Last Updated: 2007-06-20 21:09:03 UTC
by Jim Clausing (Version: 1)
Complexity is bad for security
I've mentioned before that I read Spaf's blog. He doesn't post too often, but he had a story last week that really resonated with me (and he referenced the story where the Mac+ beat a new AMD machine running XP in 53% of the tests they ran). I started programming on machines where 256KB was a lot of RAM and 256MB was a lot of whole lot of disk (yes, I have been doing this a while). Everyone likes all their new features, but that has resulted in bloated unmaintainable code and the size and complexity has a cost in security.
Honeypot-type fake service scripts/tools
Also, these fake SMB tools have been out a couple of months, but I missed them until they were mentioned this morning on the Darknet blog. These are useful additions to the tools I run in my malware analysis environment to spoof other services. Also, on the French Honeynet Project tools page are fake SNMP tools that I'll have to take a look at too. Does anyone have a good compilation of these tools? Let me know via the contact page and I'll summarize the results next week.