this week I had the opportunity of setting up a little lab to test both of these firewalls. Before this week I had no idea these firewalls even existed, and the only open source routing/firewall software I even knew of at the time was Vyatta; which is really only for routing purposes. Starting off, you really need to pay attention to the system requirements, especially Untangles. I attempted to install both of these using Ubuntu with VirtualBox and was in for a nasty surprise. Originally skimming the requirements brought me to this issue, to where I used an old Dell Dimension ... (more)

Nothing New Under the Sun

I recently wrote a couple of to-be-published articles basically laying out all the reasons why we as security professionals should not be running away from so-called "new" technology. Essentially I am asking that we take the time to really understand what's so new about this stuff. SmartPhones, the "cloud", etc these are all repackaged versions of old technology. We're terrified of them because we think we don't understand them. The sad part is, we don't. We seem to be under the impression that all new technology is bad and inherently insecure, it isn't. It's not any more insecu... (more)