Raesene's Ramblings

As Details emerge of first cell phone worm, it shouldn't really be a suprise to anyone that this has happeneed as more and more functionality is added to phones and the codebase size increases, we can expect to see more malicious code taking advantage of those vulnerabilities (I wonder when we'll see the first mobile phone A-V software ;op)
Whilst the current virus hasn't really had a huge impact, it is quite easy to see how one could be pretty devastating. For example the current one is spread via bluetooth which is fairly short range, however if a virus was able to cause a phone to dial all the numbers in it's phonebook and transmit itself over this channel (or perhaps via a text message) you could see a pretty fast and wide spread....
One point that, at the moment, mobile phones have in their favour over the PC world is that there is no one dominant OS or vendor, so any virus would automatically have a limited spread...

I came across an interesting site called Linux-Forensics.com. It's a good resource dedicated to the use of Linux in computer forensics
Whilst in general I like the idea of using Linux in alot of places, it'll have a uphill struggle in this area, I think, up against the likes of Encase . One reason for this is that, at least in the UK, Encase is recognised by the police and the courts as being a reliable forensic tool, the evidence from which can be admissable in court. So it would be a brave forensic investigator who used something else, which he would doubtless have more trouble justifying in court.
That said not every forensic analysis ends up in court and encase is a tad on the pricy side.....

Web Services Are Biggest Security Challenge
An interesting article reporting on Netsec 2004, it focuses on some of the challenges facing web services security. I definately agree with the point that's made in the article about the problem of how contracts between web services will be negotiated. Initially when I saw information about UDDI I thought it looked cool for internal applications, but for external B2B, there needs to be something more, as suppliers will inevitably want to charge for their webservices and customers will inevitably want some guarantees about the service they'll be getting....

Wi-Fi Networking News
Handy site, I like the little hotspot locator in the corner...

Here's another article around the idea of policy enforcement, this time on Switches.
As I said previously I think that this is the right way to go about it. If it is possible to block a machine from getting on the network if it doesn't meet certain criteria, then it would be possible not only to reduce the incidence of virii/worms in corporate networks, it might also provide some defence from non-corporate machines being placed on the network.

SecurityFocus HOME Infocus: Wireless Attacks and Penetration Testing (part 2
Second part of an interesting article on Wireless Pen Testing.

Came across an interesting sourceforge site with lots of hints and tips on things like Linux, MySQL and bash, oddly it's called Souptonuts

SecurityFocus HOME Infocus: TCP/IP Skills for Security Analysts (Part 2)
The second part of the article on TCP/IP skills for security analysts is up on securityfocus.com

The story over at SecurityFocus HOME News: Unpatched IE vuln exploited by adware provides an example of a valuable point, which is that it is not just "white hat" security researchers that are looking for bugs in Microsoft, and other, products. Which is why it's important that vendors get their patches out as soon as they can and don't take up to 200 days to release it...

Over at www.xmethods.net there's a really cool list of functional web services.
With each there's a link so you can try them out. It's a pretty diverse bunch including practical things like curency conversion and less practical things like... random George W Bush quotes