Blog Posts Tagged with "SysAdmin"


Implementing Least Privilege

March 15, 2012 Added by:Ben Rothke

Least privilege is the notion that in a particular abstraction layer of a computing environment every module - such as a process, a user or a program depending on the subject - must be able to access only the information that is necessary for its legitimate purpose...

Comments  (1)


Going Back to the Stack

March 15, 2012 Added by:Wendy Nather

If you have parts of your infrastructure outsourced, go over your contracts with your providers. You want them to be able to give you logs within a few minutes of the request and have the right technical support without fighting your way through first-level script-readers...

Comments  (0)


User Assisted Compromise (UAC)

February 09, 2012 Added by:Rob Fuller

You have to wait for the user to use UAC (this does not work if someone else does, it's only for the current user HKCU). But, as a side benefit, it's a very real form of sneaky persistence as well, as it will execute our evil binary every single time they use UAC...

Comments  (0)


Four Reasons to Use a Vulnerability Scanner

February 01, 2012 Added by:Dan Dieterle

A vulnerability scanner is a tool that can automatically scan your network and the systems connected to it, examining each one for vulnerabilities that could be exploited. Malicious users frequently use scanners to hunt for ways to compromise your systems...

Comments  (0)


Popular Dedicated Linux Distributions and Tools

January 17, 2012 Added by:Bill Gerneglia

There are Linux distributions dedicated to multimedia editing, monitoring, security testing, and basic system administration. Here are some specialized open source Linux distributions that can be used by the IT admins to perform their job with some free sophisticated tools...

Comments  (1)


Separation of Duties for System Administrators

January 09, 2012 Added by:Rafal Los

How do our organizations treat administrators (more specifically highly privileged users) when they are removed from active duty? It seems that in large organizations the issue is easier to at last draw a line around than in smaller orgs - but the problems remain...

Comments  (1)


Data Loss Prevention: Step 2 - Manage Privileges

December 13, 2011 Added by:Rafal Los

Getting back to basics is critical, and one of the most basic of basics is managing the rights to your data, your systems, and your critical operations. Let's take a critical, step-by-step look at how managing privileges can greatly decrease your likelihood of leaking data...

Comments  (0)


Memory Forensics: Pull Process and Network Connections from a Memory Dump

November 23, 2011 Added by:Dan Dieterle

From the output of the command, we see the physical memory location, process name and the PID number of all processes that were running. This helps deduce if something was running that should not have been and allows you to view programs that may be running under the process...

Comments  (0)


Mass Disclosure of Vulnerabilities in SAP

November 22, 2011 Added by:Alexander Polyakov

This month ERPScan specialists published eight vulnerabilities of different criticality found in SAP products. The vulnerabilities represented almost all risks from the OWASP Top 10, from path traversal and XSS to authorization bypass and code injection...

Comments  (1)


IBM AS400 (I-Series) Key Controls for User Accounts

November 09, 2011 Added by:Kevin Somppi

It is impossible to prove that a platform or program has no bugs; however, if you take the time to reasonably test and find the obvious vulnerabilities, and challenge the access which your user community has been granted, you stand a better chance of not being compromised...

Comments  (1)


Why a Data Flow Map Will Make Your Life Easier

October 23, 2011 Added by:Brent Huston

It’s impossible to protect everything in your environment if you don’t know what’s there. All system components and their dependencies need to be identified. This isn’t a mere inventory listing. Adding the dependencies and trust relationships is where the effort pays off...

Comments  (0)


AmEx Secures Website Admin Debugging Panel Error

October 06, 2011 Added by:Headlines

“An attacker could inject a cookie stealer combined with jQuery’s .hide() and harvest cookies which can, ironically enough, be exploited by using the admin panel provided by sloppy American Express developers," Femerstrand explained in a blog post...

Comments  (0)


Optimization: What's a Steiner Tree?

October 05, 2011 Added by:Stefan Fouant

Steiner Tree optimizations are very useful where an ingress PE must send large amounts of data to multiple PEs and it is preferable to ensure that overall bandwidth utilization is reduced, perhaps because of usage-based billing scenarios which require that overall circuit utilization be reduced...

Comments  (0)


Railgun Error Checking

August 30, 2011 Added by:Rob Fuller

One important thing to note about Railgun is that you are querying the API, and just as if you were using C++, the API you are calling just might not be there on the system. So here is a quick trick to find out if a the function (API) that you are trying to call is available to you...

Comments  (0)


Minimum Password Lengths of 15 or More via GPO

August 21, 2011 Added by:Rob Fuller

Also known as "How to practice what we preach". I don't know how long I've been telling clients that they need to have a minimum password length of 15 characters so there is no chance LM will be stored. But I've never tried setting it myself. Well, a client called me out. You can't...

Comments  (0)


SysAdmin Basics: Why Account Management Is Critical

July 31, 2011 Added by:Jamie Adams

Many SysAdmins are distracted by the urge to patch to address vulnerabilities they aren't susceptible to, or to configure their systems with nifty tricks they found or “how-to” website. This urge is rooted in their belief they are a warrior combating the forces of evil in a cyber war...

Comments  (0)

Page « < 1 - 2 - 3 > »