April 7th, 2011 by peter.bassill

After what can only seem an age, sks.teanfordhouse.com is now available for peering.

April 2nd, 2011 by peter.bassill

First update of the weekend, the victim machine has certainly had a very busy night.

Here is the first output form norman:

[ DetectionInfo ]
* Sandbox name: NO_MALWARE
* Signature name: W32/Spybot.CKBU

April 1st, 2011 by peter.bassill

So, lets start with the question posed over a couple of ales today.

“How much malware would get installed on a server with a basic ‘IT Admin’ style configuration over a weekend?”

With a question like that being posed, an answer is needed, and this is the start of the journey for the weekend. At 1930 on the 1st of April we put live our nepenthes node looking like what can only be described as a moderatly configured server. It is certainly not to the standard I would allow anywhere near a corporate environment, but it is representative of many servers I encounter on the ‘net’.

Read the rest of this entry »

March 11th, 2011 by peter.bassill

Andrew W Morse, Founder, Digital Tsunami “Communications Evolution” recently asked the question; “With the increased complexity of polymorphic malware and the increased use of social platforms, do you have concerns for increased network intrusion via ever-increasing corporate cloud computing?” on Linkedin.

It gave a fair amount to think about so I thought I would share my opinions with you all.

What a great question and thank you for asking it. Ok, do you have more or less security by renting a 1U server from a server farm in a datacenter? Do you have more or less security when rather than rent that server from a server farm you physically house it in your datacenter? There are a number of players out there in the market that would have you beleive that a server in the “cloud” is vulnerable to attack but the truth is that any server with a connection to a public facing network is going to be attacked at some point in time.

From my point of view, the biggest security concern is one I am not hearing about much and that is the disk. Say you rent a cloud server with 100gig and you then use this for some data processing and once you have finished, you close down your server and remove it from the system. That disk is still there.

It is possible to rent a single cloud server and get it up and running in only a few minutes. Once done, add a few cloud disks to it and run standard forensics recovery tools over the disks you have provisioned from the pool. What are the odds of successfully recovering someone’s information? A number of cloud vendors put some form of protect infront of the physical layer, but when we are talking disk, how much work does it take to recover a previous tenants data?

Still worried about network intrusion? Have your admins build and secure your cloud servers properly and maintain a good patching program alongside good security practises for access control.

Worried about a disk recovery attack? Encyrpt your data in the cloud and then carry out a DoD standard 7 pass wipe of your data areas prior to deprovisioning your server.

Worries about security still? Think about risk and not particular technology points.

December 27th, 2010 by peter.bassill

2010 Review: Top 10 cloud computing stories

Cliff Saran email

Monday 27 December 2010 12:00

The IT industry has embraced cloud computing in 2010. Businesses started pilot deployments, while the major suppliers opened new green datacentres around the world to support data sovereignty.

Here Computer Weekly looks back on the top 10 cloud computing stories of the year.

The datacentre designs powering Salesforce.com
While economy of scale is being touted as a key source of savings for cloud providers, Salesforce.com has a minimal number of servers in just a few co-location cages. It provides services without server virtualisation, an approach that is contrary to the often-repeated mantra of virtualisation being a prerequisite for cloud or infrastructure sharing. Salesforce.com infrastructure is shared and very few would deny that the way in which it delivers services is cloud-based.

Microsoft CEO Steve Ballmer talks cloud
What is Microsoft’s position in the cloud marketplace? Microsoft CEO Steve Ballmer (below) explains how its Azure cloud platform and Microsoft Live makes it well-placed to offer businesses a migration path into the cloud since its hybrid approach means users can buy and deploy in-house or use products like Office Live in the cloud. But can Microsoft make the economics work?

Forrester Research: Three steps to IT reorganisation
After a year of seeing deep cuts to infrastructure and operations (I&O) budgets, businesses are returning to a growth agenda. Most I&O executives say this is routine. As the vice-president of infrastructure at a large manufacturer summed it up: “I&O is always in a recession. We always have to do more with less. Did the global recession hurt us? I’m sure it did, but we didn’t notice any unusual cuts in spending.”

Buyer’s guide to cloud computing
Of all the types of cloud service, the cloud application market is the most mature. Salesforce.com, for instance, has more than 54,000 subscribers, making it the most successful cloud application provider with its pay per use customer relationship management (CRM) application. But not every business wants to replace a core application with one operated in the cloud.

CRM is relatively easy to migrate to a cloud offering, but enterprise resource planning (ERP) and production systems are not as straightforward. Businesses have two choices: either use IT infrastructure in the cloud or build applications based on a cloud platform.

Will auditors allow your data to reside in the cloud?
“Do you fear the auditor more or the attacker?” asks Peter Bassill, chief information security officer at gambling giant Gala Coral Group. It is a key question for IT leaders thinking of dabbling in on-demand computing provision through the cloud. For Bassill, there is only one answer, particularly for firms operating in highly regulated sectors: “A lot of companies fear the auditor more. If you hold data internally, you can show the auditor your controls, but the cloud makes such demonstrations more difficult.”

Quocirca: Cloud computing: realities
Much of the coverage of on-demand products focuses on a few high-profile IT companies and it is easy to think the market is limited to them. This is simply not true; many managed hosting providers are now providing IaaS and PaaS as an alternative to their traditional dedicated infrastructure hosting services. Add to this the number of suppliers now offering full or partial SaaS and the aggregated market these organisations represent is easily as big as that of their higher profile counterparts.

Choosing a supplier will depend on the type of platform required, the service levels on offer and the guarantees that can be provided on security and governance.

The hidden cost of private clouds
The term “cloud” has attached itself to practically every product or service offering computers and storage. The enormous popularity of the cloud is not driven by the coolness of technology but by the clear and obvious benefits that cloud computing gives its users, which is revolutionising the way IT services are being procured and used. The phrases “private cloud” and “public cloud” have become commonplace, but when you think about the benefits of a real cloud computing environment, the hype around a private cloud doesn’t measure up. Werner Vogels (below), CTO of Amazon web services explains why.

Case Study: Cloud computing and the benefits of elasticity
Last September Corby Borough Council went live with an online portal application that runs on Amazon’s Elastic Compute Cloud (EC2) infrastructure. The online portal, MyCorby, enables the town’s 53,000 residents to access a range of information and council services, such as council tax, benefits, housing, waste collection and leisure services, at their convenience and around the clock. Corby chose cloud computing because it offered the flexibility to support growing demand from the town’s ballooning population, which is expected to double by 2030.

IT leaders start to question cloud interoperability
As security issues around cloud-based systems begin to be addressed, concerns about how to make applications talk to each other have begun to move to the front of CIOs’ minds, according to research. A survey by PA Consulting Group and Harvey Nash earlier this year suggests that just under 50% of 2,500 business polled were not planning on entering the cloud in 2010 due to reasons ranging from level of cloud maturity (mentioned by 13% of respondents) to security (21%). Six months later, PA revisited some of the initial findings of the original research in conversations with clients and found that businesses now perceive cloud as less of a hype and more as a viable option.

The legal considerations of cloud computing
Law firm Field Fisher Waterhouse is about to use cloud computing to improve the way it delivers IT services to lawyers. But in addition to the usual technical issues, there are some legal aspects that require careful consideration. The legal industry handles highly confidential information on behalf of clients, and the time-critical nature of the business requires extremely high service levels. How suitable is its IT for cloud computing?