| This Month:
Forensics
on the Windows Platform, Part 1
This article, the first in a two-part series about
forensics on the Windows platform, will examine the
preparatory steps that can be taken by both
investigators and system administrators alike.
While this series is concerned with
Windows-specific investigations, this article will
examine some basic, non-technical concepts that are
applicable to all forensic investigations. Source:SecurityFocus.com
Fact-finding
mission
Resum© puffery
ranges from inflations to untruths. But a verified
paper trail and tactics such as technical
drill-downs and panel interviews can confirm the
context and depth of skills, integrity of
responses, and openness of communication. Source: NetworkWorldFusion
Prevent
social engineering
Experts recommend providing security awareness
training on at least a quarterly basis to keep
security ideals fresh in users' minds. Concepts on
social engineering - what it is, and how to prevent
it - should be a mainstay of your training. Source:ITWorld
Best
Practices for an XP Desktop Deployment
This downloadable Webcast provides the best
practices to plan and prepare for an XP desktop
deployment of Microsoft© Windows XP Professional
and Office XP. It examines the requirements for
deployment and provide the steps necessary for
desktop migration. The download file is 148Mb and
requires Windows Media Player 6.x or greater.
Source: Microsoft.com
Using
Windows XP Professional with Service Pack 1 in a
Managed Environment
This white paper provides information about the
communication that flows between components in
Windows XP Professional Service Pack 1 (SP1)
and sites on the Internet, and how to limit,
control, or prevent that communication in an
organization with many users. The white paper is
designed to help you, the administrator, plan
strategies for deploying and maintaining Windows XP
Professional SP1 in a way that provides an
appropriate level of security for your
organization©s networked assets. Source: Microsoft.com
Forensics
and Your Exchange Server
If you had to provide computer data in response to
a subpoena, how would you go about it? Tape backups
often aren't acceptable; even though they contain
the same data, the data is in a different physical
form and thus isn't an exact bit-for-bit
representation of the data on disk. For the same
reason, files copied from the targeted server to
another server usually won't suffice. In this
article Paul Robichaux takes a look at a few tools
that make a true copy of your data so prosecutors,
government agencies, and the US courts accept the
results. Source: Windows & .NET Magazine
Credit
card-size hard drive can hold 5GB
StorCard announced its plans to release a credit
card sized removable storage device that can hold
from 100Mb to 5GB of data. A spinning wheel made of
Mylar is engaged when the card is inserted into a
StorReader, a USB-connected drive or PC Card that
reads and writes to the StorCard. The reader is
expected to retail for under $100 and the cards for
under $15 each. The StorCard and StorReader are
scheduled to become available in the second half of
2003. Source: PCWorld
Test
Piracy: The Darker Side of Certification
Stealing questions, changing test results, taking
tests for someone else and unauthorized use of
materials during testing are some of the daring,
illegal and unethical actions becoming more
commonplace as individuals attempt to achieve
unearned certifications. The problem has become
epidemic, and serious efforts are underway
throughout the industry to combat it. But
here©s the bright side: Today?s piracy efforts
for the most part are juvenile, occur infrequently,
remain unorganized and have occurred in an
environment of trust and developing technology.
With industry-wide support and organization, along
with new tools and industry commitment to
protecting the value of certification, these piracy
efforts can be countered Source: CertMag
Network
Security: Best Practices
Believe it or not, best practices in network
security begin with a top-down policy. The levels
of responsibility need to be understood, and that
implies that security is everyone's job, as each
employee understands how he or she contributes to
the organization. Best practices in network
security are more about the what and why
of securing the organization's information assets
than about the how. It is possible to
unmuddy the waters by starting with a three-step
framework that will aid in establishing a
"best practices" network security
program: Prepare, organize and execute. Let's take
a look at each piece of this framework in more
depth. Source: ComputerWorld
Hackers
Humble Security Experts
A hacking group called Gobbles whips up virus
hysteria and distributes a destructive Trojan horse
program. Despite the mischief, some say hacking
groups like Gobbles keep security pros honest.
Source: Wired
Ten
Web Vulnerabilities to Watch
The Open Web Application Security Project (OWASP)
has compiled a list of ten serious security
vulnerabilities commonly found in Web applications.
This list was created to focus government and
industry on the most serious of these
vulnerabilities. Web application security
vulnerabilities are highly exploitable and the
consequence of an attack can be devastating. These
vulnerabilities represent an equivalent magnitude
of risk as network security problems, and should be
given the same degree of attention. Using this
list, organizations can send a message to web site
developers that "we want you to make sure that
you won't make these mistakes." Source OWASP
Instant
Insecurity: Security Issues of Instant Messaging
Instant
messaging services are becoming an increasingly
popular form of communication, both in the personal
and the professional spheres. This paper will
describe instant messaging and offer a brief
overview of some of the security threats associated
with the service. Source: SecurityFocus.com
Attention
to Detail is the Great Divider
The key factor in network administration is
attention to detail. The following Real Problems
© Real Solutions article is based on the top 10
tips submitted by Carl Fransen. Carl raises some
very good points and to help administrators we
added some extra information and links to
supplement the original submission. Source: Microsoft
TechNet
Silver
Health Scams Spread Online
Doctors
nationwide are reporting a surge in silver
poisoning cases. Despite modern medicine and a ruling
by the Food and Drug Administration that such
remedies are ineffective, companies selling silver
remedies have resurfaced online in recent years,
hawking their products as a cure-all for everything
from cancer to herpes. Investigators from the FDA
and FTC periodically surf the Net to search for
bogus health claims and send websites letters
warning of potential prosecution if they don't tone
down their assertions. But for every site the
government shuts down, another pops up. Source: Wired
.NOT
In a letter released to Microsoft Certified
Partners and Microsoft Gold Certified Partners,
Microsoft has announced that Microsoft Windows .NET
Server 2003 will be changing to Windows Server
2003. Microsoft is making an effort to clarify the
naming and branding strategy for .NET. "As
support for Web services becomes intrinsic across
our entire product line, we are moving toward a
consistent naming and branding strategy to better
enable partners to affiliate with this strategy and
customers to identify .NET-enabled products."
This is a naming change, and does not affect the
functionality of the product in any way.
Release is still scheduled for April 2003. Source:
http://winxp.bink.nu/
Closing
the Floodgates: DDoS Mitigation Techniques
To be on the receiving end of a distributed denial
of service (DDoS) attack is a nightmare scenario
for any network administrator or security
professional. With these challenges in mind, this
article will explore some techniques that systems
administrators and security professionals can
employ should they ever find themselves in this
situation. Source: SecurityFocus.com
Take
Care When Disabling Windows' Default Shares
Many users, very reasonably, are concerned about
the overall security of networked computers. To
provide what they feel is the highest possible
level of security against outside attacks, they
disable some (or all) of the default shares that
Windows creates on server and client computers.
Some third-party security software products even
automate disabling default administrative shares as
part of their security solution. However, disabling
default shares has a major downside. Products such
as SMS, Microsoft Operations Manager (MOM), and
many third-party systems management tools depend on
the existence of the default shares for proper
operation. A little knowledge about these default
shares and how to properly manage them can help you
avoid problems. Source: Windows & .NET
Magazine
.NET
Deployment Guide
The Microsoft .NET Framework represents a new
paradigm in software development, and Information
Technology (IT) professionals will be faced with
the task of managing and deploying these new
applications and components in their pre-existing
infrastructure. This .NET Deployment Guide provides
information and guidelines for deploying
applications and components based on the Microsoft
.NET Framework. The guide offers detailed
descriptions of the processes involved in a
successful rollout of a .NET application, as well
as links to documentation that direct readers to
additional information. Source: Microsoft.com
Exchange
2000 in the Enterprise: Tips and Tricks Part One
In this two-part article we will discuss an
alternate configuration in which we will utilize
Microsoft's Internet Security and Acceleration
(ISA) Server, a third party SMTP Gateway (Trend
Micro's Internet Messaging Security Suite) and
Exchange 2000. This sort of configuration is
flexible enough to be used in smaller installations
that do not use a DMZ, or as part of the DMZ
configuration itself. Source: SecurityFocus.com
Windows
Forensics: A Case Study, Part 1
This article is the first in a two-part series that
will offer a case study of forensics in a Windows
environment. This installment will offer a brief
overview of the detection and analysis of an
attack incident. The second installment will look
at continue to look at network traffic analysis
techniques and will resolve a hypothetical attack
scenario. Source: SecurityFocus.com
Using
Neural Networks To Beat Hackers
By combining
the behavioral and computer sciences, a
Washington-based startup believes it has created
the ultimate anti-hacker system.
Source: EarthWeb
Past Archives
| 2003 |
| January |
February |
March |
| April |
May |
June
|
| July |
August |
September |
| October |
November |
December |
|
| 2002 |
|
|
| 2001 |
|
|
|
|
