FlipsideReality Once upon a time, in a land far far away…

Slashdot | Do You Allow Webmail Use on Your Network?

Slashdot | Do You Allow Webmail Use on Your Network?
Man, was this ever timely. I just finished setting up a very complete solution for my current location (forward deployed military in the M.E.). Yes, of course I allow Webmail access. Everyone relies on it for 'reach-back' capability. What I do in an attempt to secure things is to setup a very complete firewall/filtering/etc. box. Is it perfect? No, but it's very effective. I'm running a Linux box with a slew of services(HAVP, P3Scan, ProxSMTP, HAVP, Privoxy, frox, ClamAV, RenAttach, Rules Du Jour and of course IPTables plus a bunch of others) and have had outstanding success. I recommend just using IPCop BOT CopFilter if you need something quick and relatively painless. I also do regular automated Nessus scans, etc. Man I love my job!

How to Find 100,000+ Web Proxies

I-Hacked.com Taking Advantage Of Technology - How to Find 100,000+ Web Proxies and the State of Internet Censorship in the U.S.

search google for:
"Include Form" "Remove Scripts" "Accept Cookies" "Show Images" "Show Referer" "Rotate13" "Base64" "Strip Meta" "Strip Title" "Session Cookies" "New Window"

Wireless Forensics: Tapping the Air – Part Two

Wireless Forensics: Tapping the Air - Part Two

Computerworld – Overlay network for security policies

Computerworld - Overlay network for security policies
Here a few tips to get around the deployment limitations of IPSec and Internet Key Exchange protocol

CERTStation

the CERTStation Threat level Aggregator displays the current threat level, in real-time, as assessed by 8 of the Internet's leading vulnerability watch services such as Symantec Threatcon, ISS Alertcon and SANS Infocon on one publically accessible Web page. Well, that saves a lot of daily trudging! CERTStation