1 / 20

Security Information Dissemination: The Powers of      RSS for Security Weblogging (Blogging)

Security Information Dissemination: The Powers of      RSS for Security Weblogging (Blogging). Dana M. Epp Computer Security Software Architect Scorpion Software Corp.

yul
Télécharger la présentation

Security Information Dissemination: The Powers of      RSS for Security Weblogging (Blogging)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Information Dissemination: The Powers of     RSS for Security Weblogging (Blogging) Dana M. Epp Computer Security Software Architect Scorpion Software Corp.

  2. “Security delayed is security denied. There is more information than you can read or absorb. That means you might miss some key points, trends, warnings, or fixes. And the price for missing them can be enormous.” - Scott GrannemanColumnist, SecurityFocus

  3. Overview • What is RSS and blogging? • History of RSS • RSS and Productivity • Technical Timeout: What RSS Looks Like • How to read RSS – The Aggregator. • Dana’s Top 10 Security RSS Feeds • Questions and Answers

  4. What is RSS? • RSS stands for “Really Simple Syndication” • RSS is a dialect of XML that provides web and news contentsyndication. But it's not just for the web or news. Pretty much anything that can be broken down into discrete items can be syndicated via RSS: the "recent changes" of a vendor software, a changelog of CVS checkins, even the revision history of a book.

  5. Quick Blogging Glossary • RSS: Really Simple Syndication • RDF: Resource Description Framework • Blog: Short for Web log • Aggregator: Tool to read RSS feeds

  6. History of RSS • Original version developed by NetScape as RSS 0.90 as a format for building portals of headlines to mainstream news sites. • RSS 0.90 found to be overly complex for its goals; a simpler version, 0.91, was proposed and subsequently dropped when Netscape lost interest in the portal-making business. • Dave Winer at UserLand Software picked up 0.91, for use as the basis of its weblogging products and other web-based writing software. • At the same time, a 3rd group split off using the design goals of 0.90, and based on RDF, calling it RSS 1.0 • UserLand Software was not happy with this, and continued to build 0.9x versions (0.91-0.94), until it suddenly jumped to become the RSS 2.0 standard

  7. RSS and Productivity • RSS is faster to display. Why is this? Well, HTML (er, your web browser) needs to call a Web server. Wait for it to respond. Then wait for it to send its stream of HTML. Then wait for it to display what it gets. On some weblogs that process can take as long as 1.5 minutes!!! * Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject

  8. RSS and Productivity • With RSS I only need to read one out of 10 sites. Why is that? Because with a web browser you need to visit every single site. With RSS you only read the sites that have changed since the last time you've read the feed. * Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject

  9. RSS and Productivity • RSS is faster to read. Why is this? Well, if you visit my weblog in a web browser, how do you know what's new? You need to look at the dates. Now, what about a page like http://msdn.microsoft.com. Quick, tell me what's changed in the past 24 hours. In the past week. In the past month. With RSS I INSTANTLY know what has changed since the last time I visited. * Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject

  10. RSS and Productivity • RSS is more efficient to read. Most RSS feeds only give you the content. Not the advertising. Not the color banners. Not the crappy links. Not the weird fonts. Not the bizarre color background. It gives you what you want… information. * Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject

  11. RSS and Productivity • RSS lets you escape the browser. Maybe the browser isn't where you want to read. Maybe you like Outlook better. Or your PDA. RSS is XML, which lets you programmatically import it and deal with it anywhere you want * Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject

  12. RSS and Productivity – Practical Example • I used to spend 1 to 2 hours a day surfing to around 30 web sites of interest to keep up to date with industry trends, vulnerabilities and news. • Now I watch over 75 security feeds, 50 news feeds and over 100 personal web logs of interest in less than 15 minutes a day • On numerous occasions I learned of a new security threat via RSS BEFORE I heard about it in mailing lists or on the news.

  13. RSS and Productivity – Dana’s Weird Uses of RSS • I use RSS to correlate and quickly display new security events going on across different operating systems and network devices within a single RSS feed. • I use RSS to track changes in our automated product builds. Results of new builds are immediately known to me without having to discuss with others. • In February, launching a company blog which includes an RSS feed of product changes and patches… and have integrated the RSS directly into the software.

  14. Technical Timeout: RSS 2.0 <rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">  <channel>    <title>Some title</title>    <link>http://www.someurl.com/</link>    <description>Describe Information Content</description>    <language>en-us</language>    <item>      <title>Welcome to blogging</title>      <link>http://www.someurl.com/pub/2003/12/04/blog.html</link>      <description>Witty description of the content</description>      <dc:creator>Dana Epp</dc:creator>      <dc:date>2003-12-04</dc:date>        </item>    <item>      <title>The .NET Schema Object Model</title>      <link>http://www.xml.com/pub/2002/12/04/som.html</link>      <description>Priya Lakshminarayanan describes in detail the use of the .NET Schema Object Model for programmatic manipulation of W3C XML Schemas.</description>      <dc:creator>Priya Lakshminarayanan</dc:creator>      <dc:date>2002-12-04</dc:date>        </item>  </channel> </rss>

  15. How to read RSS – The Aggregator • An aggregator is software that periodically reads a set of RSS feeds, in one of several XML-based formats, finds the new bits, and displays them in reverse-chronological order on a single page.

  16. Sample List of Aggregators • Bloglines – Online Aggregator http://www.bloglines.com • SharpReader - .NET Aggregatorhttp://www.sharpreader.net • Newsgator – Outlook extensionhttp://www.newsgator.com • Feed Demon – Windows Aggregatorhttp://www.feeddemon.com • Wildgrape NewsDeskhttp://www.wildgrape.net Many, many more great aggregators out there!

  17. Dana’s Top 10 Security-related RSS Feeds • SecurityFocus Vulnerabilities (BugTraq)http://www.securityfocus.com/rss/vulnerabilities.xml • SecurityFocus Top Newshttp://www.securityfocus.com/topnews-rss.html • CERT/CChttp://www.cert.org/channels/certcc.rdf • Microsoft MSDN Securityhttp://msdn.microsoft.com/security/rss.xml • SANS Internet Storm Centerhttp://isc.incidents.org/rssfeed.xml • SANS Information Security Reading Roomhttp://www.sans.org/rr/rss/ • Microsoft Hotfix and Security Bulletin Servicehttp://www.opensec.org/feeds/microsoft/latest.xml • Symantec Security Response - Advisorieshttp://xml.newsisfree.com/feeds/56/3156.xml • Network World on Securityhttp://www.nwfusion.com/rss/security.xml • Dana Epp’s Ramblings at the Sanctuaryhttp://silverstr.ufies.org/blog/index.rss

  18. How to find your own Security Related RSS feeds • Google “security blogs” • Consider reading more “personal” infosec blogs that are not company focused… but profession focused • Read comments on some feeds… typically you can get a poster’s blog info from there (ie: A link via their email).

  19. Dana’s Favorite Personal Security-related RSS Feeds Here is a small sample of just a few more personal web logs that relate to security: • Dana Epp’s Ramblings at the Sanctuaryhttp://silverstr.ufies.org/blog/index.rss • TaoSecurityhttp://feeds.blogstreet.com/12858.rss • A Day in the Life Of An Information Security Investigatorhttp://blogs.ittoolbox.com/security/index.rdf • joatBloghttp://www.757.org/~joat/blog/index.rdf • Troy Jessup’s Network Security Bloghttp://www.ndnn.org/blog/index.rdf • Static in the Etherhttp://lair.moria.org/blog/?flav=rss

  20. Any Questions? Dana M. Epp dana@scorpionsoft.com

More Related