NetSec Letter

---

In reverse order of publication…

• #34, Administrative note.
• #33, Measuring Security. Can we measure it? Do we?
• #32, Security Checklist. Covering all the bases.
• #31, Personal Firewall Day. ‘Tis the season to get infected with a computer virus.
• #30, The Microsoft Factor, Part 2. What can we do?
• #29, The Microsoft Factor. How does a “monopoly” affect security?
• #28, The Vanishing Perimeter. It vanished a long time ago. (Reprinted in VARBusiness Magazine.)
• #27, Spam Control.
• #26, Beyond the VA Scan.
• #25, A look at Gilian’s Exit Control.
• #24, SSL VPNs. Why I like them.
• #23, E-mail Firewalls. Application-specific firewalls.
  
• #22, Security Awareness Musings-from-the-Friendly-Skies.
• #21, Securing Cyberspace — Comments on the National Strategy.
  
• #20, 1 September 2002. The Need for Web Security. It’s not just how big a target you are…
• #19, 31 May 2002 It’s Not Just for Security Guys Anymore
• #18, 10 April 2002 . Using Network VATs for Verification
• #17, 5 March 2002 . The Nefarious “Any”
• #16, 1 February 2002 . “On September 11, everything changed, forever…” NOT!
• #15, 23 December 2001 . 2001 Letter to Santa from a Security Administrator
• #14, 23 November 2001 . Do We Really Need VPNs?
• #13, October 23, 2001. Afterthoughts and Lessons to Learn after September 11, 2001.
• #12, 13 September 2001. Before You Pull the Plug. I wrote this as a follow-on to my friend David Strom’s Web Informant #258, which discusses the human side of down-sizing. In this, I look at this problem from a computer and network security angle, and suggest some safeguards.
• #11, 8 August 2001. Internet Security and Usability: Who’s Winning? Reflections from vacation on the state of Internet Security.
• #10, 14 July 2001. When Access Control Goes Bad. Access control and the May 2001 reported trade secret theft at Lucent Technologies.
• #9, 16 June 2001. Certification of Security Professionals. Who will you trust? A brief introduction to the topic with some pointers.
• #8, 17 May 2001. Other Solutions For Secure E-mail. A look at an alternative product, A-Lock, along with pointers to some other reviews of other products. We’re just too tired of waiting for PKI, and PGP still causes grown men to cry.
• #7, 17 April 2001. Firewalls, VPNs, and Remote Offices, a look at how we connect them and how we should.
• #6, 14 March 2001 Virus Hoaxes: A Plea and a Plan. A pet peeve with some guidelines and suggestions.
• #5, 11 February 2001 IPsec and VPNs: The Sad/Glad State of Affairs. Where we are with Virtual Private Networks.
• #3, 18 January 2001. Security Product Certification. A discussion of different ways to certify security products.
• #2, 14 December 2000. E-mail Security, Part 2: Speed Bumps. Observations and recommendations.
• #1, 14 November 2000 E-mail Security, Why Don’t We Bother?