ids

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Just in case you need some help security your IIS based FTP server.
    Securing your FTP Server 101 - Nazim's IIS Security Blog : The Official Microsoft IIS Site
    Tags: ( iis ftp tips )
  2. Sunbelt has a free tool available that will decrypt files that have been encrypted by the Data Doctor 2010 ransomware.
    Sunbelt Blog: Data Doctor 2010 encrypted files: we have a tool for that
    Tags: ( malware tools )
  3. Johannes shares a few handy scripts to have in your toolbelt if you are every faced with a denial of service attack.
    DoS Attack After Action Report - Shell Scripts
    Tags: ( ddos tools )
  4. Not sure yet exactly what this accomplishes. I did it and you get a big list of things you can do, some of which you can easily do in other places and some that appear unique. It will be fun to find out what's in there.
    Get your Windows 7 God Mode Groove On | Security Active Blog
    Tags: ( windows-7 tips )
  5. This list, in many cases, relates to information security like Dilbert relates to working in the corporate world, which is a very sad thing.
    Top 10 Reasons Your Security Program Sucks and Why You Can't Do Anything About It << Amrit Williams Blog
    Tags: ( general )
  6. This looks like something fun to play with, a new entry in the open source IDS/IPS arena.
    System Advancements at the Monastery >> Blog Archive >> Suricata: A Next Generation IDS/IPS Engine
    Tags: ( ids suricata )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Oops. Didn't mean for that super secret list of civilian nuclear sites to be posted.
    Government Accidently Posts Sensitive Nuclear Documents Online -- Government IT Security
    Tags: ( data-leakage )
  2. If you are using Rails 2.3 and performing digest authentication, you need to read this and implement the fix provided.
    Nate's Tumble Log, Security hole found in Rails 2.3's http_authentication.rb
    Tags: ( rails ruby )
  3. Xavier has a nice tutorial on integrating Didier Stevens handy PDFiD tool with Nautilus on a Linux system.
    /dev/random >> Blog Archive >> PDFiD Integration with Nautilus
    Tags: ( pdf pdfid )
  4. If you see visits to these sites in your proxy logs, you have some work to do. Also, if you don't have a proxy or don't look at the logs, you have even more work to do 🙂
    Google Online Security Blog: Top 10 Malware Sites
    Tags: ( malware )
  5. Rich and Adrian are looking for some help with Project Quant. They have a survey up about patch management they would really like for you to participate in.
    TAKE PART IN PROJECT QUANT (please)! << The New School of Information Security
    Tags: ( patching )
  6. If you are in the Atlanta area, the June meeting of NAISG is happening on the 10th. Stop on by.
    June Atlanta NAISG Meeting >> Andy ITGuy
    Tags: ( naisg )
  7. A new release of BASE is available.
    New version (v 1.4.3.1) of BASE available
    Tags: ( ids base snort )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web.

  1. Not only is malware watching what you type, now it is taking screen captures of what you are looking at.
    Bot software peers at victims' screens
    Tags: ( malware botnet )
  2. Once again, failure to effectively secure data on a mobile storage device bites someone in a tender place.
    New Zealand man buys MP3 player with U.S. troop data | Security - CNET News
    Tags: ( breach )
  3. A very nice article about storing passwords securely.
    How To Protect Your Users From Password Theft
    Tags: ( passwords )
  4. Jeremiah is collecting the top web hacking techniques for 2008. This year the winner gets a free pass to Blackhat.
    Jeremiah Grossman: Calling all Researchers! Send in the Top Web Hacking Techniques of 2008
    Tags: ( hacking )
  5. Qualys has release a free e-book titled "PCI Compliance for Dummies." Obviously, registration required, etc. Drazen thinks it's worth a read.
    Hat tip: http://beastorbuddha.com/2009/01/27/pci-compliance-for-dummies-from-qualys/
    e-Book: "PCI for Dummies"
    Tags: ( pci )
  6. Some good advice regarding tap vs span port decisions.
    TaoSecurity: Why Network Taps
    Tags: ( network ids taps )

That's it for today.

Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

-Kevin

Reblog this post [with Zemanta]

{ 0 comments }