Happy 22nd Birthday TaoSecurity Blog
Tao Security
by
1M ago
Happy birthday TaoSecurity Blog, born on this day in 2003! The best way to digest the key lessons from this site is to browse my four volume Best of TaoSecurity Blog book series, published in 2020. It's available in print as seen here, or as a properly formatted HTML-based digital book -- none of that PDF-based fixed format nonsense. Each book is a theme-centric collection of posts with new commentary for each entry. Some of what I wrote stood the test of time, and some did not. See what you think. Or, just scroll backwards through this site. Thank you to Blogspot and Google for hosting ..read more
Visit website
What Are Normal Users Supposed to Do with IDS Alerts from Network Gear?
Tao Security
by
4M ago
Probably once a week, I see posts like this in the r/Ubiquiti subreddit. Ubiquiti makes network gear that includes an "IDS/IPS" feature. I own some older Ubiquiti gear so I am familiar with the product. When you enable this feature, you get alerts like this one, posted by a Redditor: This is everything you get from Ubiquiti.   The Redditor is concerned that their system may be trying to compromise someone on the Internet. This is my answer to how to handle these alerts.   == This is another example of this sort of alert being almost worthless for most users. The key is trying ..read more
Visit website
My First Book is 20 Years Old Today
Tao Security
by
7M ago
On this day in 2004, Addison-Wesley/Pearson published my first book, The Tao of Network Security Monitoring: Beyond Intrusion Detection. This post from 2017 explains the differences between my first four books and why I wrote Tao.  Today, I'm always thrilled when I hear that someone found my books useful.  I am done writing books on security, but I believe the core tactics and strategies in all my books are still relevant. I'm not sure that's a good thing, though. I would have liked to not need the tactics and strategies in my book anymore. "The Cloud," along with so many other dev ..read more
Visit website
Retrieving Deleted Files on the Commodore C64 in 1987
Tao Security
by
9M ago
When I was a sophomore in high school, from 1987 to 1988, my friend Paul and I had Commodore C64 computers. There was a new graphical user interface called GEOS that had transformed the way we interacted with our computers. We used the C64 to play games but also write papers for school. One day Paul called me. He was clearly troubled. He had somehow dragged his newly completed term paper into the trash bin instead of the printer. If I recall correctly, back then they were right next to each other (although the screen shot above shows them separate).  Paul asked if I knew any tricks that ..read more
Visit website
My Last Email with W. Richard Stevens
Tao Security
by
1y ago
  In the fall of 1998 I joined the AFCERT. I became acquainted with the amazing book TCP/IP Illustrated, Volume 1: The Protocols by W. Richard Stevens. About a year later I exchanged emails with Mr. Stevens. Here is the last exchange, as forwarded from my AFCERT email address to my home email. From "Capt Richard Bejtlich - Real Time Chief" Mon Sep  6 18:27:35 1999 X-Mozilla-Keys:                                                        &nbs ..read more
Visit website
Key Network Questions
Tao Security
by
1y ago
  I wrote this on 7 December 2018 but never published it until today. The following are the "key network questions" which "would answer many key questions about [a] network, without having to access a third party log repository. This data is derived from mining Zeek log data as it is created, rather than storing and querying Zeek logs in a third party repository." This is how I was thinking about Zeek data in the second half of 2018. 1. What networking technologies are in use, over user-specified intervals?    1. Enumerate non-IP protocols (IPv6, unusual Ethertypes)   &n ..read more
Visit website
Cybersecurity Is a Social, Policy, and Wicked Problem
Tao Security
by
1y ago
Cybersecurity is a social and policy problem, not a scientific or technical problem. Cybersecurity is also a wicked problem. In a landmark 1973 article, Dilemmas in a General Theory of Planning, urban planners Horst W. J. Rittel and Melvin M. Webber described wicked problems in these terms: “The search for scientific bases for confronting problems of social policy is bound to fail, because of the nature of these problems. They are ‘wicked’ problems, whereas science has developed to deal with ‘tame’ problems. Policy problems cannot be definitively described. Moreover, in a pluralistic society ..read more
Visit website
Core Writing Word and Page Counts
Tao Security
by
1y ago
I want to make a note of the numbers of words and pages in my core security writings. The Tao of Network Security Monitoring / 236k words / 833 pages Extrusion Detection / 113k words / 417 pages The Practice of Network Security Monitoring / 97k words / 380 pages The Best of TaoSecurity Blog, Vol 1 / 84k words / 357 pages The Best of TaoSecurity Blog, Vol 2 / 96k words / 429 pages The Best of TaoSecurity Blog, Vol 3 / 89k words / 485 pages The Best of TaoSecurity Blog, Vol 4 / 96k words / 429 pages The total is 811k words and 3,330 pages. Copyright 2003-2020 Richard Bejtlich and TaoSecurity ..read more
Visit website
Happy 20th Birthday TaoSecurity Blog
Tao Security
by
2y ago
Happy 20th birthday TaoSecurity Blog, born on 8 January 2003.  Thank you Blogger Blogger (now part of Google) has continuously hosted this blog for 20 years, for free. I'd like to thank Blogger and Google for providing this platform for two decades. It's tough to find extant self-hosted security content that was born at the same time, or earlier. Bruce Schneier's Schneier on Security is the main one that comes to mind. If not for the wonderful Internet Archive, many blogs from the early days would be lost. Statistics In my 15 year post I included some statistics, so here are a few, cur ..read more
Visit website
TaoSecurity on Mastodon
Tao Security
by
2y ago
I am now using Mastodon as a replacement for the blue bird. This is my attempt to verify myself via my blog. I am no longer posting to my old bird account. Copyright 2003-2020 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com ..read more
Visit website

Follow Tao Security on FeedSpot

Continue with Google
Continue with Apple
OR