Papers

Here is a collection of technical papers, mostly about information security, that I have written over the past few years.


Transparent Web Proxying with Cisco, Squid, and WCCP

July, 2010
This paper shows how to implement transparent web caching using a Cisco router as a gateway and the Squid caching proxy server. The WCCP protocol is used to register the proxy to the router to provide seamless and scalable transparent proxying of web traffic.


The Best Guides for Managing Information Security

July, 2007
This paper reviews the best security guides available on the Internet : including the Open Source Security Testing Methodology, various NIST Guides, ISO 17799, and the Standard of Good Practice (SoGP) guides. This paper was originally published in SysAdmin magazine June 2007 issue.


Application Performance Monitoring with PasTmon

June, 2007
This paper shows how to measure and monitor the performance of network applications through passive capturing of network traffic. The PasTmon utility is excellent for identifying performance problems in many network-based applications.


Trusting SELinux and the NSA

Friday June 1, 2007
An Email conversation with a virtually-anonymous contact asking the question : "Should I trust SELinux?", which casts doubts about what the NSA may have put into it.


Backup Encryption

Thursday March 1, 2007
CMP Media have published an article I wrote on Backup Encryption in the March 2007 issue of SysAdmin magazine. This article shows how you can easily encrypt your Linux/Unix backups using OpenSSL or GPG.


Best practices for Security Incident Response II

Monday Ocbober 30, 2006
A second revision of the older Incident Response paper (below), based on a presentation at the Bright*Start Security Conference in Auckland, 2006. Describes best practices for responding to security incidents, aimed for an audience of IT managers and operations staff.


Tips on getting a CCNA Certification II

Saturday, October 1 2005
I recently sat and passed the latest ( 640-801 ) Cisco CCNA ( Cisco Certified Network Associate ) Exam. This page contains useful tips and advice for the aspiring candidate.


Human Factors in Security Management

Tuesday August 30, 2005
Now that technology is catching up to security risks, the next great hurdle is overcoming human factors in maintaining secure systems. This paper discusses how most security problems occurring in medium to large organisations are frequestly caused by the people working there.


DNS Security Protocols II: DNSSEC

October, 2004
A paper demonstrating how to configure DNSSEC on DNS servers using the ISC BIND software.


DNS Security Protocols I: Dynamic Updates

September, 2004
A paper published in SysAdmin magazine demonstrating how to configure secure Dynamic updates on DNS servers using the ISC BIND software.


A Security Review of the ASB Bank Netcode Authentication System

Saturday September 18, 2004
A paper reviewing ASB Bank's Netcode authentication system which uses SMS Text messages to a user's cellphone to authenticate the online banking system.


Best practices for Security Incident Response

Thursday July 1, 2004
A paper outling best practices for responding to security incidents. Recommended reading for anyone who will be handling security incidents.


An Introduction to Logsurfer

March, 2004
A paper demonstrating the Logsurfer program which can be used to monitor log events on UNIX and LInux systems. This papers was originally published by SysAdmin Magazine in March, 2004.


Debunking the Microsoft Monoculture

Thursday February 26, 2004
A critique of the CCIA paper, "CyberInsecurity: The Cost of Monopoly" which claims that the Microsoft monopoly has created a "Cyber monoculture" and that "our computer networks are now susceptible to massive, cascading failures.".


Hardening Internal Networks against Worms

Friday January 23, 2004
Internet worms are becoming increasingly mobile and more agile at avoiding firewalls and other security devices. This paper looks into the problem, and offers advice on protecting the internal enterprise network against worm attacks.


Would you hire a hacker?

Friday July 3, 2003
Would you or your company hire a hacker as a security consultant? Should you? If you want to get into security, should you prove your skills by illegally breaking into systems? This paper considers the reasons for and against hiring hackers.


An Introduction to SELinux

March 2003
A paper introducing SELinux - the mandatory access control system for Linux. This paper was originally published in the March 2003 edition of SysAdmin magazine.


Tips on getting a CCNA Certification

Monday, October 7 2002
I recently sat and passed the Cisco CCNA ( Cisco Certified Network Associate ) Exam. This page contains useful tips and advice for the aspiring candidate.


Recovering Linux systems with mkcdrec

September 2002
Originally published in SysAdmin Magazine in 2002, this peper looks at how to recover Linux systems using a very useful tool called mkcdrec.


Web Application Security

Wednesday, July 2, 2002
Web application security is often overlooked when deploying a web site. As long as a web server is protected by a firewall and has SSL encryption - it is secure. Right? Wrong.


The Travesty of Internal Security

Wednesday, April 24, 2002
There are many statements being thrown around by IT Security professionals such as "80% of security breaches are caused by internal users/employees". This paper gives the reader a reality check on the statistics.


Requesting a Penetration Test

Friday, March 22, 2002
Penetration tests are great ways to evaluate your IT security. This paper gives some advice ( learnt the hard way ) about how to go about requesting a penetration test.


CISSP

Friday, March 8, 2002
I once sat the CISSP Exam - for Certified Information Systems Security Professional from ISC2. This paper has some comments, and useful advice for the aspiring candidate.


Kerberos in practice


Some practical advice in using Kerberos to secure Unix systems.