Stories by Vince Tuesday

Back door puts vendor on hot seat

It's not polite to poke fun at your vendors, but during a recent meeting with our Cisco reps, I couldn't resist. We had the reps in for a chat about some of Cisco's latest security products and our planned wireless LAN deployment. But my team and I had questions for them after reading news reports of a security problem with their Wireless LAN Solution Engine and Hosting Solution Engine products.

E-mail gateway works too well

Whenever a new virus appears, I worry that it will be clever, elegant -- and a headline on the nightly news. That combination means that everyone in management will want to know what's going on before we know ourselves. That happened before with SQL Slammer. But with the recent Mydoom virus outbreak, our own protective systems became the publicity machine that created a companywide panic.

Bad policy makes for weak passwords

It's unprofessional to break down and sob during a meeting, but I came pretty close a few times last week as I finally began to understand the details of the IT security systems and processes my new company uses to protect itself.

Hidden vulnerability dogs VPN project

I recently changed positions and have been trying to understand the many projects already under way here. The most vital of these is a planned virtual private network (VPN) rollout. My company has many staffers who travel, as well as those who want to work from home.

New job brings back old problems

At 10 a.m., the boss called the entire IT security team into a meeting room, but without the line manager. He said that the line manager had been sacked.

Layered defense falls to worm attack

We were pushing for a speedy move to the supposedly more secure Windows Server 2003 -- until we ran into the vulnerability in remote procedure call (RPC) services that use the Distributed Component Object Model. Every version of Windows, including Server 2003, is vulnerable to this latest buffer-overflow flaw. So we're rethinking our plans.

Faulty rules foul router protection

Last week, my team and I discovered a vulnerability in the Cisco Systems Inc. equipment we use in our global network. There are 253 possible IP-based protocols in IP Version 4, and the majority of Cisco routers and switches have a serious problem with four of them. The flaw leaves unpatched equipment open to denial-of-service attacks.

Corporation caught in the cross hairs

My company deals with large electronic financial transactions on a regular basis, and I worry that this makes us the perfect target for a focused attack on our networks. This issue had been a theoretical one for me, however, until last week.

Experts stumble on PKI security project

Five years ago, before I was hired, my company rolled out a financial services application to 20,000 users at 900 companies in 18 countries. The company knew it needed something better than just user names and passwords for authentication, so it built a public-key infrastructure (PKI).

The security manager's road to perdition

Every so often I meet with a group of my peers to trade war stories about life in the security trenches. Mostly we swap technical hints and tips about what works when trying to sell security to management. Recently, the topic was manager and staff issues.

Cost-effective remote access proves elusive

Everyone says they want security. They don't. Deep down, end users don't care. They want MP3 downloads, and damn the viruses. They want a blank password, and if forced to have one, they want Windows to remember it for them.

Database wipeout turns into unsolved mystery

One night last week, I was rushing to get home at a decent time when the head of our software support team slipped me a note suggesting that I look into an issue with data loss on one of our production database servers. I was tempted to just leave it until the next day, but I decided to investigate right away to obtain the highest-quality data from the fresh crime scene.

Certification more political than practical

Some months ago, I proudly earned my Global Information Assurance Certification (GIAC) in network intrusion detection from the SANS Institute Inc. I was impressed by the technical depth of the course and by the difficulty of the evaluation process.