From my heart :)
my world is in a cryogenic state, no warmth no love no hate no
yearnings. a clean slate. it's been this way for quite a while before
all e storm n events of e past few mths.
from my heart, I did alot of thgs which I liked.. but as time went by,
u became so impt to me. after u acknowledge me, somehow it turned
downhill, I was fighting for ur dwindling attention. my actions turned
into reactions, beckoning, I became a robot. desperate. fear. alone.
while u fluttered along... I cldn't catch up n fallen so behind, not
knowing wat I did wrong, I kept apologizing when it wasn't either of
us at wrong.
now I know, from e heart is where we met n depart. it's a relief I cld
find my way out :)
Sent from my iPhone
The 10 Dumbest Mistakes Network Managers Make @@;
1. Not changing the default passwords on all network devices.
Tippett says it's "unbelievable" how often corporations have a server, switch, router or network appliance with the default password -- usually "password" or "admin" -- still enabled. Most CIOs think this problem could never happen to them, but Tippett sees it every day.
To avoid this problem, you need to run a vulnerability scanner against every device on your network with an IP address, not just the critical or Internet-facing systems, Tippett says. Then you need to change the default passwords that you find to something else. More than half of all the records that were compromised last year were the result of using a default password on a network device, according to the Verizon Business study.
2. Sharing a password across multiple network devices.
IT departments often use the same password across multiple servers, and several people know the password. It might be a good password -- a complicated string of numbers and letters -- but once it's shared among several systems, these systems are all at risk.
For example, one of the people who knows the password could switch companies and reuse the password at his new company. Or an outsourcer who handles a non-critical system such as a data center cooling system could use the same password on all of the systems it operates for all of its customers. In either case, if the password is discovered by a hacker, the hacker can get into many servers and wreak more damage.
Tippett says IT departments need a process -- automated or manual -- to make sure that server passwords are not shared among multiple systems, are changed regularly and are kept secure. He says it's as simple as keeping the current server passwords written down on cards that are kept in a lockbox controlled by one person.
3. Failing to find SQL coding errors.
The most common hacking attack -- representing 79% of all compromised records -- is against an SQL database that is connected to a Web server. The way that hackers get into these systems is to enter an SQL command in a Web-based form. If the form is coded properly, it shouldn't accept SQL commands. But sometimes developers accidentally create what are called SQL injection errors.
Tippett says the easiest way to prevent these errors is to run an application firewall in "learn" mode so that it can watch how users enter data into a field and then put the application firewall in "operate" mode so that SQL commands can't be injected into a field. The SQL coding problem is widespread. "If a company tests 100 servers, they will probably find a SQL injection problem on 90 of them," Tippett says.
Often, companies fix only the SQL injection errors on their critical servers, forgetting that most hackers get into their networks through non-critical systems. Tippett suggests that network managers segment their networks using access control lists to restrict servers from talking to nonessential devices. This would prevent a hacker from gaining widespread access to data through an inevitable SQL coding error.
4. Misconfiguring your access control lists.
Segmenting your network using access control lists is the simplest way to make sure that systems communicate only with the systems that they should. For example, if you allow business partners to access two servers on your network through your VPN, you should use the access control lists to make sure that these business partners only have access to these two servers. Then if a hacker comes into your network through the opening for business partners, the hacker can only get into the data on these two servers.
"Often a bad guy coming into the network through the VPN has access to everything," Tippett says. Indeed, having properly configured access control lists would have protected 66% of the records that were compromised last year, according to the Verizon report. The reason CIOs don't take this simple step is that it involves using your routers as firewalls, and many network managers don't want to do that.
5. Allowing nonsecure remote access and management software.
One of the most popular ways for hackers to get into your network is to use a remote access and management software package, such as PCAnywhere, Virtual Network Computing (VNC) or Secure Shell (SSH). Often, these software applications are lacking the most basic security measures, such as good passwords.
The simplest way to find this problem is to run an external scan across your entire IP address space to look for PCAnywhere, VNC or SSH traffic. Once you find these applications, put extra security measures on them such as tokens or certificates in addition to passwords. Another option is to scan the Netflow data of your external facing routers and see if you have any remote access management traffic flowing across your network.
This problem is common enough to account for 27% of the compromised records in the Verizon Business report.
6. Failing to test noncritical applications for basic vulnerabilities.
Nearly 80% of all hacking attacks are the result of security holes in Web applications, according to the Verizon Business report. Network managers know that their biggest vulnerability is in Web applications, so they put all of their effort into testing their critical and Internet-facing systems.
The problem is that most hacking attacks leverage security mistakes in noncritical systems inside networks. "The main problem is that we're testing like crazy the critical Web applications, and we're not testing the non-Web applications," Tippett says. He recommends that network managers test all of their applications for basic vulnerabilities.
"People have been taught forever to focus in order of criticality, but the bad guys don't know what's critical or not. They go in order of what's easy," Tippett says. "Once they get inside your network, they can set up shop, take their time and watch your traffic."
7. Not adequately protecting your servers from malware.
Malware on servers accounts for 38% of all security breaches, Verizon Business says. Most malware is installed by a remote attacker and is used to capture data. Typically, malware is customized, so it can't be discovered by antivirus software. One way for network managers to find malware such as keylogger or spyware on their servers is to run host-based intrusion-detection system software on every server, not just critical servers.
Tippett suggests a simple way to prevent many of these attacks: Lock down servers so that no new applications can run on them. "Network managers hate to do that because they might want to add new software later," Tippett says. "I tell them to just unlock the lock, install the new software, and then lock it up again."
8. Failing to configure your routers to prohibit unwanted outbound traffic.
One popular form of malware involves putting a backdoor or command shell on a server. One way to prevent a hacker from taking advantage of a backdoor or command shell is network segmentation using access control lists. This way you can prevent servers from sending traffic that they shouldn't be sending. For example, a mail server should only send mail traffic, not SSH traffic. Another option is to use your routers for default deny egress filtering, which blocks all outbound traffic except for what you want leaving your network.
"Only 2% of companies do this. It baffles me as to why the other 98% don't," Tippett says. "Default deny egress filtering is trivial."
9. Not knowing where credit card or other critical customer data is stored.
Most companies think they know where critical data such as credit card information, Social Security numbers or other personally identifiable information are stored, and they harden these servers with the highest levels of security. But often, this data is stored somewhere else on the network such as at a backup site or in the software development department.
It's these secondary, noncritical servers that often get attacked and lead to the majority of data breaches. One easy way to find out where critical data is stored is to conduct network discovery. "We typically stick a sniffer on the network and we see where the critical data is supposed to be and then we see where else it goes," Tippett says.
10. Not following the Payment Card Industry Data Security Standards.
Dubbed PCI DSS, this set of 12 controls for protecting cardholder information work, Tippett says. "Most people don't even try to meet the PCI standards," Tippett says. Sometimes a company follows these controls for the servers where it knows it stores credit card data, but not on the other unknown servers that host this critical data.
Even though 98% of all compromised records involve payment card data, only 19% of organizations with security breaches followed the PCI standards, according to the Verizon Business report. "It's obvious. Follow the PCI rules. They basically work," Tippett says.
From
http://www.cio.com/article/496577/The_Dumbest_Mistakes_Network_Managers_Make
Korea with love? ;)
*yawns* it's been a busy week ^^ hectic since MP, which is a success;
to Korea, back n cleared all my stuff~ handed over all e reports,
paper work n of cos giving 10z to those whom gv me warm hospitality
while I was there (eg. Ray, Christian n Miok)
cool dudes they are :) I hope Ray finds his path soon! while Christian
gets wat he wans ;) n Miok finds a new job ;p
korea's fun, esp when u meet new folks. there's of cos great dudes to
pain-in-ass folks n e occasional snobbish-ass. look on e bright side,
there's lots of helpful folks
reminder, hv to know wat is "reciept" in Korean called :) eat more
locale fare~ n move among more of e happy folks~
ya~! tt's e main difference! sg's pretty fucked up cos ppl dnt smile,
laugh or be happy no more @@; over there e most glommy spots r in e
korail trains z,z! ok~ there's also alot of Jude babes ard ;)
reminds me of e juju berry tea n sanghwa tea which I didn't gt to
drink cos someone paid a surprised visit to us n I had to man e desk
>,<; kk sry Gerald owe u a meal for footing e bill for everyone!
another happy moment was time spent w our little translator lily!
she's fun n a great translator, but think she's afraid of tiger or me
n refuses for us to buy her a meal or somethg to repay her efforts ^^;
oh well in future maybe can get her to freelance translations? but
nothg beats e queen of blurrness! she takes top spot for bringing
laughter to my face, yeah yisoo e poor ger think she's too anxious
infront of us n was like totally shy n stuff tt she forgot our
namecards when she left! rofl :x think we're too noti w her already
^^; haha but it was fun ;p anyway think she's pretty pissed w me as I
SMS her n mistook her for Miok! lol cos my tone was super duper ultra
informal n I guess she's offended by it? gomen ^^;
yeah forgot abt tiger for hv'ing balls of steel n bin/lee for always
being so cheeky n mischievious! really lol man! guys remember taking
pictures? muahaha
ahhhhh~!~! only regret is not eating more locale food :( I miss e
spicy squid kimchi~!
hmmm after Korea it's back to e dull life ;p but I'll always remember
e folks at Korea ^^
Those whom don't remember the past are condemned to repeat it
"she's the type of woman where u could strap dynamite n walk into a
room full of ppl n take out everyone in it" describing an ex-wife.
she kissed him goodbye before comitting suicide..
ermm I feel he is so wrong, no doubt her character might be super
unbearable but he can't escape, part of e responsibility of her
actions hv to be beared by him..
there must be a way for him to hv averted e disaster, just how? wld be
e question!
Sent from my iPhone
nvr nvr nvr take indirect flights!
nvr nvr nvr take indirect flights no matter wat reasons... this e
first n final time I'm gona be doing this! lol there's always
locations whr u hv no choices cept to fly indirect but this trip is
horrid, to e max? think budget's better! seriously man! it's a combi
of budget n e ugly Chinese! haha yeah previous it's either u face e
crappy budget OR e ugly Chinese, now take it to e nxt lvl ;)
ps : btw i'm writing this iluminated by gd old 70's disco lights!
sunlight refractions off either e lady's gilttering blouse or her gem
studded watch. *rolls eyes* dang which idiot opened his port side
window n allowed e morning sun in man! sld be shot when everyone just
keeps it CLOSED for obvious reasons! gawd! wait he's trying to enjoy
looking at e morning sun off his maiden voyage home? @@; idiot
numbskull zzz
fucking torture! reminder again, nvr ever take an indirect flight
transiting in Beijing or on china air zzz dnt let me start on e flight
svc man... to date I dnt think any of e budget hv any worser svc? rofl
wait no svc is better than fully fucked svc! sigh... can't blame
them... they ARE crap -,-;
this is gona ruin e trip... sldn't hv pushed for it. fuck it ain't my
business nor my job to source for games... esp when working for a boss
who's crap too! makes me wonder how they make e decision to license
these games man... I've always tot it's e combi of ROI n market
perception which determines thgs, but it ain't man...
hmm only biz or 1st gets bananas for breaky while e rest gets nothg?
hahaha god how I wana gt out of this hole...
Sent from my iPhone
Bitter medicine is good medicine x,x is it? 0o;
Her words were like hail in summer sunshine, brutal fast n deadly
accurate. blood inducing. merciless. cruel. x,x;
"u let her undervalue u till u are worser than negative value
u let her step over yr limit n somemore n u can't stop her or control
her"
everythg is yr own doing, it is not her fault but yr fault tt thgs r
this way today
I've nvr blamed her for thgs tt hv happened, how I wish it's easier to
blame her or anyone else. but I didn't, I'll carry tt responsibility
till e end..
no use can't change topic, she's like a bull dog, once latch to a
topic u can't escape x,x;
it is over already, y keep hammering on it?
"ya, but did u learn e lesson? u've paid a high price can u make sure
e nxt time thgs like tis won't happen?"
there is no answer for her onslaught, only time n my nxt r/s wld I
know if i had truely learnt n repent.
"u need to gain back yr value, change yr outlook, love yr self more"
I wld but I wld need help too.
"wat? everytime need my help I'm v busy k! go learn it yr self!"
... ya wld need opinion too mah!
"be daring n go n try it out yr self! do somethg different n gt
somethg different!"
... ppl like me need others to bounce off opinions n choices too, low
confidence also need somewhr to start first. everythg is a learning
process.
-,-; diaoz chicken n egg issue, sigh no wonder when everyone heard
she's coming out. all wld Siam her ;p
tt a side, I need to start walking on my own :)
ps : nxt time I call u 1yr later u better not be at geylang east
cleaning other's car w wet tissue ah! lol 10z again
Sent from my iPhone
Touch wat touch! Poke wat poke!
-,-; become laughing stock man... freaking doc at ttsh check my back, after leave his clinic pain in back.. pain in legs.. WTF~
"Wow. So u ok? How to sign cheque? U wanna cab to office sign then go back?"
"Ya better check man i know the pain from back runs down to the legs man no joke lol keep me updated lol tonight i got rt btw"
"Due to e car accident? Take care! "
"He 'touched' eww. Haha. Did u ask y is there is more pain?"
"worst case slip disc"
"Ok tk gd care. U stil can go korea? Stil haven't got back yr last claim? Yen said u r comin to ofc?"
"Wahahaahahahahahahah" baskett I sld kill him man lol
Dang I love iPhone 3.0's copy n paste! lol
Sent from my iPhone
Talk to me, share with me, smile for me
I love to listen to ppl sharing their stories, sad fun anger or just
plain boring history :)
u guys wld find it amusing if I said many gers i'm with, it's just to
feel their warmth n hear them speak of their stories ^^
it let me feel e warmth of e skin, e closeness, e feelings portrayed.
even if it might just be a story to bluff me, it allows me to feel e
connection...
thgs I yearn to feel which was lacking in my life...
Sent from my iPhone