Welcome!

Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Hurricane Labs

By Bill Mathews This is the follow up to my award-winning post “Why the Cloud Matters” (okay so it hasn’t won any awards yet but it did win some enemies). This post is dedicated to all the DMs I received via Twitter (runs on the cloud) about that article. Many folks seemed to think that I was singing the cloud’s praises and speaking nothing of its many faults. This is patently untrue. As anyone who knows me will tell you, I pretty much dislike almost everything and find fault in nearly everything – the cloud is no different. A lot of applications in the cloud have many, many issues. For instance Twitter, which runs in the “cloud”, has its own share of documented issues. From being over-capacity (hello fail whale) to just simply being down, cloud failures do happen and it is not a nirvana. Gmail has developed quite a reputation (unfairly some would say) for being d... (more)

Snowpocalypse 2010: Report From ShmooCon 2010

Here I am at ShmooCon 2010 right in the middle of what people here in Washington DC are calling Snowpocalypse 2010. The Metro, busses, and taxis are all closed down and essentially the city has shut down. Being from Cleveland I find it a little laughable but it’s still a pretty bad storm. Well that hasn’t stopped ShmooCon from going strong. This being my first hacker con it took me a little while to get acclimated to what kind of talks would be interesting and relevant to me as a network/firewall security guy. The first talk I found interesting was about an OWASP project called O... (more)

Where Security and Current Events Meet

Yesterday we started getting floods of malware alerts for machines on many different networks that we manage going out to a site that was identified a while ago for MS08-067 type activity. So we did our due diligence and notified our clients that we were seeing this traffic attempting to leave their network. As of now the alerts are still coming in. If you've watched the news at all over the past couple of days you've heard about the events in Austin, TX involving a plane being intentionally flown into an IRS building there. Thankfully only the pilot was killed and our thoughts g... (more)

Nothing New Under the Sun

I recently wrote a couple of to-be-published articles basically laying out all the reasons why we as security professionals should not be running away from so-called "new" technology. Essentially I am asking that we take the time to really understand what's so new about this stuff. SmartPhones, the "cloud", etc these are all repackaged versions of old technology. We're terrified of them because we think we don't understand them. The sad part is, we don't. We seem to be under the impression that all new technology is bad and inherently insecure, it isn't. It's not any more insecu... (more)

Open Source Firewalls - Untangle and pfSense comparison

So this week I had the opportunity of setting up a little lab to test both of these firewalls. Before this week I had no idea these firewalls even existed, and the only open source routing/firewall software I even knew of at the time was Vyatta; which is really only for routing purposes. Starting off, you really need to pay attention to the system requirements, especially Untangles. I attempted to install both of these using Ubuntu with VirtualBox and was in for a nasty surprise. Originally skimming the requirements brought me to this issue, to where I used an old Dell Dimension ... (more)