Stories by Joel Snyder

I wrote the Macworld Networking Bible and it was good

My first Mac was a Mac 512K from the early 1980s, probably 1985. It replaced my Heathkit CP/M system, and when I went on business trips, that thing -- and an external hard drive, what a luxury -- traveled with me all over the country in a huge padded case.

Vulnerability management tools in a nutshell

We tested six market-leading products and evaluated each for their vulnerability scanner results, reporting features, product manageability, workflow tools, and interoperability with other enterprise products. Here are capsule reviews of each product.

Review: Cisco sets the bar for mobile security

Cisco has been a leader in remote access VPNs since 1999, and its latest release, the AnyConnect Secure Mobility Solution, will make both end users and network managers very happy, despite a few rough parts.

What is 802.1x?

Understanding what the IEEE 802.1x standard is and why you should care means understanding three separate concepts: PPP, EAP and 802.1x itself.

Spam and statistics

Say false positive, and you immediately dive into a tough world - statistics of diagnostic tests. The terms false positive and false negative (and their cousins, true positive and true negative) are fairly easy to define. But turning the number of false positives and false negatives into easy-to-digest statistics is different, because the anti-spam community has not come to any agreement on which numbers to use across products.
A spam filter is a diagnostic test. For some set of thresholds, it will say "this is spam" or "this is not spam." In our testing, we didn't expose those thresholds. Instead, we asked the vendors to pick thresholds such that the false-positive rate would be kept to less than 1 percent. Interestingly enough, none of the vendors asked what we meant when we asked for false-positive rate. Based on your tolerance for false negatives (spam in your mailbox) or false positives (mail mismarked as spam, lost or delayed), you might want to set these thresholds differently.

Diane Greene is my hero

FRAMINGHAM (10/22/2003) - Early this year I got to meet Diane Greene, CEO and one of the founders of VMware Inc., maker of one of my favorite lab tools.

IDS: How we did it

FRAMINGHAM (10/09/2003) - Our real-world test put network intrusion-detection systems through the wringer at three locations. Our goal was to mix elements of a multi-site enterprise network with the inherent randomness of the Internet to see how network IDS products would support a professional security analyst.

When will we ever learn?

FRAMINGHAM (09/23/2003) - Two years ago this month I wrote a column called "Learning lessons from Code Red". Code Red had hit hard, taking over servers all over the Internet. It's still there - we get dozens of Code Red attempts every day from a worm that's 2 years old.

Learning lessons from Code Red

Code Red is still going strong. At its peak, one of my company's web servers saw about 13,000 Code Red attempts per day; last week, we saw about 6000 per day. At this rate, it'll be months before Code Red goes away - it may never stop completely. What have we learned from this experience?