Blog Posts Tagged with "Networks"

69dafe8b58066478aea48f3d0f384820

Making the Case for State-Sponsored Cyber Warfare

December 19, 2010 Added by:Headlines

Richard Stiennon's latest publication, Surviving Cyberwar, presents a decisive case study and evidence that the specter of cyberwarfare is not merely theory, but is in fact actively being employed as a strategy...

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Complete PCI DSS Log Review Procedures Part 4

December 16, 2010 Added by:Anton Chuvakin

Event logging and security monitoring in PCI DSS program go much beyond Requirement 10. Only through careful data collection and analysis can companies meet broad requirements of PCI DSS...

Comments  (0)

A966b1b38ca147f3e9a60890030926c9

Addressing the Post-Stuxnet Landscape

December 16, 2010 Added by:Chris Blask

In the shadow of Stuxnet it is no longer diligent for Control System operators to put off addressing the issue of computer-based attacks on their systems. Neither is it realistic to expect Control System operators to introduce the level of uncertainty intrinsic in securing the Controllers..

Comments  (3)

0f57a863af3b7e5bf59a94319a408ff7

Security Benefit and Operational Impact or the "Illusion of Infinite Resources"

December 14, 2010 Added by:Enno Rey

When taking security decisions of whatever kind (e.g. for/against a certain control) one should always consider two main parameters: the security benefit of some action (“how much do we gain with regard to security/to risk reduction?”) and the operational impact or effort (“how much does it cost us opex-wise?”).

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Complete PCI DSS Log Review Procedures Part 3

December 13, 2010 Added by:Anton Chuvakin

Many pieces of network infrastructure such as routers and switches are designed to log to an external server and only preserve a minimum (or none) of logs on the device itself. Thus, for those systems, centralizing logs is most critical...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

How Much Malware Do You Have?

December 08, 2010 Added by:Brent Huston

If your network has even a dozen servers and is complex at all, monitoring can become a daunting task. There are tools and techniques available to help in this task, though. There are log aggregators and parsers, for example...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

Using Temporary Files in Linux Scripts Securely

December 07, 2010 Added by:Jamie Adams

Some sysadmins who write scripts might store sensitive data in temporary files, don't restrict access to temporary files, and might forget to remove them from the system when they are no longer needed. In many cases, they use them when it isn't even necessary...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Three Changes in Crimeware You Can Count On

November 28, 2010 Added by:Brent Huston

The capability and dependence on crimeware as an attack model is growing. The attacks from the next generations will have a much longer tail and will come in a series of waves and lulls, making detection more difficult and extending the time window of control for the attackers...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

LISA 2010: Sysadmins Discuss Virtual Mentorship

November 23, 2010 Added by:Jamie Adams

There are system administrators focused on different operating systems, cluster specialists, network administrators, database administrators, system virtualization managers, and even security administrators. Our field also seems to have as many specialists as the medical community...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Legislation to Give DHS Power Over Private Networks

November 19, 2010 Added by:Headlines

Proposed legislation in the House of Representatives would give the Department of Homeland Security new authority to enforce cyber security standards aimed at shoring up private sector computer networks considered critical to national security...

Comments  (0)

Page « < 1 - 2 > »