NetworkAsia上有一篇Gregg Keizer的文章讲这次MS08-067与两年前,也就是2006年8月份的RPC漏洞MS06-040不是同一个原因。这句话援引的是微软公司的一个专家Michael Howard所述。这句话的下文是:所以大家并不应该对微软公司没有一起发现这个新的漏洞MS08-067感到惊讶。Howard最后还表示了他对于微软软件安全生命周期SDL(Security Development Lifecycle)的满意。坦白说,我对这位老兄的话还是也没有什么特别意见,软件吗,流程吗,测试吗,不可能完美,出个漏洞也不是什么新鲜事。
可是,这次MS08-067捅出的的篓子可不是一般漏洞可比。有一句话很准确地描述了其影响: 基本上指哪打哪!更为不幸的是,现在我们的桌面已经被Windows独占了,非关键应用也基本上跑在Windows服务器上,稍大型的企业都会有数百上千台Windows服务器。此类漏洞一出,基本上企业的IT基础设施都是“不设防”城市了。 Read more…
I like the idea in this article. The system designer need to have a global parameter to switch them on/off. The syslog level of these kind of log should be something like “informational”. Programmers must take it carefully, or the system performance might be impact.
Let’s consider another example – one in which an input validation routine finds a character potentially being used for SQL Injection. Note that this example uses “blacklisting” or “known-bad validation”, which is a less-than-ideal approach to input validation but one used often nonetheless:
if (!request.desc.indexOf(‘;’) != 0)
{ //possible SQL Injection character
log.fine("Possible SQL injection character ';' in request.desc
value of " + request.desc);
Cont’ to Security management deeply involved into enterprise infrastructure management
See the above diagram which is excerpted from Allot.com. At least in China, the billing policy of telco companies often choose a coarse-grained top-price, such as 120RMB(about 14$) per month. Under such a price, the bandwidth users can do anything they like, e.g downloading sea-volume vedio files with BT, eMule, and etc. According to many statistics, traffic from such P2P-based file sharing eats-up about more than 70 percent of the total bandwidth of MANs, and might be even more at night.
So for a bandwidth access service provider, in order to increase its ARPU and better the network efficiency, it must find ways to categarize their traffic, such as non-P2P and P2P, and bill differently.
In other side, the traffic categarization helps defense the Denial of Service (DoS) attack to its network infrastructure.
Recent Comments