Threat Level: green Handler on Duty: Mark Hofman

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Day 11 - Identification: Other Methods of Identifying an Incident

Published: 2008-10-11
Last Updated: 2008-10-14 15:00:31 UTC
by Stephen Hall (Version: 1)
0 comment(s)

Well, today is Day 11 of the Cyber Security Awareness Month and the last day of Identification.

We have covered in the last few days the more common methods of deciding that an event is actually an incident, including:

  • Events versus Incidents
  • Network-based Intrusion Detection Systems
  • Host-based Intrusion Detection Systems
  • Global Incident Awareness
  • Log and Audit Analysis
  • Using Your Help Desk to Identify Security Incidents

But today, we're interesting in hearing your stories from the field on unusual, interesting, and even funny stories of how you made the decision point of moving from event to incident. Drop us a note via the contact form, and we'll update the diary as we go along

Keywords: Awareness2008
0 comment(s)

Apple Security Update 2008-007

Published: 2008-10-11
Last Updated: 2008-10-11 12:41:45 UTC
by Joel Esler (Version: 2)
0 comment(s)

Posted a couple days ago, Apple Security Update 2008-007, provides fixes for at least 40 different vulnerabilites and bug fixes in OSX.  The software packages that were updated include:

  • Apache (Updates to 2.2.9)
  • Certificates (Updates to root certificates)
  • ClamAV  (Updates to 0.94)
  • ColorSync
  • CUPS
  • Finder
  • launchd
  • libxslt
  • MySQL Server
  • Networking
  • PHP (Updates to 4.4.9)
  • Postfix
  • PSNormalizer
  • Quicklook
  • rlogin
  • Script Editor
  • Single Sign-On
  • Tomcat (Updates to 6.0.18)
  • vim (Updates to 7.2.0.22)
  • Weblog

 

Thanks to those who wrote in.  We appreciate it.  So if you have an OSX Machine, go ahead and start patching.  I've updated 4 machines already with it, and it works fine.

-- Joel Esler http://www.joelesler.net

Keywords:
0 comment(s)
Diary Archives