Keep an eye on what those suppliers’ men doing

February 27, 2006

According to a news from,  an auditor of McAfee from Deloitte & Touche USA losed the information CD where contains much of privacy information of McAfee’s employees. It’s a security incident happening outside of cyber space security.

Deloitte & Touche confirmed the incident. “A Deloitte & Touche employee left an unlabelled backup CD in an airline seat pocket,” a representative for the professional services firm said. “We are not aware of any unauthorized access to this data in the two months since the CD was lost.”

The McAfee incident is the latest in a string of data security breaches. In the last 12 months, more than 53 million personal records have been exposed in dozens of incidents, according to information compiled by the Privacy Rights Clearinghouse.

McAfee has arranged for past and present U.S. employees to receive free services for up to two years from credit reporting agency Equifax. Similar arrangements are being made with a credit monitoring provider for Canadian employees, MacDermott said.

Another news reported that an engineer from UTstarcom, named Zhihan Cheng, intruded into the deposit card system of Beijing Mobile, which is one of the largest provincial company of China Mobile. The intruder stole cards and numbers with value of up to millions of RMB (about 400KUSD). According to the report, Zhihan exploited the pass code he kept when he worked for Tibet Mobile, as a Huawei service engineer.  It give us a lot of hint of how to lock down your system: delete those temporary accounts, change the password after the project turn key, segment and segregate your networks, harden your application… 

That’s a security incident happening at the cyber space security, driven by money.

Both of them are done by the employees from the providers, which we should pay more attention.  In order to magnify their core value and competitiveness, the telco companies are outsourcing more and more business to the partners, for product implementation, optimization, maintenance, auditing and etc. That means more and more 3rd part engineers are working tegather with their own employees, sharing the same internal networks and some other resources. It must be becoming a great challenge for security management in the recent years.  The IT managers should keep an eye on what those suppliers’ men are doing at your territory.


Netclarity’s VQS and FirewallBooster

February 27, 2006

Auditor is a vulnerability management product by Netclarity. It helps security administrators manage vulnerabilities based on its vul. database which is synchonized to CVE remotely. VQS and Firewallbooster are highlights of this product.

VQS(Vulnerability Quarantine System) is a sort of clientless (agentless) vulnerability management tech. It uses technology-mapping to identify the OS and applications of the target of protection. If some vulnerabilities of high priority are found, then it can notify the firewalls (or routers, swithces) to filter out the corresponding networking communication related to those vulnerabilities or even the whole host. Netclarity calls it "Firewallbooster" technology. Although "Firewallbooster" is policy based, I am afraid it will scare the administrators away by high "false positive", especially for those mission critical back-end servers.

Compared with CA's eTrust Vulnerability Manager, IMHO, Netclarity's Auditor doesn't provide any advantages to the customer at all, while it lacks auto inventory and built-in risk model.

通过Google Reader和Yahoo来继续关注Telecom,Security and P2P

February 23, 2006

从春节以来,Wordpress.com已经被国内封锁有三周多了,并且还没有解封的迹象。当然,大家还可以通过配置国外代理来继续访问WP上面的Blog,但是毕竟不方便,这里有一个较为方便的方法,就是使用Google Reader或者Yahoo的RSS网络阅读器,只要你已经有Gmail的帐号就可以Google Reader,有Yahoo.com的邮件帐号就可以Yahoo的网络RSS Reader。具体订阅方法:

Google Reader:

My Yahoo:


PageRank upgraded to 4 from 3

February 23, 2006

My page rank is under “changing” now. see the below diagram by

PageRank Upgrade to 4
Technorati Tags: ,

Security Risk Ratings

February 23, 2006

There is one interesting view point regarding to the security risk ratings by those famous security companies and organizations. 

Symantec Threatcon is Level 3: High (currently at 1, max 4)

ISS Alertcon is Level 2 and says we will be at this level until Jan 6 (currently at 1, anticipated through Feb 2, max 4)

SANS is at Yellow (currently at Green, 1 of 4)

i agree to some point of the author. that’s not helpful to one specific organization, but at one statistically perspective, it’s of some value. at the age of web2.0, we can summarize all those “subjective” ratings to a more-general one.

Technorati Tags:


February 22, 2006

LuXun’s hometown at Zhejiang Shaoxing



February 21, 2006


知道三乌文化吗?感兴趣的请参见详细介绍百度知道中的答案。简单说,就是指:乌篷船、梅干菜、黑毡帽。其实对我印象最深的是船工使用脚来划船,船工轻松自得的动作还透着一种对家乡的自豪。中间有个小插曲,船工的乌毡帽听好看的,轮到我们上船时却发现船工没有带,心里稍微有些失望。我觉得不能让老婆孩子失望,就故意和船工搭话:您的毡帽很漂亮呀! 没想到船工非常体贴游客,立刻用绍兴家乡话说:好,那我就带上吧。让我心里很是高兴了一阵子。