Suggested Blog Reading – Sunday April 15th, 2007

ReadWell today was the first day back at the gym since I hurt my foot and I must say it felt good to get out and get moving. Now for the suggested reads…

Student charged with hacking school computers

A Mauldin High student has been charged with violating the state Computer Crime Act, after telling police he accessed personal data in the Greenville County school district’s computer network to show the district how easy it is to do, according to a warrant and incident report.

Who Moved My Packet?

Getting up at 4:30 am on a Sunday morning in order to chase down packets is not my idea of fun. Unfortunately that is exactly what I found myself doing today.

XMagic to Find Processes

Brendan Dolan-Gavitt wrote in and pointed me to his fine collection of XMagic definitions. With the help of these patterns and a config file (Brendan provides a sample) FTimes can pull some information about processes from a memory dump.

Drive Encryption

One of the challenges posed by Vista to traditional forensic analysis is the use of BitLocker to encrypt data on the hard drive. However, this really isn’t any different from other similar technologies such as PGP, etc., that already allow encryption of files, partitions, or drives.

Exaggerated Insider Threats

In brief, this report defends the insider threat hypothesis only in name, and really only when you cloak it in “organizational ineptitude” rather than dedicated insiders out to do the company intentional harm.

Dear Mr. Blizzard

It’s not that I don’t trust my wife and kids, it’s that I don’t trust the Internet. 99% of the stuff my family needs to do doesn’t need admin privileges. WHY DOES WARCRAFT III?

Free WiFi in Airports and Public Hotspots

Recently while traveling I noticed a hot spot and wanted to surf the internet. Once I connected to the AP I had seen that they wanted to charge me $8 per day to surf the internet. I thought that was just too much money for a quick internet connection, and my layover between flights was about 3 hours. I decided to see what I could access while connected to there AP.

Packet Fragmentation

Many people associate fragmented packets with an attack against a network. While that is quite often true, it is not always the case.

Data Storage Must Be Secured to Protect Privacy

Often times privacy breaches occur because the access controls are not configured appropriately for databases, or inadequate processes weren’t even established to protect data within the network perimeter. Too many organizations still focus almost all of their efforts on securing the typically highly fuzzy and porous perimeter to the exclusion of other highly vulnerable areas. Many incidents can be prevented by putting more attention and time to securing the data storage areas.

Compliance is a Business Issue

Annual loss expectancy (ALE) is the yearly cost of security breaches to a company, including fines for non-compliance, which is calculated by taking the single loss expectancy (SLE) and multiplying it by the number of occurences in a year (ARO = Annual Rate of Occurence). If ALE exceeds the cost of securing against ALE, why bother, right?

Scroll to top