Suggested Blog Reading – Saturday April 14th, 2007

Suggested Blog Reading – Saturday April 14th, 2007

ReadI’m planning a lazy Saturday this weekend since I spent two days last week driving for 12 hours each day. Perhaps I’ll catch up on some reading :)

The reading…
When IPS isn’t enough

Yesterday I blogged about how useful IPS tech is and today I’m going to blog about how it isn’t enough. How’s that for being conflicted!

White House Missing Five Million Emails

The White House has “lost” roughly five million emails from 2003 to 2005, according to a report (.pdf) yesterday by watchdog group Citizens for Responsibility and Ethics in Washington (CREW).

FISMA Dogfights

Imagine if FISMA was the operational theme guiding air combat. Consultants would spend a lot of time and money documenting American aircraft capabilities and equipment. We’d have a count of every rivet on every plane, annotated with someone’s idea that fifty rivets per leading edge is better than forty rivets per leading edge. Every plane, every spare part, and every pilot would be nicely documented after a four to six month effort costing millions of dollars. Every year a report card would provide grades on fighter squadrons FISMA reports.

The Forensic Felons: The Next Generation of Cyber Thieves

The new thieves care less about quiet entrances because they intend to meticulously clean the crime scene before they leave. They’re not just covering their tracks—they’re erasing them.

U.S. Government Contractor Injects Malicious Software into Critical Military Computers

This is just a frightening story. Basically, a contractor with a top secret security clearance was able to inject malicious code and sabotage computers used to track Navy submarines.

When is a security researcher (white hacker) a journalist?

The analogy is that a journalist uncovers fraud, mis-use, bad quality, etc in products, one example is poisonous food for cats informs the public, is he liable to being sued for damages by the company making the food?

Notes On Vista Forensics, Part One and Part Two

In part one of this series we looked at the different editions of Vista available and discussed the various encryption and backup features which might be of interest to forensic examiners. In this article we will look at the user and system features of Vista which may (or may not) present new challenges for investigators and discuss the use of Vista itself as a platform for forensic analysis.

House-trash party girl blames ‘hackers’

An English teenager whose house was trashed after she posted a party invite on MySpace has blamed computer hackers for the gatecrashing debacle.

An example of why human effort is helpful when assessing web applications

It can take some digging to discover if you’ve successfully injected any code into a web application. I was using the ALL-FUZZ-STRINGS that comes with Suru (added additional strings from sources like ha.ckers.org XSS Cheat Sheet) to run through a list of popular input validation attacks.

More info on the Windows DNS RPC interface vulnerability

Some more information for the community regarding the Windows DNS RPC vulnerability that we have been reporting on http://isc.sans.org/diary.html?storyid=2627. We have knowledge of a successful attack that occurred on April 4, 2007. This appears to be an opportunistic attack (instead of a targeted attack).

Dungeons and Dragons and Networks

This editorial on Dungeons & Dragons & Networks talks about how the boundaries present in both network troubleshooting and the D&D play format promote creativity, while tasks with less boundaries are more difficult.

Mainstream Media is Figuring Out The Industries New Disclosure Dilemma

We’ve all debating the legal and ethical issues, but it doesn’t change the fact that we’re going to lose the canary-in-the coal-mine aspect of information security. Does that mean we’re going to have to rely on compliance rather than community peer review? Eeesh!

Top 10 IT priorities at the DoD

The U.S. Department of Defense is expected to spend an estimated $23.5 million this year on IT — the most of any federal agency — according to market research firm Input.

Windows Sec and User Tools

There are few tools that I would like to try out but it is only available on Windows platform. Guess I need to install Windows in VMware for testing. I haven’t really touch anything on Windows lately except for Windows Server 2003.

Written by Andrew Hay


Website:

  • http://windowsir.blogspot.com H. Carvey

    Andrew,

    I've been looking through your previous "suggested reading" posts, and so far, this one has had the most that has grabbed my attention! Thanks for this kind of blogging…it's very helpful!

    Harlan
    Author: "Windows Forensic Analysis"