Skip to main content

Posts

Showing posts from August, 2010

Why I haven't written

I haven't been writing recently.  Been kinda busy.

For those of you that haven't heard, my wife gave birth to our baby boy last Wednesday.

His name is Paul Esler.

Start with a cage containing five monkeys.

Start with a cage containing five monkeys.
Inside the cage, hang a banana on a string and place a set of stairs under it. Before long, a monkey will go to the stairs and start to climb towards the banana. As soon as he touches the stairs, spray all of the other monkeys with cold water. After a while, another monkey makes an attempt with the same result - all the other monkeys are sprayed with cold water. Pretty soon, when another monkey tries to climb the stairs, the other monkeys will try to prevent it.
Now, put away the cold water.
Remove one monkey from the cage and replace it with a new one. The new monkey sees the banana and wants to climb the stairs. To his surprise and horror, all of the other monkeys attack him. After another attempt and attack, he knows that if he tries to climb the stairs, he will be assaulted.
Next, remove another of the original five monkeys and replace it with a new one. The newcomer goes to the stairs and is attacked. The previous newcomer takes part i…

Security for the SMB makes sense, by Jason Brvenik

Security for the SMB makes sense.

I was off reading some older articles written on a couple of blogs that I follow looking for something in particular. Well, I never did find what i was looking for (in regards to the article itself), but I did reread this post by Jason Brvenik over at Snort.org.

This is a great article in response to another article about why small business shouldn't invest in IPS (which is a crazy view). Jason really does a nice job of laying out the reasons why its important. Definitely worth the read, or reread if you've seen it before.

Google Wave, it's dead. So sad.

In case you haven't heard.
So, on Google's "Official" Blog (which one guys?  You have so many!) they announced yesterday that they are pulling the plug on Google Wave.
So sad.
I think Wave had some really good potential, but I'll say it here, as I have said it since the beginning, Wave would have never caught on unless it replaced something else.  Wave was pretty neat, it was like a Wiki, Google Docs, Gmail, Gtalk, and god-knows-what-else all rolled into one.  It worked, it worked pretty well.  But it didn't replace anything for anyone.  It was a "and also" technology.
Let's Hope
Google rolls some of the technology they developed for Wave into the rest of their products.  For instance, simultaneous typing. That could be useful in Gmail and Gtalk.

I think the collaboration-on-documents idea was great.  That would be most useful in a corporate setting.  I would have loved to use it at Sourcefire.
Design
Some of their design ideas were great. Look at the n…

Now that I have these IDS events, now what?

In my full-time job I work for Sourcefire, as a Sourcefire and Snort Professional Services Consultant.  I deal with a different customer every week (sometimes every day), and with each customer comes a separate set of IDS events.  Customers will often tell me "this network is unlike any you've ever seen before", and for the most part, they are right.  While all networks consist of servers, desktops, switches, routers, firewalls, antivirus, and even IDSes, all networks are essentially the same in that respect.  However, each of them pose their own unique set up and vulnerability attack-landscape.  Each network is unique in this way, it doesn't matter if you have 300,000 users on your network or 10.  All that does is make your life as a security person more difficult, this is essentially a number.  That number may increase lots of things, people hired to handle them, number of sensors needed, the amount of bandwidth needed, etc.

So, in dealing with the hundreds, perhaps…

New Digg Interface Invites

I have a couple posts brewing in my head that I need to get down on paper, but in the meantime, I have 5 invites for the new Digg.com interface if anyone wants them.

First five people to send me their email address get them.