Friday, September 09, 2005
Ruxcon coming up
"RUXCON is a conference organised by and for the Australian computer security community. "
Its on the weekend of the 1st and 2nd of October in Sydney. Some of the presentations look quite good including the Deep Penetration Testing using OWASP 2.0 by Andrew Van Der Stock and Attack automation by Roelof Temmingh of SensePost.
Look out for me there and say g'day.
Its on the weekend of the 1st and 2nd of October in Sydney. Some of the presentations look quite good including the Deep Penetration Testing using OWASP 2.0 by Andrew Van Der Stock and Attack automation by Roelof Temmingh of SensePost.
Look out for me there and say g'day.
Monday, September 05, 2005
ISA pain
After my recent hardware and software upgrades, I found that ISA2000 server was very flaky under Windows 2003, sometimes causing the Computer Manager application to crash just by reviewing settings. Even with the latest service packs.
So I upgraded to ISA2004 (a free upgrade!). Yuk. M$ is turning what was a proxy cache into a firewall. Each new version since Proxy Server 2 has been more and more focused on being a firewall. (Good luck to the brave folk who trust M$ software enough to run it as a full blown firewall.) But I digress...
Anyway the firewall features were more of a hindrance to me as this set-up is already behind a firewall. The ISA firewall can't be turned off, you have to have an allow all rule if you want to disable firewalling but keep the caching features. It was also chewing resources. So I looked around for an alternative.
Long story short... I ended up using a Win32 port of Squid. It is way faster than ISA, is more configurable, uses less memory and its free.
So I upgraded to ISA2004 (a free upgrade!). Yuk. M$ is turning what was a proxy cache into a firewall. Each new version since Proxy Server 2 has been more and more focused on being a firewall. (Good luck to the brave folk who trust M$ software enough to run it as a full blown firewall.) But I digress...
Anyway the firewall features were more of a hindrance to me as this set-up is already behind a firewall. The ISA firewall can't be turned off, you have to have an allow all rule if you want to disable firewalling but keep the caching features. It was also chewing resources. So I looked around for an alternative.
Long story short... I ended up using a Win32 port of Squid. It is way faster than ISA, is more configurable, uses less memory and its free.
Lab upgrade
Pentester labs experience a recent hardware and software upgrade. The hardware upgrades consisted of faster processors and more memory, with my main file server getting a funky Promise TX4000 RAID card running in RAID 5 configuration.
The main file server was trashed and replaced with upgraded hardware and Windows 2003 Standard Edition. Win2K3 is the best iteration of M$ server software to date. Very impressed how most things now default to secure configuration. Stability has also been good.
My VMWare server which was running Windows 2000 got a hard drive upgrade and was rebuilt to run Gentoo with only GSX server and a SSH server. VMWare sessions are noticably faster.
Why didn't I run Gentoo on the main file server? I thought about it but I have some legacy apps that need Windows and besides its good to have a foot in both camps.
The main file server was trashed and replaced with upgraded hardware and Windows 2003 Standard Edition. Win2K3 is the best iteration of M$ server software to date. Very impressed how most things now default to secure configuration. Stability has also been good.
My VMWare server which was running Windows 2000 got a hard drive upgrade and was rebuilt to run Gentoo with only GSX server and a SSH server. VMWare sessions are noticably faster.
Why didn't I run Gentoo on the main file server? I thought about it but I have some legacy apps that need Windows and besides its good to have a foot in both camps.
