[SecurityRatty] tag: management

Links for 2008-07-03 [del.icio.us]

Thu, 03 Jul 2008 20:00:00 +0000

Correlation is no silver bullet

Thu, 03 Jul 2008 18:22:56 +0000

I talk to a lot of security folks about SIEM and log management, and quite often the conversation turns to event correlation. You can spot the people who've never bought a SIEM product, because they start by saying, "Well, I want to know whenever 'x' happens, and then 'y' happens soon after". Admittedly, the situation they cite is a usually real one, and granted, if you do see 'x' and 'y' happening in reasonably quick succession then, chances are, you have a problem. But it's usually not their biggest problem -- in fact, far from it. My favorite is "the guy swiping his badge in Tokyo and then logging on in New York", which I hear time and time again...

Links List 7.3.08

Thu, 03 Jul 2008 11:51:53 +0000

A “new era for Microsoft” as Bill Gates leaves the company? Paula Rooney on Virtually Speaking says, “it seems fitting that Hyper-V shipped on the same day Bill Gates exited the Windows company.” Will Microsoft also ‘usher in’ open source now that the big man is gone?

Five years in the making, Hyper-V finally ships. Is Microsoft late to the game? Yes, but how much does that really matter? At the recent Gartner infrastructure management conference, an informal poll of the audience showed that something like a third of the room predicted they’d be using multiple virtualization platforms, including Hyper-V and the installed winner, VMware. But wait, Microsoft’s suite of virtualization management tools, System Center Virtual Machine Manager (SCVMM), is sill in beta. Stay tuned.

Accepting the Sun virtualization challenge, Microsoft group product manager, Patrick O’Rourke weighs in on how “Hyper-V can compete with the open source Xen-based alternatives and whether a Windows-only virtualization technology can hack it in today’s increasingly heterogeneous datacenters.” (I just like the title of the blog post…”Virtualization wars: The empire strikes back”)

GroundWork Open Source says (again) it is moving up and playing with the big guys. Here’s an interview with David Lily, founder and CEO. Hmm. What happened to CEO Ranga Rangachari? As far as I can tell, he disappeared somewhere between Nov 2007 and Jan 2008. No announcement that I could find… Wonder how things are going for GroundWork? Are they about to follow QLusters and drop the “Open Source” part of their name that they tacked on a couple years back?

ShareThis

Using ClusDiag for enhanced Windows server cluster reporting

Wed, 02 Jul 2008 20:38:02 +0000

Learn to use some of the reporting capabilities of ClusDiag, Microsoft's free tool for Windows server cluster management, with details on how to capture logs and view cluster reports.

Your 419 Mail Roundup

Wed, 02 Jul 2008 13:11:42 +0000

A handful of scam mails currently in circulation, including one mention of "groundnut oil" that seems so bizarre I had to highlight it in bold text. All this and more, after the jump...
Subject:
FROM THE DESK OF MR. STEVEN JAMES
From:
"Steven James"
Date:
Mon, 30 Jun 2008 19:17:03 +0100
BCC:

FROM THE DESK OF MR. STEVEN JAMES
CHAIRMAN INTERNATIONAL RELATION
FIRST BANK OF NIGERIA PLC
# 1 BANK ROAD WUSE FCT
ABUJA-NIGERIA.
PHONE: +234-80-66520277
Email: stevenjames809@live.co.uk

Very Urgent Attention,

Please permit me to introduce my humble self to you, my name is Mr. Steven James, I am the Manager of International Relation with First Bank of Nigeria Plc, I 'm 38yrs old, and I got your email address from a friend of mine, and my confidence reposed on you. I hope you read this message carefully and reply me immediately. Although we have not met before, but I suggest that this transaction will bring us together.

My dear, we had a customer, a foreigner but base here in Nigeria, his Name was Mr. Hamilton Creek. He is from Atlanta Georgia United State of America, but based here with his wife and his two children, Mr. Hamilton has being banking with us for the past 4yrs and some time in August 2002, Mr. Hamilton was on his way to his house, and unfortunately ran into a Trailer load of Groundnut Oil, and died   immediately, Their car got burnt, no single soul was saved, Mr. Hamilton Creek and His entire family was confirmed dead.

My Board of Directors and the Management of First Bank has mandated and instructed me to look for Mr. Hamilton Creek? Relation(s) and his Next of Kin to come and claim his fund, Since August 2003 till date, I have been looking for his relation's or his next of Kin to come and claim his fund which he Deposited with our bank, I have contacted his Embassy and after 3days, his Ambassador told me that Mr. Hamilton Creek has no relation and no next of Kin, their Ambassador told me that he used his first son as His next of kin, but it is quite unfortunate that Mr. Hamilton Creek Died with all his family members.

The reason why I contacted you is thus, Mr. Hamilton is dead, and his only son who supposed to inherit his properties and money also died with him. As at this moment, nobody or person[s] is coming to   claim this Money from our bank. The Board of Directors and management of our bank told me that if nobody or person[s] apply for the claim of Mr. Hamilton Fund, the bank will return the entire Fund into our Federal reserve. In the Light of the above, I want you to stand as the next of kin to Late Mr. Hamilton Creek; it might interest you to know that he had a Domiciliary Bank Account with our Bank and he has a total sum of US$9.2M Nine Million Two Hundred thousand Dollars, this is the exact amount which he had in his domiciliary account before the ugly incident occurred, and this money is still in his account as unclaimed money.

This transaction is very easy and simple, and it is 100% risk free, I'm the Manager for International Relations with First Bank of Nigeria Plc, and the Management and Board of Directors of the Bank are waiting for me to provide to them the Relation or next of Kin to late Mr. Hamilton Creek, of which I told them that I am still searching the next of kin to the deceased. Finally, if you are interested with this transaction, I will front you to the bank as the only next of kin to late Mr. Hamilton Creek, and I will let the bank know that you are the only right person to inherit Late Mr. Hamilton Funds and properties. If you are interested, just email me or call me on my   direct and private line#: +234-80-27536038 and late Mr. Hamilton's Funds will be credited into your account and all his Properties will be released to you either through Courier Services or the Bank will Cargo all his properties to you in any were you want it.

So reply me immediately and feel free to ask any question with regards to this transaction. You will take 50% of the US$9.2M. Which is? US$4.600, 000.00 Four Million Six Hundred Thousand Dollars, while the Balance of the same amount will be mine.

Your swift response will be highly appreciated.

Thanks and have a nice day.

Friendly Regards

Mr. Steven James

*******************************************************************************************

Subject:
REPRESENTATIVE NEEDED
From:
DFS SALES LTD UK
Date:
Tue, 01 Jul 2008 23:00:55 +0800
To:
undisclosed-recipients: ;

COMPLIMENT OF THE DAY TO YOU.

I am PETER WOODS from DFS SALES LTD UK.(
Website: www.dfs-online.co.uk ) Visit our site

We are into furnitures and we sell shares to people in
Canada,America, Australia and Europe.

We are in need of a book keeper. someone who can represent our company
in his/her country.

Our client in your location will contact you and make the company
payment to you.

You will be entitle to 11% of every payment been made out to you.

This is because most of our officer are from china and they do not

understand english very well.its hard for them to contact our
customers.

Our head office is located in CHINA. But we have a sub-office in the
uk.

If you are interested, Kindly send the entries for more understanding.

NAME IN FULL :.........
COMPANY NAME: .....
POSITION:......
FULL ADDRESS: .......
CITY/TOWN:........
STATE:............
ZIP CODE:........
COUNTRY:.......
MOBILE:.......
HOME TEL: .....
EMAIL ADDRESS: ........
OCCUPATION: ...........
BANK NAME :.......
AGE:............

You are to send the above details to

NAME : PETER WOODS.
EMAIL : dfs_woods@yahoo.co.uk
PHONE NUMBER : +44-704-575-0212

HOPE TO HEAR FROM YOU

*****************************************************************************************

To:
undisclosed-recipients:;

Good day!!!

We have been waiting for you since to contact me for your Confirmable Bank Draft of ?18 Million (Eighteen Million Pounds sterling) but we did not hear from you since for a couple of weeks now. Then we went to the bank to confirm if the draft that expired or getting near to expire and Metropolitan Police Uk told us that before the funds will get to your hand that it will expire.So I told him to cash the ?18 Million (Eighteen Million Pounds sterling) to cash payment to avoid losing this fund under expiration as I will be out of the country for a 6 Months Course.

What you have to do now is to contact FED EX COURIER SERVICES as soon as possible to know when they will deliver of your funds to you because of the expiring date. For your information we have paid for the delivering Charge Insurance premium. The only money you will send to the FED EX COURIER SERVICES to deliver your cheque direct to your postal Address in your country is ?250.00 being Security Keeping Fee of the Courier Company so far. Again don't be deceived by anybody to pay any other money except ?250.00 for the Security Keeping Fee.We would have paid that but they said no because they don't know when you will contact them and in case of demurrage. You have to contact FED EX COURIER SERVICES now for the delivery of your Draft with this
information below:

CONTROLLER: Mrs.Helen Williams
NAME: FED EX COURIER SERVICES
ADDRESS: fedexofficeuk@gmail.com
PHONE NUMBER: +447024080684

IF YOU ARE THE OWENER OF THE FUNDS AND YOU WILL SEND YOUR INFORMATION TO US SO THAT WE CAN DELIVERY YOUR FUNDS TO YOU WITHIN THE NEXT 84HRS TIME.IF YOU DO NOT RECEIVED YOUR FUNDS WITHIN THE NEXT 72HRS TIME AND YOU REPORT US THE UK FBI AND THE METROPOLITAN POLICE (SCOTLAND YARD) or YOU CONTACT YOUR LAWYER TO TAKE UP PROCEDURES AGAINST US.

Let me repeat again try to contact them as soon as you receive this mail to avoid any further delay and remember to pay them their Security keeping fee of ?250.00 for their immediate action. The FED EX COURIER SERVICES don't know the contents of the funds. This is to avoid them delaying with the funds.

Thanks as you contact them today.

Yours Faithfully

Mrs Helen Williams.

(The above actually comes with a nifty graphic that they've thrown in, thinking it makes it all look more legitimate. It doesn't, but here it is anyway):

....altogether now: oooooh. A slightly shorter 419 roundup than usual, but I'm sure I'll have piles of the things next week.

Follow-Up Webinar on Information Risk

Wed, 02 Jul 2008 10:18:37 +0000

Hey everybody! Quick post this morning to let you know you guys and Cisco have been kind enough to want us to give a follow on WebEx presentation that builds on the content from the first webEx we just did. And so we’re going to be doing that on July 31, 2008 at 11:30 a.m. EDT. The link to sign up is <<>>. Note that the last preso was really well attended, filling the slots Cisco gave us.

We’re calling this part II - and it’s being advertised as:

“How to conduct a risk analysis and produce a high impact deliverable to senior management.”

With topics:

The life-cycle of a quantitative risk analysis
Key control opportunities against targeted attacks
Getting senior management to understand the risk posed to the business

I got to do the Q&A backchannel on the last presentation, and there were great questions asked. I think this presentation will be even more exciting, as it’ll cover both analyst and management considerations.

If you’re a regular reader of the blog, I don’t think you’ll have to have attended the last one for this one to be worth your while.

REPEAT PERFORMANCES OF THE FIRST WEBEX ARE AVAILABLE

We’ve had a some folks who attended the original WebEx ask us to do a “private” performance for just their infosec group and/or other members of their organization (like audit and ERM).

We’ve been given the OK to do these provided that there are a minimum of 5 attendees. Leave me a comment to this post if you’re interested (be sure to include your email in the submission - it won’t be made public but we’ll need it to contact you to set this up), or just email me: alexh -shift2- riskmanagementinsight:dot:com.

And if you missed it the first time, the playback of the first preso is here, and the slides are here.

A primer on the Exchange Server 2007 Exchange Management Shell

Wed, 02 Jul 2008 06:40:33 +0000

Don't be wary of the Exchange Server 2007 Exchange Management Shell (EMS). Get an introduction to basic EMS commands and how to use them in this tutorial.

Surprise! Users ignore security policies.

Wed, 02 Jul 2008 05:39:06 +0000

If users still don't understand their role in protecting information, and if they regularly perform actions that violate policy, what steps has management taken to change attitudes and habits?

Links for 2008-07-01 [del.icio.us]

Tue, 01 Jul 2008 20:00:00 +0000

Sybase iAnywhere bolsters mobile device security

Tue, 01 Jul 2008 20:00:00 +0000

Sybase iAnywhere is beefing up its Afaria mobile-device management software by adding antivirus and firewalling capabilities.