Really Secure E-Mail
To be an effective business tool, e-mail must be controlled so that messages are secure and misuse is minimized. Here, we look at two products for doing just that: One uses digital rights management (DRM) and the other, acceptable usage policy (AUP).
Friday, June 22, 2001
Russian Computer Hacker Indicted in California for Breaking into Computer Systems and Extorting Victim Companies
A federal grand jury today indicted a Russian computer hacker on a host of federal charges for allegedly breaking into computer systems, stealing credit card information and attempting to extort payments from the victim companies for "computer security services."
A federal grand jury today indicted a Russian computer hacker on a host of federal charges for allegedly breaking into computer systems, stealing credit card information and attempting to extort payments from the victim companies for "computer security services."
Wednesday, June 20, 2001
The Emperor's Codes: The role of Bletchley Park in breaking Japan’s secret ciphers
American hi-jacking of history did not start with the film U-571, as Michael Smith makes clear in this sequel to Station X, his revelations about the pivotal role of GCHQ’s Bletchley Park codebreakers in winning the Hitler war. While Alan Turing and his fellow boffins were applying their mathematical genius exclusively to cracking codes like the U-boats’ ‘Shark’ – in line with the Anglo-American agreement to give the European war theatre precedence – the US Navy’s cryptographers were effectively denying their British opposite numbers vital information on the war in their own Pacific ‘preserve’.
American hi-jacking of history did not start with the film U-571, as Michael Smith makes clear in this sequel to Station X, his revelations about the pivotal role of GCHQ’s Bletchley Park codebreakers in winning the Hitler war. While Alan Turing and his fellow boffins were applying their mathematical genius exclusively to cracking codes like the U-boats’ ‘Shark’ – in line with the Anglo-American agreement to give the European war theatre precedence – the US Navy’s cryptographers were effectively denying their British opposite numbers vital information on the war in their own Pacific ‘preserve’.
Monday, June 18, 2001
SANSFIRE
Welcome to SANSFIRE, a SANS conference with an emphasis on Forensics, Investigation, Response and Education. SANS has a tradition of offering theme based conferences to meet special needs of the defensive information community. Often, bringing security workers with a common problem together will result in a number of breakthroughs. Perhaps you recall SANS ID’99, the seminal gathering leading to the advanced intrusion detection techniques we employ today. Now, perhaps you are asking, “why do we need a forensics conference”?What do you do when you detect an unknown pattern on the network? When you see outbound packets leaving your system, how do you determine what process is causing the activity? If your disk light starts flashing furiously and you aren’t running anything, how do you check it out? When the boss directs you to toss one of the organization’s computer systems, how do you go about doing it? System, security, and network administrators need tools and techniques to face these challenges.
We will offer case studies that illustrate exactly how various tools and processes solved common problems, mini-tutorials on seizure, evidence collection, system and network forensics, data recovery, and product selection. Preceding the Technical Program we will offer five days of leading edge, in-depth courses taught by the highest rated teachers in the world, including leaders in forensics.
Welcome to SANSFIRE, a SANS conference with an emphasis on Forensics, Investigation, Response and Education. SANS has a tradition of offering theme based conferences to meet special needs of the defensive information community. Often, bringing security workers with a common problem together will result in a number of breakthroughs. Perhaps you recall SANS ID’99, the seminal gathering leading to the advanced intrusion detection techniques we employ today. Now, perhaps you are asking, “why do we need a forensics conference”?What do you do when you detect an unknown pattern on the network? When you see outbound packets leaving your system, how do you determine what process is causing the activity? If your disk light starts flashing furiously and you aren’t running anything, how do you check it out? When the boss directs you to toss one of the organization’s computer systems, how do you go about doing it? System, security, and network administrators need tools and techniques to face these challenges.
We will offer case studies that illustrate exactly how various tools and processes solved common problems, mini-tutorials on seizure, evidence collection, system and network forensics, data recovery, and product selection. Preceding the Technical Program we will offer five days of leading edge, in-depth courses taught by the highest rated teachers in the world, including leaders in forensics.
Sunday, June 17, 2001
NSA Releases Win2K Security Recommendation Guidelines
The US National Security Agency (NSA) has released a set of guidelines and templates to assist in securing Windows 2000 systems. The materials contain 5 templates to use with Microsoft's Security Configuration Editor, 17 guides to secure various aspects of the OS, and 3 supporting documents with indepth defense coverage and particulars about various popular software packages.
The templates include configuration settings for domain controllers (DCs), domain policy, and server and workstation settings. The guides are available in Adobe Portable Document Format (PDF) and cover a broad range of topics, including network architecture, Group Policy, file and disk resources, Encrypting File System (EFS), DNS, Active Directory (AD), Microsoft IIS, Kerberos, public key infrastructure (PKI), Windows NT and 9x clients, Outlook, and routers.
The US National Security Agency (NSA) has released a set of guidelines and templates to assist in securing Windows 2000 systems. The materials contain 5 templates to use with Microsoft's Security Configuration Editor, 17 guides to secure various aspects of the OS, and 3 supporting documents with indepth defense coverage and particulars about various popular software packages.
The templates include configuration settings for domain controllers (DCs), domain policy, and server and workstation settings. The guides are available in Adobe Portable Document Format (PDF) and cover a broad range of topics, including network architecture, Group Policy, file and disk resources, Encrypting File System (EFS), DNS, Active Directory (AD), Microsoft IIS, Kerberos, public key infrastructure (PKI), Windows NT and 9x clients, Outlook, and routers.
Subscribe to:
Posts (Atom)