Forgot your password?
typodupeerror

Comment: Depends on the industry (Score 1) 348

Some industries do make it a standard to disable firewalls on everything except perimeter devices. Networking talent is rare in these industries so it makes a certain amount of economic sense. You might be surprised to hear that SCADA and industrial control are one of the industries where this is common.

It's not totally crazy, either. If you know that if anything were to ever get on your internal network, you're going to be more diligent than usual about letting things on it. If you put all your eggs in the perimeter firewall basket and it's pretty good, then what's the problem?

Well, here's a big difference: the guy running your water plant is way different than the minimum wage guy you have running the till. The cashier has more incentive to attack the system, especially if he can get away with running a skimmer without getting caught. But the cashier has physical access to the system for several hours per day! What's the firewall going to do to stop him? He can just reboot the machine into an OS he controls, then turn off the firewall by writing to the disk directly.

There's another more important problem: if SQL Server Express is involved then I'll bet the PoS app is doing cleartext database writes, which might include credit card transactions in the future. If that's the case, the firewall has to be configured to allow these writes in cleartext. Mr. skimmer guy just needs to put a tap inline with the register's network port to get all this data, firewall or not. The app is the problem here.

Security is a people problem. Think about your staff and your vendors and choose them wisely. Until that's done pontificating about firewall best practices probably shouldn't be your first priority.

Comment: Powershell and other tools (Score 5, Informative) 427

by thalakan (#36053196) Attached to: Ask Slashdot: Moving From *nix To Windows Automation?

Powershell. The only tool that knows how to talk to all the different frameworks in Windows is Powershell. No other tool can talk to .NET, COM, WMI, native APIs (via P/Invoke), and external stdio based tools. If you can't do the automation you want using something in one of the above frameworks, you've got bigger problems than finding a good automation tool.

Since the test guy usually has to be a part time sysadmin too, you should be aware of these tools:

System update readiness tool: http://support.microsoft.com/kb/947821/en-us
WMI diagnostic utility: http://www.microsoft.com/downloads/en/details.aspx?familyid=d7ba3cd6-18d1-4d05-b11e-4c64192ae97d&displaylang=en
gplogview: http://www.microsoft.com/downloads/en/confirmation.aspx?familyId=BCFB1955-CA1D-4F00-9CFF-6F541BAD4563
Windows SDK (including debugging tools for windows): http://www.microsoft.com/downloads/en/details.aspx?FamilyID=35AEDA01-421D-4BA5-B44B-543DC8C33A20
ollydbg: http://www.ollydbg.de/
sysinternals suite: http://technet.microsoft.com/en-us/sysinternals/bb842062
Windows Management Framework: http://support.microsoft.com/kb/968929
WDK: http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=36a2630f-5d56-43b5-b996-7633f2ec14ff
WAIK: http://www.microsoft.com/downloads/en/details.aspx?familyid=696DD665-9F76-4177-A811-39C26D3B3B34&displaylang=en
Windows 7 SP1 WAIK supplement: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=0AEE2B4B-494B-4ADC-B174-33BC62F02C5D

If XP is involved, check out Windows SteadyState. It's like deepfreeze, if you've ever used that. qemu is also a great way to boot test machines and capture output at scale; using CoW disks you can have fresh machines every time you boot regardless if the test machines are XP or not.

Comment: It should work up to half a mile (Score 1) 338

by thalakan (#33307180) Attached to: Is RFID Really That Scary?

Lockheed Martin recently put out a press release about their magnetic communications system (MCS), which works at distances of up to half a mile through solid rock:

http://www.popsci.com/technology/article/2010-08/lockheed-develops-magnetic-communication-mine-safety

Although the MCS probably uses large coils and low wavelengths on both sides to achieve that impressive distance, typical RFID cards have small coils. To make up for this, very strong digitally controlled magnetic fields could be used to couple to a coil from far away. For example, see this implementation of a static 0.7 tesla magnet:

http://www.technologyreview.com/biomedicine/25527/page1/

A strong enough, highly directional magnetic field and a sensitive enough detector could couple all the way to the theoretical maximum distance permitted by the RFID card's frequency. Like the MCS, that distance is one third the wavelength of 125 KHz (1.5 miles), or half a mile.

"A great many people think they are thinking when they are merely rearranging their prejudices." -- William James

Working...