Andrew Hay

This month The Academy thought that it would be fun to partner up with Hackers for Charity in order to raise money for the people of Uganda. The Academy has offered to donate $1 to Hackers for Charity for every user that registers for a free account at www.theacademy.ca in the month of November. Please let your friends know about this and blog about it. Anything you can do to spread the word would be greatly appreciated. Let’s try to make a substantial donation to charity this month. Thanks everybody!

• Turkish police may have beaten encryption key out of TJ Maxx suspect | Surveillance State – CNET News
  That's one way to do security I guess…
  (tags: security encryption key)
• System Advancements at the Monastery » Blog Archive » Installing Bro IDS 1.4
  I'm always amazed by how much detail goes into these posts. Great post on getting Bro IDS up and running.
  (tags: bro ids security)
• SANS Institute to issue guide to most interesting IT security jobs
  Yay, my job finally made a list
  (tags: jobs security analyst)

Let’s just say that I was pleasantly surprised this morning when I read Richard Bejtlich’s 5 star review of the OSSEC Host-Based Intrusion Detection Guide (review is here). Richard is known to be quite vocal when he doesn’t like a particular book and it sounded like he had a very hard time finding things wrong with our book.

I especially like his comment on his blog about how addictive the OSSEC WUI is. He’s right. I too hit refresh constantly to see what new logs have arrived

I know that lots of people base the purchase of their next book based on Richard’s reviews and Daniel, Rory, and I do appreciate the honest and positive review. Thanks Richard, you’ve made my week!

• SANS Institute – Expanding Response: Deeper Analysis for Incident Handlers
  (tags: analysis incident handlers)
• TippingPoint | DVLabs | MindshaRE: First Things First
  Might as well start at the beginning
  (tags: reverse engineering reversing tippingpoint dvlabs)
• SANS Institute – Tips for Making Security Intelligence More Useful
  (tags: tips security sans institute)
• SANS Institute – Fibre Channel Storage Area Networks: An Analysis From A Security Perspective
  (tags: sans institute analysis fibre san)
• .:[ packet storm ]:. – scapy-2.0.0.10.tar.gz released
  Tool to cook up some packets.
  (tags: scapy packet generation)
• Anton Chuvakin Blog – "Security Warrior": Change!!!
  Looks like Anton is leaving Log Logic. Rumor has it that he's going to try his hand at being a Barista at Starbucks.
  (tags: chuvakin loglogic)
• Shadow Forensics « SANS Computer Forensics, Investigation, and Response
  How to examine data, at different time snapshots during a forensic examination, using Shadow Copy Volume forensics.
  (tags: forensic analysis snapshot examination shadow examine)

• Paper: As the Net Churns: Fast-Flux Botnet Observations | Security to the Core | Arbor Networks Security
  Great post on some fast-flux malware research.
  (tags: malware botnet)
• Jeremiah Grossman: Clickjacking: Web pages can see and hear you
  Good clickjacking demo
  (tags: clickjacking demo security vulnerability hacking web browser browsers)
• Forensic Focus – News – Coming soon: a Canadian cyber-security strategy
  I won't hold my breath. I'm sure it'll be a great idea that will be dropped in favor of saving the whales, or sponsoring "National Vegan Day", or something else of less importance.
  (tags: cyber security strategy canada)
• Network Security Blog » Step by step guide to the DNS vulnerability
  Great post on what the DNS vulnerability actually is.
  (tags: dns vulnerability guide)
• Day 9 – Identification: Log and Audit Analysis
  Marcus makes a good point by reminding us that a 20+ year old problem is still a major problem. Go logs!
  (tags: logging log management audit analysis)