Last Updated: 2009-10-01 20:42:42 UTC
by Marcus Sachs (Version: 1)
October is Cyber Security Awareness Month, and as we have done the past two years we plan to use our handler diaries throughout the month to conduct a deep dive into various security issues. In 2007 we covered a large range of subjects based on what our readers submitted as ideas. In 2008 we took a closer look at the six steps of incident handling. This year we are going to examine 31 different ports/services/protocols/applications and discuss some of the major security issues plus pass along reader comments on tips and tricks for securing it.
We're still working on our list but here are some examples of what we will be discussing on different days in October:
- telnet (port 23)
- SMB over tcp (port 445)
- ssh (port 22)
- Microsoft Terminal Services (port 3389)
- dns (port 53)
We will publish a complete list of what will be covered on each day shortly.
By the way, Cyber Security Awareness Month has expanded beyond the United States. Since 2007, Canada also recognizes the month of October for cyber security awareness. If you know of other countries that are recognizing October as Cyber Security Awareness Month, please pass them to us via our contact form and we'll update this diary to get a more complete list.
Marcus H. Sachs
Director, SANS Internet Storm Center
Last Updated: 2009-09-27 21:14:32 UTC
by Stephen Hall (Version: 1)
For all you who use the signatures supplied by Emerging Threats within your IDS deployment, time to pay attention!
Matt Jonkman over at ET, has announced that they will be making some changes to the way their rules are categorised which will result in you needing to change your configuration.
As these changes come into effect on the 2nd October 2009, if you use these signatures its time to plan what you need to do to keep your IDS doing what you think its doing.
For details, Matt has posted a detailed explanation over on the ET site.