Last Updated: 2007-10-17 21:36:54 UTC
by Johannes Ullrich (Version: 1)
I wrote a little "bloggish" article for a site called "Thinkernet" about see: www.internetevolution.com. The site is not as hard-core security and technical as ISC, but if you like it or dislike it, let me know.
Last Updated: 2007-10-17 15:34:30 UTC
by Deborah Hale (Version: 1)
For those of you that saw my diary on Sunday regarding the ICE Exercise that I participated in while attending the SANS Security 2007 Conference in Las Vegas, I have some new info to share. Our friends at pauldotcom - www.pauldotcom.com/ recorded the event and have taken the recordings and condensed it into a 35 minute audio presentation giving the highlights. I have listened to the recording and I can tell you as a participant it brings back lots of memories of the event and my team mates. If you have some spare time and what some laughs give it a listen.
The audio link is at:
For those of you that missed the original posting you can read the whole story at:
Once again I want to thank Paul Asadoorian and his team from pauldotcom and all of the sponsors and participants for a tremendous experience.
Last Updated: 2007-10-17 14:50:14 UTC
by Mari Nichols (Version: 1)
[welcome our new handler, Mari Kirby Nichols! JBU]
One of the first ways to start a security discussion is with physical security. Yes, I know this is a technical forum, but really, is the system secure physically? Make sure the location can be secured. Utilize some type of locking mechanism to keep the machine safe. This may be a cable lock for a laptop computer or a lock on the CPU case. This is a pretty basic rule, but surprisingly many people forget this essential component of cyber security. One of the ways to increase your information security effort is to combine your program with the physical security department. Have you met with them and pooled your resources? Are you able to obtain audit logs of physical access as easily as you are able to pull up an event log?
Second, remember to configure the administrator password. Most likely the system will come with no administrator password, or a default password common to many systems. Before you go ahead, think about a good password. A good password is long and uses a diverse set of characters, numbers and special characters (~!@#$%^&*()_). One approach to a good password is a pass-phrase. A pass-phrase is a short, easy to remember sentence. No worries, it’s easy. Just think of a phrase that is on your mind like:
No hurricanes for
Your password could be: (Nh4ORF!)
See, the first N is capitalized, lower case h for hurricanes, a numeral 4 = “for”, ORF is the airport code for Norfolk
Here are some other ideas I like:
Use a food or product they like then modify it. Like Roast Beef
Your password would be: (R0@s1b33f)
Use a thing, like a USB Device
Your password would be: usbdevice (uSBd3^1ce)
It’s easy to come up with a complex though easy to remember pass phrase. If you need help remembering your password, just write down a word (hint) that reminds you of the phrase, NOT the password. Next, don’t forget to write down your administrator password and keep it in a safe place (for example a safe, safety deposit box or store it in a sealed envelope with a friend or relative). It makes sense to keep one copy of the password in your safe and another copy off site.
While we on the subject of the administrator account, let’s discuss the idea of having two accounts. While you may need an administrator account to accomplish loading software and making updates, do you really need administrator access to write e-mail and surf? No. So make yourself a regular account without administrator access and use it as your “normal day-to-day” account. Only use your administrator account to accomplish administrative duties.
Well, now that I have droned on about pass phrases and administrative accounts, let's get on to XP Vista specific tips. We would like to hear from you warriors out there in MS land, especially for
XP Tips from one of our Canadian readers:
-install latest patches, and enable Windows Update
-disable file and print sharing, disable DCOM
-turn off several Windows services
-use autoruns and msconfig to disable more stuff
-disable extension hiding and file sharing in Explorer
-secure IE, then install and use Firefox & noscript plugin
-install a firewall (PCTools Firewall Plus, or Comodo)
-install antivirus, antispyware, and Security Task Manager
-install a new hosts file (MVPS, accs-net, yoyo) to block ads and malicious sites
-create and always use an unprivileged account
-if my kids will be using the computer, then I use Microsoft's SRP (Software Restriction Policies)
Vista Tip from Boris:
- Don't turn off UAC (User Access Control). It's annoying sure, but isn't your data and your machine worth that little bit of hassle.