Oh Friday…how I love you!

Here’s the list:

General: China taking on U.S. in cyber arms race – Is this the rebirth of the Cold War?

China is seeking to unseat the United States as the dominant power in cyberspace, a U.S. Air Force general leading a new push in this area said Wednesday.

“They’re the only nation that has been quite that blatant about saying, ‘We’re looking to do that,”‘ 8th Air Force Commander Lt. Gen. Robert Elder told reporters.

Elder is to head a new three-star cyber command being set up at Barksdale Air Force Base in Louisiana, already home to about 25,000 military personnel involved in everything from electronic warfare to network defense.

How to enable EFS context menus – All you Windows users…pay attention 🙂

One solution to help reduce the risk for stolen data is to use Windows Encrypting File System (EFS). We’ve already covered before how to use EFS to encrypt a file or folder, and in this simple registry hack, we’ll show you how to make it easier for you to encrypt and decrypt files and folders by adding the Encrypt and Decrypt options on the context menus in Windows Explorer.

EventLog Analysis – Great introductory article by Harlan on Windows Event Log Analysis.

But what about actual Event Log analysis? What about really using the Event Log to get some insight into activity on the system? What can we look for and how can we use it?

Here are some tidbits that I’ve come across and use…please don’t consider this a complete list, as I hope that people will contribute. This is just to get folks started….

DropMyRights: Running programs safely as an admin – Interesting utility. I like the concept.

DropMyRights is a free command-line utility, developed by Microsoft, to help users who must run as an administrator run applications in a much-safer context. In a nutshell, it takes the current user’s token, removing various privileges, and then using that token to start another process, such as Internet Explorer or Outlook.

No wars are won through awareness… – I see both sides of the argument but I personally believe that awareness training should be introduced at the same time that the security measure is implemented.

In security, as in life, one is forced to make certain choices, certain trade-offs on how they focus their time and energy. If one is able to mass unlimited resources, one could come as close to fault tolerance and a secure position as is possible. But in the real world of IT one is faced with limited resources, whether they be knowledge, time, people, money or access to technology. I think it’s great that one can arm themselves with a Sun Tzu Art of War quote-a-day desk calendar and make declarations about how one would actually secure a complex, globally distributed network and how focusing efforts on user awareness training will fend off Mongol hordes riding against our golden palaces, but that is just not realistic.