Risky Business #105 -- RSA conference wrap plus X10 security
Fri, 04/24/2009 - 15:30
This week's show is brought to you by Check Point Software.
This week's show is a bit of a mixed bag. We chatted with 451 group analyst Paul Roberts live from the floor at the RSA conference in San Francisco. Then for something completely different we quizzed Adam Pointon about his adventures with X10 home automation equipment.
Check Point Australia's Steve MacDonald is this week's sponsor guest, and Adam Boileau was this week's news guest.
Tue, 04/28/2009 - 12:00
#2
I wouldn't recommend OS X A/V
I wouldn't recommend OS X A/V just yet.
while it's something to come in the future, I think you're still better off using a little common-sense, and something like Little Snitch.
Little snitch, is in essence a firewall, but it's rules are very customisable, and in particular I like that you can set a temporary rule something like,
allow terminal to send ICMP traffic until the process terminates.
So that way, I can say, yes, this application I've instructed to run does infact need to do this kind of network traffic, but only this time.
The reason I don't recommend OS X A/V just yet is that while it's becoming an emerging threat, the cost of CPU cycles / money / pain in the arse that AV gives isn't worth it.
If you REALLY want to put something on, you can start with the FOSS tools like Clamx AV (clam AV for os x) or tripwire (tripwire prevents writing to system files)
For paid tools, I've used Intego in the past and found it to be pretty effective. Also the dashboard widget and management interface is easy to use, and the context menu scanning (so right click, scan this file) is handy.
But I've since removed them and defer my os x security to a bit of common sense (ie. don't type in that admin password unless you're 100% sure the program needs it. Which is why real player _Still_ bugs me for the realplayer agent.)
Mon, 06/08/2009 - 18:33
#3
Hiya guys, I think it was
Hiya guys, I think it was episode 105 and someone mentioned something like BruteCon for password avoidance bootup.
This sounded like a handy tool for forensic investigations, and similar 0phcrack, does anyone have the correct name and link to the tool.
Thanks in advance.
Tue, 06/09/2009 - 11:59
#4
it's called kon-boot
Tue, 06/16/2009 - 09:55
#5
Thanks Patrick
Thanks Patrick
One of the things that was covered in this podcast was the lack of installed anti-virus on Mac OS X. One of the computers that I have is running Mac OS X and isn't running any AV.
What AV is available out there for OS X, what would people recommend and why?
Regards
Gold
Evolved Development +64 21 248-4653
http://evolved.net.nz/ gold@evolved.net.nz