It’s Thursday…one day between me and my precious weekend.

Here’s the list:

Webinar: Cross-Site Request Forgery – Free webinar if you’re interested.

For those interested in learning about Cross-Site Request Forgery (CSRF), WhiteHat is hosting a webinar on July 24, 2007 at 11:00 AM PDT. This is about the basics, in and outs, and solutions in straight forward terms. If you want to attend registration is free.

Secret Military Materials Posted to Unprotected Public Servers – This has “good idea” written all over it.

In the latest government scandal that may make you drop your head in your hands and groan, the Feds have accidentally posted critical information to unsecured public FTP servers — critical as in blueprints, aerial photographs, and geographical surveys that could show Iraqi insurgents entry points and weaknesses at key military sites. The Associated Press published their report this afternoon.
The military may know something about secrecy in the trenches, but next to nothing about security on the Internet. They initially refused to release the information, and then unwittingly posted it online, according to AP:

The military calls it “need-to-know” information that would pose a direct threat to U.S. troops if it were to fall into the hands of terrorists. It’s material so sensitive that officials refused to release the documents when asked.

But it’s already out there, posted carelessly to file servers by government agencies and contractors, accessible to anyone with an Internet connection.

Snort Report 7 Posted – Richard has posted his 7th Snort report. These are always a good read for anyone who uses Snort.

In the last Snort Report we looked at output methods for Snort. These included several ways to write data directly to disk, along with techniques for sending alerts via Syslog and even performing direct database inserts. I recommended not configuring Snort to log directly to a database because Snort is prone to drop packets while performing database inserts. In this edition of the Snort Report I demonstrate how to use unified output, the preferred method for high performance Snort operation.

Fun Intrusion Story – “Major network penetrations of any kind are exceedingly uncommon.” …. HAHAHAHAHAHAH.

Here is an enlightening account of a major intrusion investigation of a cell phone network in Greece.

Tina Bird’s Logs and Law Summary – Good reference material.

Here is the most comprehensive summary of all legal, regulatory, policy and other guidance documents that mention logging, created and maintained by none other than Tina Bird, who seem to be back in logland full time 🙂

Do-It-Yourself Forensics – Exceptionally good article from a legal publication.

All over America, vendors stand ready to solve the e-discovery problems of big, rich companies. But here’s the rub: Most American businesses are small companies that use computers — and along with individual litigants, they’re bound by the same preservation obligations as the Fortune 500, including occasionally needing to preserve forensically significant information on computer hard drives. But what if there’s simply no money to hire an expert, or your client insists that its own IT people must do the job?

Misplaced Class Roster Contained Student Social Security Numbers – Wow….just…..wow.

For the second time in as many months, Texas A&M, Corpus Christi is alerting students over the loss of personal information. This latest incident involved the temporary loss of a class roster containing the names and Social Security numbers of the 49 individuals enrolled in A&M-CC’s Business Law 3310 class. The adjunct professor for the class, Terrell Dahlman, immediately notified School of Business officials and class students when he discovered the roster missing. In an e-mail to students, Dahlman asked each student to check their handouts to see if they accidentally picked up the roster. A student, it turns out, did accidentally pick up the roster and returned the roster to Dhalman during the next class. According to Marshall Collins, vice president for marketing and communications, A&M-CC will not investigate this incident further since the roster was returned. When asked about A&M-CC using Socials Security numbers for identification, Collins replied, “All we have to go by is Social Security numbers. It’s one of the fallacies of the system.”