domstat.net

Website loading time

during the test: 1.98 s

cable connection (average): 2.35 s

DSL connection (average): 2.72 s

modem (average): 22.3 s

HTTP headers

HTTP/1.0 200 OK

Content-Type: text/html; charset=UTF-8

Expires: Sat, 15 Oct 2011 19:42:37 GMT

Date: Sat, 15 Oct 2011 19:42:37 GMT

Cache-Control: private, max-age=0

Last-Modified: Sat, 15 Oct 2011 18:13:45 GMT

ETag: "6ebf3fc4-cd58-494d-91d2-bb0e7a3873a8"

X-Content-Type-Options: nosniff

X-XSS-Protection: 1; mode=block

Server: GSE

Information about DNS servers

Received from the first DNS server

Request to the server "taosecurity.blogspot.com"
Received 42 bytes from address 213.251.188.129#53 in 106 ms
Request to the server "taosecurity.blogspot.com"
You used the following DNS server:
DNS Name: dns10.ovh.net
DNS Server Address: 213.251.188.129#53
DNS server aliases:

Host taosecurity.blogspot.com not found: 5(REFUSED)
Received 42 bytes from address 213.251.188.129#53 in 103 ms

Received from the second DNS server

Request to the server "taosecurity.blogspot.com"
Received 42 bytes from address 213.251.128.129#53 in 107 ms
Request to the server "taosecurity.blogspot.com"
You used the following DNS server:
DNS Name: ns10.ovh.net
DNS Server Address: 213.251.128.129#53
DNS server aliases:

Host taosecurity.blogspot.com not found: 5(REFUSED)
Received 42 bytes from address 213.251.128.129#53 in 110 ms

Subdomains (the first 50)

Typos (misspells)

Location

IP: 209.85.175.132

continent: NA, country: United States (USA), city: Mountain View

Website value

rank in the traffic statistics:

There is not enough data to estimate website value.

Basic information

website build using CSS

code weight: 142.23 KB

text per all code ratio: 20 %

title: TaoSecurity

description:

keywords:

encoding: UTF-8

language: en

Website code analysis

one word phrases repeated minimum three times

two word phrases repeated minimum three times

three word phrases repeated minimum three times

B tags

This is not a political blog, so I'm not here to endorse candidates. However, I do want to point out another example of high-level policymakers discussing ongoing activities by China against the US and other developed economies.First, the Washington Post published an editorial by Mitt Romney which included the following:China seeks advantage through systematic exploitation of other economies. It misappropriates intellectual property by coercing “technology transfers” as a condition of market access; enables theft of intellectual property, including patents, designs and know-how; hacks into foreign commercial and government computers

The result is that China sells high-quality products to the United States at low prices. But too often the source of that high quality is American innovations stolen by Chinese companies.

I missed this in August, but former ambassador to China Jon Huntsman said the following during a debate:Huntsman Jr. pointed to China as a culprit in what he described as “the new war field” — cyber-intrusion as a way to steal corporate and government secrets.

It’s gone beyond the pale

Tony notes that the escalation in threat activity during the last few years is real. He is in a position to know, given he has worked at NSA since the 1970s. Tony says the threat activity is getting people's attention now, especially at more senior levels of the government and industry. Now targeted organizations are thinking beyond the question "does this affect my company" to "does this affect my industry?"Tony explains that a generational effect may account for the change in awareness. More senior leaders grew up with technology, so they know how to think about it. There is also more public reporting on serious security incidents today.My favorite quote was:"If you're not a little concerned, you haven't been paying attention."

[T]his is the most powerful secret service

"The history of China’s espionage activities on Russian armaments is not only limited to one precedent or one type of weapons. One of the top Chinese priorities is to produce complete replicas of Russia’s best machines and weapons

This is a truly purpose-oriented strategy of a large country - snatch anything you can and reproduce it domestically

First, I was impressed by the attitudes of all those involved with HPSCI, from the staffers to the Representatives themselves. They were all courteous and wanted to hear the opinions of Kevin and the other two witnesses (Art Coviello from RSA and Michael Hayden from the Chertoff Group), whether before, during, or after the hearing.Second, I thought Reps Mike Rogers (R-MI, HPSCI Chairman) and C.A. Dutch Ruppersberger (D-MD, HPSCI Ranking Member) offered compelling opening statements. Rep Rogers squarely pointed the finger at our overseas adversaries. As reported by PCWorld in U.S. Lawmakers Point to China as Cause of Cyberattacks, Rep Rogers said:"I don't believe that there is a precedent in history for such a massive and sustained intelligence effort by a government to blatantly steal commercial data and intellectual property...China's economic espionage has reached an intolerable level and I believe that the United States and our allies in Europe and Asia have an obligation to confront Beijing and demand that they put a stop to this piracy."You can watch all of Rep Rogers' statement on YouTube as Rep. Mike Rogers criticizes Chinese economic cyber-espionage (currently 21 views -- let's increase that!)General Hayden reinforced Rep Rogers' sentiment with this quote:"As a professional intelligence officer, I step back in awe of the breadth, the depth, the sophistication, the persistence of the Chinese espionage effort against the United States of America."Third, I was very pleased that this hearing was conducted in an open forum, and not behind closed doors. While I haven't found the whole hearing online or on TV yet (aside from Rep Rogers' statement and that of Rep Myrick (R-NC)), I encourage as much discussion as possible about this issue. One of General Hayden's points was that we are not having a debate about how to address digital threats because no one agrees what the facts are.

U tags

I tags

(Photo: Business Insider)This is not a political blog, so I'm not here to endorse candidates. However, I do want to point out another example of high-level policymakers discussing ongoing activities by China against the US and other developed economies.First, the Washington Post published an editorial by Mitt Romney which included the following:China seeks advantage through systematic exploitation of other economies. It misappropriates intellectual property by coercing “technology transfers” as a condition of market access; enables theft of intellectual property, including patents, designs and know-how; hacks into foreign commercial and government computers...The result is that China sells high-quality products to the United States at low prices. But too often the source of that high quality is American innovations stolen by Chinese companies.

Huntsman Jr. pointed to China as a culprit in what he described as “the new war field” — cyber-intrusion as a way to steal corporate and government secrets. “Not only have government institutions been hacked into, but private individuals have been hacked, too. It’s gone beyond the pale,” Huntsman said.

Today at MIRCon I mentioned that one of my colleagues, Jeff Yeutter, had updated the somewhat famous CERT/CC study of CIRT characteristics as part of his degree program. Jeff posted the survey online as Computer Incident Response Team Organizational Survey, 2011 with this description:In 2003, the CERT CSIRT Development Team (www.CERT.org) released a study on the state of international computer security incident response teams with the goal of providing "better insight into various CSIRT organizational structures and best practices" for new and existing members of the CSIRT community (Killcrece, Kossakowski, Ruefle, & Zajicek, 2003). The attached survey, a modified form of the original, will be used to update the 2003 study with a greater focus on the methods of organization used by American and international CIRTs, the tools that they employ, and how these vary across organizations of different sizes and industries.This research is being conducted, and is independently funded, by Jeff Yeutter, Technical Sales Executive at Mandiant, as the final project for his Master's in Information Systems with a concentration in Computer Security Management at Strayer University. This survey will also be distributed to members of the Forum of Incident Response and Security Teams (www.FIRST.org) with the assistance of Richard Bejtlich, Chief Security Officer and VP, MCIRT, at Mandiant.No identifying information is required to complete this survey. Participants may include such information if they are interested in immediately being notified of the results of the study once it is complete, or if they would like to make themselves available for follow-up questions. Any and all identifying personal or professional identifying information offered by participants will be held in strict confidence. The results of this study, minus any identifying information, may be included in a future, cost-free whitepaper.The original CERT study from 2003 can be found at: www.cert.org/archive/pdf/03tr001.pdfThe time to complete this survey is approximately 10-15 minutes.

Tony Sager from the NSA is one of my Three Wise Men. (Dan Geer and Ross Anderson are the other two.) Eric Parizo from SearchSecurity.com interviewed Tony this week and posted the video online. Tony notes that the escalation in threat activity during the last few years is real. He is in a position to know, given he has worked at NSA since the 1970s. Tony says the threat activity is getting people's attention now, especially at more senior levels of the government and industry. Now targeted organizations are thinking beyond the question "does this affect my company" to "does this affect my industry?"Tony explains that a generational effect may account for the change in awareness. More senior leaders grew up with technology, so they know how to think about it. There is also more public reporting on serious security incidents today.My favorite quote was:"If you're not a little concerned, you haven't been paying attention."

Thanks to a source who wishes to remain anonymous, I read Chinese spy mania sweeps the world, an article not from a Western publication. Rather, it's from Voice of Russia. Does any of this sound familiar?[T]his is the most powerful secret service based on the principle of attracting all ethnic Chinese, wherever they may live. An adherent of the “total espionage” strategy, Beijing even encourages emigration in the hope that its citizens will remain loyal to and useful for their historical homeland after moving to another country..."The history of China’s espionage activities on Russian armaments is not only limited to one precedent or one type of weapons. One of the top Chinese priorities is to produce complete replicas of Russia’s best machines and weapons, from the Sukhoi Su-33 fighter jet to missiles, aircraft carriers and so on. This is a truly purpose-oriented strategy of a large country - snatch anything you can and reproduce it domestically," ["IT expert"] Andrei Masalovich points out.

Russia's secretive spy agency, the Federal Security Service (FSB), issued a rare statement Wednesday claiming the state had arrested a Chinese citizen who, posing as a translator for official delegations, was working under the direction of the Chinese government in an attempt to buy state secrets from Russians about Russia's S-300 missile system.

(Photo credit: AINOnline)I just read Big New Chinese Order for Russian Fighter Engines at China Defense Blog, which quoted AINOnline:China has placed additional orders for Russian AL-31-series fighter engines. State arms trade agency Rosoboronexport clinched two big contracts earlier this year...To serve them, Salut has established partnerships with Limin Corp. and Tyan Li company in Chengdu on deliveries and manufacturing of spare parts for both the AL-31F and the AL-31FN. Russia has also agreed to provide all necessary maintenance and repair documentation to the Chinese partners.

The House Cybersecurity Task Force released its report (.pdf) today. NextGov offers a good summary in their story House GOP Cyber Task Force Touts Industry Leadership by Jessica Herrera-Flanigan.The report includes the following recommendation:Companies, including Internet Service Providers (ISPs) and security and software vendors, are already conducting active operations to mitigate cybersecurity attacks. However, these are largely done independently according to their individual business interests and priorities. Congress should facilitate an organization outside of government to act as a clearing house of information and intelligence sharing between the government and critical infrastructure to improve security and disseminate real-time information designed to help target and defeat malicious cyber activity.

Today I was fortunate to attend a hearing of the US House Permanent Select Committee on Intelligence (HPSCI). That's me on the far left of the photo, seated behind our MANDIANT CEO Kevin Mandia. I'd like to share a few thoughts on the experience.First, I was impressed by the attitudes of all those involved with HPSCI, from the staffers to the Representatives themselves. They were all courteous and wanted to hear the opinions of Kevin and the other two witnesses (Art Coviello from RSA and Michael Hayden from the Chertoff Group), whether before, during, or after the hearing.Second, I thought Reps Mike Rogers (R-MI, HPSCI Chairman) and C.A. Dutch Ruppersberger (D-MD, HPSCI Ranking Member) offered compelling opening statements. Rep Rogers squarely pointed the finger at our overseas adversaries. As reported by PCWorld in U.S. Lawmakers Point to China as Cause of Cyberattacks, Rep Rogers said:"I don't believe that there is a precedent in history for such a massive and sustained intelligence effort by a government to blatantly steal commercial data and intellectual property...China's economic espionage has reached an intolerable level and I believe that the United States and our allies in Europe and Asia have an obligation to confront Beijing and demand that they put a stop to this piracy."

"As a professional intelligence officer, I step back in awe of the breadth, the depth, the sophistication, the persistence of the Chinese espionage effort against the United States of America."

Amazon.com just posted my five star review of Robust Control System Networks by Ralph Langner. From the review:I am not an industrial control systems expert, but I have plenty of experience with IT security. I read Robust Control System Networks (RCSN) to learn how an ICS expert like Ralph Langner think about security in his arena. I was not disappointed, and you won't be if you keep an open mind and remember IT security folks aren't the target audience. After reading RCSN I have a greater appreciation for the problems affecting the ICS world and how that community should address the fragility of its environment.

images

headers

H1

H2

Thursday, October 13, 2011

Tuesday, October 11, 2011

Friday, October 07, 2011

Thursday, October 06, 2011

Tuesday, October 04, 2011

Wednesday, September 28, 2011

Sunday, September 25, 2011

Blogging Since 8 Jan 2003

About Me

twitter.com/taosecurity

TCP/IP Weapons School 3.0

Books by Richard Bejtlich

Association of Former Information Warriors

Digital Forensics Magazine

BSD Magazine

Blog Archive

Labels

H3

Thursday, October 13, 2011

Tuesday, October 11, 2011

Friday, October 07, 2011

Thursday, October 06, 2011

Tuesday, October 04, 2011

Wednesday, September 28, 2011

Sunday, September 25, 2011

Blogging Since 8 Jan 2003

About Me

twitter.com/taosecurity

TCP/IP Weapons School 3.0

Books by Richard Bejtlich

Association of Former Information Warriors

Digital Forensics Magazine

BSD Magazine

Blog Archive

Labels

H4

H5

H6

internal links

external links