Suggested Blog Reading – Wednesday August 22nd, 2007

ReadMan what a week so far. It’s been so busy that I don’t have a moment to breath.

Here is the list:

CSFA Test Vouchers – You still have to make your way there but the promise of free vouchers might make it worth your while.

NewsCyberSecurity Institute will be giving away five vouchers for the CyberSecurity Forensic Analyst certification. The vouchers will be good through 2008.

Publication of Hachoir project version 1.0 – Something to check out.

Hachoir is a framework for binary file manipulation: file format recognition, metadata extraction, searching files in any binary stream (forensics), viewing file content with human representation, etc. It’s composed of many components…

UT Determines Stolen Laptop Contained Student Information – Could encryption have helped here? I think so.

While investigating the theft of a laptop stolen from the University of Toledo’s student recreation center in late June, campus police discover that the laptop contained the names and Social Security numbers on at least 30 students and an unknown number of staff members. The university began sending out letters to students and staff letting them know how to protect themselves against Identity Theft. The laptop was stolen from the office of Judith Campbell, the assistant director of the recreation center. According to Ms. Campbell, the office was locked but the door often does not always close. In addition, campus lifeguards often use Ms. Campbell’s office as a shortcut to the stairwell.

Side-Channel Detection Attacks Against Unauthorized Hypervisors – Good articles with some good visual references to drive the point home. I really enjoyed the use of Sesame Street characters 🙂

Your goal as a modern computer system is to stay as close to Oscar the Register as possible. Your goal as a modern computer system is to stay the hell away from Ernie the DRAM cell, as much as possible. Ernie is slow. That’s what Cache Monster is for.

Solaris PCI Audits and other Updates – Some additional checks to ensure your compliant between audits.

Tenable Network Security has released a Solaris audit policy for PCI 1.1 configurations. We’ve also released a new SuSE Linux best practices audit policy and have updated several others. These are all available to Tenable Direct Feed and Security Center customers through the Tenable Support Portal.

Another Presentation: Logs for Information Assurance and Forensics @ USMA – Another presentation posted by Anton. Check it out.

Here is my old presentation “Logs for Information Assurance and Forensics” that I gave at USMA, West Point last year when I was giving a lecture there.

Rubik’s cube solved in 26 moves or fewer – You paid how much for your education and your biggest accomplishment to date is solving how quickly you can solve a Rubik’s cube? Give this guy the Nobel Prize!

Northeastern Computer Science PhD student Daniel Kunkle has proven that any configuration of a Rubik’s cube can be solved in 26 moves or fewer moves. The previous upper bound was 27.

A step-by-step guide to building a new SELinux policy module – For anyone who knew what SELinux conceptually was but was afraid to implement 🙂

A lot of people think that building a new SELinux policy is magic, but magic tricks never seem quite as difficult once you know how they’re done. This article explains how I build a policy module and gives you the step-by-step process for using the tools to build your own.

Vista IR – I still have yet to install Vista but I’m starting to think I should just so I don’t fall behind.

I recently started doing some testing of IR tools on Vista, using Vista Ultimate (32-bit) installed into a VMWare Workstation 6.0 virtual machine.

Part of my testing involved running some tools on Vista to see how they worked, and another part involved mounting the *.vmdk file for my Vista VM using the latest versions of VDK and VDKWin.

Scroll to top