(To receive monthly columns by e-mail,
send e-mail from
In reverse order of publication...
#34, Administrative note.
#33, Measuring Security.
Can we measure it? Do we?
#32, Security Checklist.
Covering all the bases.
#31, Personal Firewall Day. 'Tis the season
to get infected with a computer virus.
#30, The Microsoft Factor, Part 2. What can we do?
#29, The Microsoft Factor. How does a "monopoly" affect security?
#28, The Vanishing Perimeter.
It vanished a long time ago. (Reprinted in
#27, Spam Control.
#26, Beyond the VA Scan.
- #25, A look at Gilian's Exit Control.
#24, SSL VPNs. Why I like them.
- #23, E-mail Firewalls. Application-specific firewalls.
Security Awareness Musings-from-the-Friendly-Skies.
- #21, Securing Cyberspace -- Comments on the National Strategy.
- #20, 1 September 2002.
The Need for Web Security. It's not just how big a target you are...
- #19, 31 May 2002
It's Not Just for Security Guys Anymore
- #18, 10 April 2002
. Using Network VATs for Verification
- #17, 5 March 2002
. The Nefarious "Any"
- #16, 1 February 2002
. "On September 11, everything changed, forever..." NOT!
- #15, 23 December 2001
. 2001 Letter to Santa from a Security Administrator
- #14, 23 November 2001
. Do We Really Need VPNs?
- #13, October 23, 2001.
Afterthoughts and Lessons to Learn after September 11, 2001.
13 September 2001.
Before You Pull the Plug. I wrote this as a follow-on to
my friend David Strom's
Web Informant #258,
which discusses the human side of down-sizing. In this, I
look at this problem from a computer and network security angle,
and suggest some safeguards.
- #11, 8 August
Internet Security and Usability: Who's Winning? Reflections
from vacation on the state of Internet Security.
14 July 2001.
When Access Control Goes Bad. Access control and the May 2001
reported trade secret theft at Lucent Technologies.
- #9, 16 June 2001.
Certification of Security Professionals. Who will you trust?
A brief introduction to the topic with some pointers.
- #8, 17
Other Solutions For Secure E-mail. A look at an alternative
product, A-Lock, along with pointers to some other reviews of other
products. We're just too tired of waiting for PKI, and PGP still causes
grown men to cry.
- #7, 17 April
Firewalls, VPNs, and Remote Offices, a look at how we connect
them and how we should.
- #6, 14 March
Virus Hoaxes: A Plea and a Plan. A pet peeve with some guidelines
#5, 11 February 2001
IPsec and VPNs: The Sad/Glad State of Affairs. Where we are
with Virtual Private Networks.
#3, 18 January 2001.
Security Product Certification. A discussion of different ways
to certify security products.
- #2, 14 December
E-mail Security, Part 2: Speed Bumps. Observations and recommendations.
- #1, 14
E-mail Security, Why Don't We Bother?
| Curriculum Vitae