Friday, September 30, 2005

NAT Gateway

My Firewall admin have just gave me an user account to connect to our internal Firewall in order to verify it´s configuration. After about 4 months, he finnaly gave me a "read-only" account.
When I first connect I was impressed: our internal firewall (who was supposed to isolate our engineer network) has 8 policy rules and around 80 NAT rules. As the last access rule (of 8) is a "default permit" rule (anything from anywhere can pass), I named it as our new "NAT Gateway" security equipment.
From now on, a "NAT Gateway" is a special-purpouse security device that contains no usefull security rules, only lots of NAT rules.

Spam at Work

The spammers are getting more and more creative erevyday. We can find SPAM messages almost everywhere.
I have just received two SPAM messages on my orkut´s scrapbook !!! They are spamming Orkut !!!
I´ve also received SPAM comments on my personal blog ! Amazing....

Friday, September 23, 2005

The BOFH-style Excuse Server

I must post here the most useful thing that we could ever find on Internet: The BOFH-style Excuse Server.
This is a useful tool that all sysadmins and IT professionals should use on a regular basis.

Exclusive: New high dungerous attack

Yesterday night we discovered a brand-new computer-related attack: the "version overflow".
There is no known possible solution to this. This could affect all systems conected worldwide.
Our security-many-certifications-expert had discovered it by running the newest version of an award-winning-worldwide-leader OS.
The "version overflow" problem occur when we try to run an application that is a version above the one that is currently supported. For example, if you try to access a website that recquires .Net framework 1.1 and you hv version 2 installed.

Welcome

Welcome to this blog.
I´ve been working with security for about 10 years. I started as an SYSADMIN and Firewall operator, then I started working with security products support on a major reseller and moved to a job as a Security Officer.
I´m now working on a American security-related company on its Product Area.
I´ve many historys to tell, and I hope I´ll post the most interensting and funny here.
This blog is based on a material I´ve first seen when I am a UNIX sysadmin on my earlier job: "The Bastard Operator from Hell" (BOFH). There are numerous websites about this novel, but It seems that the official one is hosted at http://bofh.ntk.net/Bastard.html.