VanMorrison.com Iframe

Saw a virus alert today. A user performed an AOL Search (that alone should be banned in our end user behavior policy) on “van morrison” (another termination offense). He/She clicked on a link for www.vanmorrison.com. The antivirus detected an iframe attack. Manually looking at www.vanmorrison.com’s source, I currently see a iframe loading ‘http://iqsp.ru:8080/index.php’. Perhaps someone …

Continue reading ‘VanMorrison.com Iframe’ »

Barracuda’s Purchase of Purewire

The 451 Group has a blog entry on the Barracuda’s purchase of Purewire. I am currently evaluating Purewire. This article had some tidbits I hadn’t seen in other analysis. I had noted that the Security as a Service webspace was getting a bit crowded. ScanSafe as this article notes is the granddaddy of them all. …

Continue reading ‘Barracuda’s Purchase of Purewire’ »

Caching and Product AutoUpdaters.

I noticed today that Adobe Acrobat 9 Professional wasn’t able to download updates when “Help .> Check for Updates” is selected from within the product. Using Wireshark, I obtained the URLs used to request updates from Adobe. Comparing the results inside my network to those outside of the network, I determined that the BlueCoat proxy …

Continue reading ‘Caching and Product AutoUpdaters.’ »

BlueCoat ProxyClient

I’ve been interested in extending HTTP security out to our remote users. When users are in the office their HTTP traffic is antivirus scanned and URL filtered. When remote, they only have desktop antivirus to protect them. As more and more users are mobile, I think it is important to address this. BlueCoat offers a …

Continue reading ‘BlueCoat ProxyClient’ »

What they think I said – what I really said

Have you ever opened a tech support case by calling in, then later reviewed the case via a support web portal? Its kind of funny to see what is lost in the translation. A couple examples come to mind. Bluecoat. I open a ticket asking for help allowing access to gotoassist.com. This is a citrix …

Continue reading ‘What they think I said – what I really said’ »

The Caching Proxy and the ISP Webmail

Last Friday, one of the guys in the department noticed that when he signed into Cox webmail he would access Cox mailboxes belonging to other employees. He was even able to open messages in those accounts. I went back to my office and created a test account. There is an awful lot of potential confidentiality …

Continue reading ‘The Caching Proxy and the ISP Webmail’ »

The Day the Internet Traffic Stood Still

On Thursday we rolled out the Blue Coat web filter to the company. It was a bit more sudden than I had planned. I had planned to roll out slowly over a week and a half (still kind of quick), with the goal to be done by January 28th. Our Websense license expired on January …

Continue reading ‘The Day the Internet Traffic Stood Still’ »

Bluecoat Testing

On Friday, I ran into an issue with my Bluecoat evaluation. Bluecoat is an HTTP security and caching company. One of our developers couldn’t connect into a Webex session with an external company. So my time, the developers time and the external companies support time was wasted. I would have solved the problem quickly, but …

Continue reading ‘Bluecoat Testing’ »