Day 11 - Identification: Other Methods of Identifying an Incident
Well, today is Day 11 of the Cyber Security Awareness Month and the last day of Identification.
We have covered in the last few days the more common methods of deciding that an event is actually an incident, including:
- Events versus Incidents
- Network-based Intrusion Detection Systems
- Host-based Intrusion Detection Systems
- Global Incident Awareness
- Log and Audit Analysis
- Using Your Help Desk to Identify Security Incidents
But today, we're interesting in hearing your stories from the field on unusual, interesting, and even funny stories of how you made the decision point of moving from event to incident. Drop us a note via the contact form, and we'll update the diary as we go along
Apple Security Update 2008-007
Posted a couple days ago, Apple Security Update 2008-007, provides fixes for at least 40 different vulnerabilites and bug fixes in OSX. The software packages that were updated include:
- Apache (Updates to 2.2.9)
- Certificates (Updates to root certificates)
- ClamAV (Updates to 0.94)
- ColorSync
- CUPS
- Finder
- launchd
- libxslt
- MySQL Server
- Networking
- PHP (Updates to 4.4.9)
- Postfix
- PSNormalizer
- Quicklook
- rlogin
- Script Editor
- Single Sign-On
- Tomcat (Updates to 6.0.18)
- vim (Updates to 7.2.0.22)
- Weblog
Thanks to those who wrote in. We appreciate it. So if you have an OSX Machine, go ahead and start patching. I've updated 4 machines already with it, and it works fine.
-- Joel Esler http://www.joelesler.net
Comments