Posts tagged ‘network security’

December 19, 2011

A Special Kind Of Proxy

GoogleSharing is a special proxy service that doesn’t hide what you are searching from Google. Instead, it obscures where the requests are coming from. GoogleSharing is not a full proxy service designed to anonymize traffic. It is exclusively intended for certain aspects of your communication with Google. So there are no “alternative” websites to visit. Your use of the web need not change at all.

diagram

How does it work?

How does it work?
The GoogleSharing system is a custom proxy with a Firefox Add-on.

The proxy

The proxy generates a pool of GoogleSharing “identities,” each containing a cookie issued by Google and an arbitrary User-Agent for one of several browsers.

The add-on

The Firefox add-on watches for requests to Google services from your browser… and will transparently redirect them to a GoogleSharing proxy. There your request is stripped of identifying information and replaced with a GoogleSharing identity. Then this request is forwarded to Google, and the response is proxied back to you.

If your next search is given a different identity,

read more »

July 15, 2011

Try a VeriSign SSL Certificate gratis

Network and data security has really been on my mind lately!

I visited the Symantec and VeriSign websites the other day. I’m not sure if this is a true “limited time special offer” or an ongoing promotional deal that I never noticed until now. Two sorts of SSL (Secure Socket Layer encryption) certificates are available from VeriSign.

Secure Socket Layer protection

30-day SSL test-drive

One is the standard type that is desirable for websites that are accepting payment data or collecting other sensitive personal information from users. VeriSign refers to this as a Production Certificate. It includes use of the distinctive VeriSign Trust Seal, for use on SSL websites.

The other type is an SSL Test Certificate. Applications developers who want to confirm that SSL encryption is functional in a test (pre-production ONLY) environment should select this. It doesn’t include display of the Trust Seal, because it isn’t intended for use with applications on the public web. Both are available for free, for a 30-day trial period.

Try a VeriSign Certificate* today!

There may be superior alternatives to VeriSign SSL authentication. Regardless of vendor choice or implementation, it won’t hurt to contemplate data security, given the almost daily news reports of DDoS, DoS and other attacks. Or disclosure of yet another 0-day vulnerability or data breach.

* No, I’m not a paid endorser. I hoped someone might find it helpful and informative. Me, for example!

UPDATE: July 30, 2011

I just noticed that VeriSign has another offer; a 60-day free trial for a VeriSign Seal. See the VeriSign website for more information.

VeriSign offers both SSL and non-SSL products

What is the difference between the Trust Seal and the Secured Seal?

Like the VeriSign Secured Seal, the VeriSign Trust Seal shows that a site is authenticated by the high standards of VeriSign… The VeriSign Trust Seal is free with the purchase of any VeriSign® SSL Certificate. It can also be purchased separately for web sites that do not require SSL for securing online transactions. The VeriSign Trust Seal provides a cost-effective way to establish trust on your site without installing an SSL Certificate.

Emphasis is mine. However, VeriSign prominently displays this advisory on the Trust Seal FAQ page:

If your Web site uses SSL, you must use VeriSign SSL in order to display the VeriSign Trust Seal.

I’m uncertain, but suspect that the 30-day Trust Seal deal includes SSL certification, which is actually the VeriSign Secured Seal. The 60-day special probably does not. In other words, it offers the Trust Seal but not the SSL certificate, and is suitable only for non-SSL websites..

February 28, 2011

The Anti-Matter of Network Security

Is virtual routing the “anti-matter” of network security?

This post from the Rational Security blog* presented a convincing case as to why that might be so. It was dated December 2008. I don’t know if virtual routing is safer now, or not.

Layer 3 Routing diagram for system administration

Routing diagram for networks

Meanwhile, for those interested in routing as depicted in the photo, I found a good article about LAN switches. It explains quite clearly the difference between a router and a switch.

*The Rational Security blog has since departed TypePad (as of 2009). It has a slightly altered name, and is now The Rational Survivability blog.