Papers
Here is a collection of technical papers, mostly about information security, that I have written over the past few years.Transparent Web Proxying with Cisco, Squid, and WCCP
July, 2010This paper shows how to implement transparent web caching using a Cisco router as a gateway and the Squid caching proxy server. The WCCP protocol is used to register the proxy to the router to provide seamless and scalable transparent proxying of web traffic.
The Best Guides for Managing Information Security
July, 2007This paper reviews the best security guides available on the Internet : including the Open Source Security Testing Methodology, various NIST Guides, ISO 17799, and the Standard of Good Practice (SoGP) guides. This paper was originally published in SysAdmin magazine June 2007 issue.
Application Performance Monitoring with PasTmon
June, 2007This paper shows how to measure and monitor the performance of network applications through passive capturing of network traffic. The PasTmon utility is excellent for identifying performance problems in many network-based applications.
Trusting SELinux and the NSA
Friday June 1, 2007An Email conversation with a virtually-anonymous contact asking the question : "Should I trust SELinux?", which casts doubts about what the NSA may have put into it.
Backup Encryption
Thursday March 1, 2007CMP Media have published an article I wrote on Backup Encryption in the March 2007 issue of SysAdmin magazine. This article shows how you can easily encrypt your Linux/Unix backups using OpenSSL or GPG.
Best practices for Security Incident Response II
Monday Ocbober 30, 2006A second revision of the older Incident Response paper (below), based on a presentation at the Bright*Start Security Conference in Auckland, 2006. Describes best practices for responding to security incidents, aimed for an audience of IT managers and operations staff.
Tips on getting a CCNA Certification II
Saturday, October 1 2005I recently sat and passed the latest ( 640-801 ) Cisco CCNA ( Cisco Certified Network Associate ) Exam. This page contains useful tips and advice for the aspiring candidate.
Human Factors in Security Management
Tuesday August 30, 2005Now that technology is catching up to security risks, the next great hurdle is overcoming human factors in maintaining secure systems. This paper discusses how most security problems occurring in medium to large organisations are frequestly caused by the people working there.
DNS Security Protocols II: DNSSEC
October, 2004A paper demonstrating how to configure DNSSEC on DNS servers using the ISC BIND software.
DNS Security Protocols I: Dynamic Updates
September, 2004A paper published in SysAdmin magazine demonstrating how to configure secure Dynamic updates on DNS servers using the ISC BIND software.
A Security Review of the ASB Bank Netcode Authentication System
Saturday September 18, 2004A paper reviewing ASB Bank's Netcode authentication system which uses SMS Text messages to a user's cellphone to authenticate the online banking system.
Best practices for Security Incident Response
Thursday July 1, 2004A paper outling best practices for responding to security incidents. Recommended reading for anyone who will be handling security incidents.
An Introduction to Logsurfer
March, 2004A paper demonstrating the Logsurfer program which can be used to monitor log events on UNIX and LInux systems. This papers was originally published by SysAdmin Magazine in March, 2004.
Debunking the Microsoft Monoculture
Thursday February 26, 2004A critique of the CCIA paper, "CyberInsecurity: The Cost of Monopoly" which claims that the Microsoft monopoly has created a "Cyber monoculture" and that "our computer networks are now susceptible to massive, cascading failures.".
Hardening Internal Networks against Worms
Friday January 23, 2004Internet worms are becoming increasingly mobile and more agile at avoiding firewalls and other security devices. This paper looks into the problem, and offers advice on protecting the internal enterprise network against worm attacks.
Would you hire a hacker?
Friday July 3, 2003Would you or your company hire a hacker as a security consultant? Should you? If you want to get into security, should you prove your skills by illegally breaking into systems? This paper considers the reasons for and against hiring hackers.
An Introduction to SELinux
March 2003A paper introducing SELinux - the mandatory access control system for Linux. This paper was originally published in the March 2003 edition of SysAdmin magazine.
Tips on getting a CCNA Certification
Monday, October 7 2002I recently sat and passed the Cisco CCNA ( Cisco Certified Network Associate ) Exam. This page contains useful tips and advice for the aspiring candidate.
Recovering Linux systems with mkcdrec
September 2002Originally published in SysAdmin Magazine in 2002, this peper looks at how to recover Linux systems using a very useful tool called mkcdrec.
Web Application Security
Wednesday, July 2, 2002Web application security is often overlooked when deploying a web site. As long as a web server is protected by a firewall and has SSL encryption - it is secure. Right? Wrong.
The Travesty of Internal Security
Wednesday, April 24, 2002There are many statements being thrown around by IT Security professionals such as "80% of security breaches are caused by internal users/employees". This paper gives the reader a reality check on the statistics.
Requesting a Penetration Test
Friday, March 22, 2002Penetration tests are great ways to evaluate your IT security. This paper gives some advice ( learnt the hard way ) about how to go about requesting a penetration test.
CISSP
Friday, March 8, 2002I once sat the CISSP Exam - for Certified Information Systems Security Professional from ISC2. This paper has some comments, and useful advice for the aspiring candidate.
Kerberos in practice
Some practical advice in using Kerberos to secure Unix systems.