Blog, n. - online journal, of interest to noone, updated infrequently and irregularly.

Thoughts on the future of Anti-Virus

One of the reasons I haven't been updating this blog much is that I have been doing less technical work of interest and spent more of my time thinking about building defenses. One of the issues that pop up when evaluating defensive technologies is where Anti-Virus products fit in ...

Striking gold in DNS reply packets

When probing a client's Internet-facing network I saw some strange replies to DNS queries. Their setup was pretty simple, a classic three-legged firewall with som public services on the DMZ. I managed to find the RFC 1918 addresses used on the DMZ segment through a misconfigured IIS and shot ...

Automatic Visio network map generation

So I got a request from a customer recently to have his three datacentres scanned to discover what devices were actually on the different network segments and then proceed with vulnerability assessment scans of the managed hosts. So far nothing I hadn't encountered before, but this particular CISO was ...