Heart Attack: Detecting Heartbleed Exploits in Real-Time. The OpenSSL Heartbleed vulnerability is proving to be one of the bigger vulnerabilities the security community has seen. As vendors and administrators scramble to patch their systems and users struggle to identify what sites are safe to use, hackers are taking full advantage of the vulnerability. Tripwire’s VERT team has quickly deployed the most robust coverage for detecting the vulnerability through IP360, PureCloud and SecureScan.
What if we also want to monitor and be able to identify when the exploit is being used against us? Using a combination of an IDS and Tripwire Log Center allows us to do just that. Heartbleed & Honeypot There are several versions of the Heartbleed exploit actively in the wild, some are simply being used to test if systems are vulnerable, as well as more robust versions available in Metasploit and other frameworks. Successful Heartbleed Exploit Attempt I can now easily act on these alerts and correlate them to other events in my environment.
Related Articles: Semantic-mediawiki.org. The Semantic Library: RDF In Practice | GSLIS Media Lab. URL vs. URI vs. URN: The Confusion Continues. A year has passsed since my last post on URIs and URLs and it would seem that some of the concepts are still lost on some folks. With that said, I figured I’d throw up another post that I could try and address some of the questions raised in the comments of both posts. URLs and URNs are both URIs This is one point that can’t be stated enough. A URL is a URI and a URN is a URI, plain and simple. It’s really quite challenging to phrase it any other way. Examples of URLs and URNs: People have also suggested that these posts could have been more helpful if I had provided some examples that illustrate the difference between a URL and a URI. Again, all of the examples above are all valid examples of URIs. There’s a very informative page by Tim Berners-Lee that provides a lot of good deails on Uniform Resource Identifiers.
“The only thing you can use an identifier for is to refer to an object. When you followed the link to this page, you didn’t have to do anything other than clicking it. No. The Semantic Web: An Introduction. This document is designed as being a simple but comprehensive introductory publication for anybody trying to get into the Semantic Web: from beginners through to long time hackers. Recommended pre-reading: the Semantic Web in Breadth. Table Of Contents What Is The Semantic Web?
The Semantic Web is a mesh of information linked up in such a way as to be easily processable by machines, on a global scale. The Semantic Web was thought up by Tim Berners-Lee, inventor of the WWW, URIs, HTTP, and HTML. What's the rationale for such a system? So the Semantic Web can be seen as a huge engineering solution... but it is more than that. The Semantic Web is generally built on syntaxes which use URIs to represent data, usually in triples based structures: i.e. many triples of URI data that can be held in databases, or interchanged on the world Wide Web using a set of particular syntaxes developed especially for the task.
URI - Uniform Resource Identifier RDF - Resource Description Framework Why RDF? Logic.