Security Information Dissemination: The Powers of RSS for Security Weblogging (Blogging) Dana M. Epp Computer Security Software Architect Scorpion Software Corp.
Download
Report
Transcript Security Information Dissemination: The Powers of RSS for Security Weblogging (Blogging) Dana M. Epp Computer Security Software Architect Scorpion Software Corp.
Security Information
Dissemination: The
Powers of
RSS for Security
Weblogging (Blogging)
Dana M. Epp
Computer Security Software Architect
Scorpion Software Corp.
“Security delayed is security
denied. There is more information
than you can read or absorb. That
means you might miss some key
points, trends, warnings, or fixes.
And the price for missing them can
be enormous.”
- Scott Granneman
Columnist, SecurityFocus
Overview
What is RSS and blogging?
History of RSS
RSS and Productivity
Technical Timeout: What RSS Looks Like
How to read RSS – The Aggregator.
Dana’s Top 10 Security RSS Feeds
Questions and Answers
What is RSS?
RSS stands for “Really Simple Syndication”
RSS is a dialect of XML that provides web and
news content syndication. But it's not just for the
web or news. Pretty much anything that can be
broken down into discrete items can be
syndicated via RSS: the "recent changes" of a
vendor software, a changelog of CVS checkins,
even the revision history of a book.
Quick Blogging Glossary
RSS: Really Simple Syndication
RDF: Resource Description Framework
Blog: Short for Web log
Aggregator: Tool to read RSS feeds
History of RSS
Original version developed by NetScape as RSS 0.90 as a format for
building portals of headlines to mainstream news sites.
RSS 0.90 found to be overly complex for its goals; a simpler version,
0.91, was proposed and subsequently dropped when Netscape lost
interest in the portal-making business.
Dave Winer at UserLand Software picked up 0.91, for use as the
basis of its weblogging products and other web-based writing
software.
At the same time, a 3rd group split off using the design goals of 0.90,
and based on RDF, calling it RSS 1.0
UserLand Software was not happy with this, and continued to build
0.9x versions (0.91-0.94), until it suddenly jumped to become the
RSS 2.0 standard
RSS and Productivity
1. RSS is faster to display. Why is this?
Well, HTML (er, your web browser)
needs to call a Web server. Wait for it to
respond. Then wait for it to send its
stream of HTML. Then wait for it to
display what it gets. On some weblogs
that process can take as long as 1.5
minutes!!!
* Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject
RSS and Productivity
2. With RSS I only need to read one out
of 10 sites. Why is that? Because with a
web browser you need to visit every
single site. With RSS you only read the
sites that have changed since the last time
you've read the feed.
* Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject
RSS and Productivity
3. RSS is faster to read. Why is this? Well, if you
visit my weblog in a web browser, how do you
know what's new? You need to look at the
dates. Now, what about a page like
http://msdn.microsoft.com. Quick, tell me
what's changed in the past 24 hours. In the past
week. In the past month. With RSS I
INSTANTLY know what has changed since the
last time I visited.
* Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject
RSS and Productivity
4. RSS is more efficient to read. Most RSS
feeds only give you the content. Not the
advertising. Not the color banners. Not
the crappy links. Not the weird fonts. Not
the bizarre color background.
It gives you what you want… information.
* Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject
RSS and Productivity
5. RSS lets you escape the browser.
Maybe the browser isn't where you want
to read. Maybe you like Outlook better.
Or your PDA. RSS is XML, which lets
you programmatically import it and deal
with it anywhere you want
* Adapted from Robert Scoble’s RSS vs. HTML blog post on the subject
RSS and Productivity –
Practical Example
I used to spend 1 to 2 hours a day surfing to
around 30 web sites of interest to keep up to date
with industry trends, vulnerabilities and news.
Now I watch over 75 security feeds, 50 news
feeds and over 100 personal web logs of interest
in less than 15 minutes a day
On numerous occasions I learned of a new
security threat via RSS BEFORE I heard about it
in mailing lists or on the news.
RSS and Productivity –
Dana’s Weird Uses of RSS
I use RSS to correlate and quickly display new
security events going on across different
operating systems and network devices within a
single RSS feed.
I use RSS to track changes in our automated
product builds. Results of new builds are
immediately known to me without having to
discuss with others.
In February, launching a company blog which
includes an RSS feed of product changes and
patches… and have integrated the RSS directly
into the software.
Technical Timeout: RSS 2.0
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">
<channel>
<title>Some title</title>
<link>http://www.someurl.com/</link>
<description>Describe Information Content</description>
<language>en-us</language>
<item>
<title>Welcome to blogging</title>
<link>http://www.someurl.com/pub/2003/12/04/blog.html</link>
<description>Witty description of the content</description>
<dc:creator>Dana Epp</dc:creator>
<dc:date>2003-12-04</dc:date>
</item>
<item>
<title>The .NET Schema Object Model</title>
<link>http://www.xml.com/pub/2002/12/04/som.html</link>
<description>Priya Lakshminarayanan describes in detail the
use of the .NET Schema Object Model for programmatic manipulation
of W3C XML Schemas.</description>
<dc:creator>Priya Lakshminarayanan</dc:creator>
<dc:date>2002-12-04</dc:date>
</item>
</channel>
</rss>
How to read RSS – The
Aggregator
An aggregator is software that periodically
reads a set of RSS feeds, in one of several
XML-based formats, finds the new bits,
and displays them in reverse-chronological
order on a single page.
Sample List of Aggregators
Bloglines – Online Aggregator
http://www.bloglines.com
SharpReader - .NET Aggregator
http://www.sharpreader.net
Newsgator – Outlook extension
http://www.newsgator.com
Feed Demon – Windows Aggregator
http://www.feeddemon.com
Wildgrape NewsDesk
http://www.wildgrape.net
Many, many more great aggregators out there!
Dana’s Top 10 Security-related RSS Feeds
SecurityFocus Vulnerabilities (BugTraq)
http://www.securityfocus.com/rss/vulnerabilities.xml
SecurityFocus Top News
http://www.securityfocus.com/topnews-rss.html
CERT/CC
http://www.cert.org/channels/certcc.rdf
Microsoft MSDN Security
http://msdn.microsoft.com/security/rss.xml
SANS Internet Storm Center
http://isc.incidents.org/rssfeed.xml
SANS Information Security Reading Room
http://www.sans.org/rr/rss/
Microsoft Hotfix and Security Bulletin Service
http://www.opensec.org/feeds/microsoft/latest.xml
Symantec Security Response - Advisories
http://xml.newsisfree.com/feeds/56/3156.xml
Network World on Security
http://www.nwfusion.com/rss/security.xml
Dana Epp’s Ramblings at the Sanctuary
http://silverstr.ufies.org/blog/index.rss
How to find your own Security
Related RSS feeds
Google “security blogs”
Consider reading more “personal” infosec
blogs that are not company focused… but
profession focused
Read comments on some feeds… typically
you can get a poster’s blog info from there
(ie: A link via their email).
Dana’s Favorite Personal Security-related
RSS Feeds
Here is a small sample of just a few more personal web logs
that relate to security:
Dana Epp’s Ramblings at the Sanctuary
http://silverstr.ufies.org/blog/index.rss
TaoSecurity
http://feeds.blogstreet.com/12858.rss
A Day in the Life Of An Information Security Investigator
http://blogs.ittoolbox.com/security/index.rdf
joatBlog
http://www.757.org/~joat/blog/index.rdf
Troy Jessup’s Network Security Blog
http://www.ndnn.org/blog/index.rdf
Static in the Ether
http://lair.moria.org/blog/?flav=rss
Any
Questions?
Dana M. Epp
[email protected]