Updated: See http://securosis.com/2007/11/15/ipfw-rules/.
I just spent entirely too much time digging into the Leopard firewall, and here’s what I’ve found. The less geeky version will be out on TidBITS (probably tomorrow); this is just the summary of actual behavior:
I’m almost done with my deeper review of the firewall, but discovered something ugly in the process of podcasting and firewall testing.
From Chris Pepper:
A post on some handy commands
Chris is my first resource when I need help with the command line.
Okay, it’s not that scary, other than the fact Martin isn’t even in the episode this week. That’s right, I flew solo and invited Glenn Fleishman from TidBITS and Wi-Fi Networking News to join me in an episode dedicated to the security issues around the release of Mac OS X 10.5 Leopard.
Just a quick note that I have a short article up on Network World on DLP.
I answered the question, “With all the recent news about acquisitions in the DLP space, I’m unsure if now is the time to select a solution or if I should wait. How can I tell the right time to get into DLP?”
I was reading this post by Richard Bejtlich and it reminded me of a little pet peeve.
It seems some people out there criticize Richard for focusing more on external threats than the big bad, “internal threat”. I’ll admit I used to use the term frequently when I was a little naive, but I finally realized it became code for “scary stuff you’ll never be able to protect yourself from without spending a lot of money on our products.”
We have some guests in town so it will be a couple more days until I’m back to the regular blogging schedule, but I did manage to install Leopard this weekend.
Good news for Provilla, but this one could go either way on the whole good/bad scale.
I’d heard some good things about Provilla’s technology, but if Trend thinks they can solve this with an endpoint-only solution they won’t succeed and those with hybrid solutions will trounce them. Thoroughly.
It hasn’t taken long, but I’m a Twitter convert. I didn’t realize how useful a short-message broadcast tool could be, especially one linked to mobile phones and IM with a persistent web page. No, I don’t really care what people are eating for lunch, but as Threat Level reports, it’s become amazingly useful in dealing with the California fires.
Chris Hoff and I (and a few others, like Adrian Lane and Gu
er Peterson) have started waxing philosophic quite a bit lately. From debates over Jericho to emotional rants on staying motivated in security, to the security vs. survivability debate, we’ve strayed from our more practical advice and wandered into the land of coffee shops, security jazz, and stupid black berets on our heads.