[SecurityRatty] tag: undesirable

File Integrity Monitoring: Secure Your Virtual and Physical IT Environments

Mon, 25 Aug 2008 09:00:00 +0000

(Source: Tripwire) Looking for a File Integrity Monitoring Solution? With the numerous servers, devices and applications organizations rely on to support their everyday business, outages and security breaches due to poor IT configurations are unacceptable. In addition, many organizations must now prove compliance with standards like PCI DSS designed to protect systems and sensitive data. File integrity monitoring solutions minimize security risk resulting from undesirable configuration change by monitoring, detecting, and reconciling changes to key files throughout the virtual and physical IT infrastructures.

Learn how file integrity monitoring solutions work and the capabilities you should expect your solution to have. Then review a detailed checklist you should complete before purchasing your solution. Finally, discover how Tripwire Enterprise effectively combines file integrity monitoring with configuration assessment-a single configuration control solution that proactively assesses and monitors the IT infrastructure and enables organizations to achieve and maintain compliance with standards and regulations.

Maybe she should switch to unich? Get it?

Tue, 22 Jul 2008 09:19:48 +0000

Found this in one of the groups I belong to at Eons.
Go ahead, forward it to the lil wife.

clipped from www.eons.com

Dear Tech Support,

Last year I upgraded from Boyfriend 5.0 to Husband 1.0 and noticed a distinct slowing down in overall system performance, particularly in the Flower and Jewelry applications, which operated flawlessly under Boyfriend 5.0. In addition, Husband 1.0 uninstalled many other valuable programs, such as Romance 9.5 and Personal Attention 6.5, and then installed undesirable programs such as NBA 5.0, NASCAR 3.0 and Golf 4.1.

'The' DNS Issue of 2008

Wed, 09 Jul 2008 22:54:02 +0000

It’s been a day since the public announcement, so by now you’ve probably heard about the DNS issue. The bug was found earlier this year, but the discoverer (Dan Kaminsky) and team worked fervently with leaders of the technology industry to create patches for all platforms before the big announcement. And- kudos to them all for keeping zipped lips until the problem could be contained (despite all the heckling and harassing).

You can find out a little more right now- I’m including some links below for you to read more.

If you don’t know what DNS is or why you care, see the bottom of this post for a little background info.

As for the real deal on disclosure- you’ll have to wait for Black Hat in August. I’ll be there, along with other members of the Security Bloggers Network (a (non-exclusive but highly visible and well-respected) security bloggers channel for Black Hat and RSA). I’m sure you’ll see *plenty* of post-Black Hat blogs, tweets and podcasts recapping the story.

Hear the buzz…
Dan Kaminsky’s (discoverers) site
US Cert Vulnerability Note
InformationWeek Article: Security Community Comes Together
Rich Mogull helps spread the word to CIOs
Heise Securiy Blog: Nice overview
Wall Street Journal

What is a DNS Server? DNS are servers throughout the Internet (and inside networks) that resolve domain names (ie www.SecurityUncorked.com) to the IP address of the hosting server. The idea is, if you can trick a DNS server, your request for ESPN.com may just take you to a malicious site where you’ll be immediately infected with a virus, malware or other undesirable creepy Internet-bred monster. They’ve found a bug that could be exploited to do just that.

What do we do? It’s not the end of the world. For now, know that almost all DNS servers need to have a patch installed to protect them from this vulnerability. It’s pretty universal and every manufacturer is on board and offering a patch as of yesterday, July 8th.

# # #

OpenDNS shows off collaborative Web filter

Tue, 19 Feb 2008 11:00:00 +0000

The service is intended to help users and system administrators block sites that might be dangerous or undesirable, as well as helping users find their way around the Internet.

Managing Audit Thrash

Mon, 08 Oct 2007 15:04:00 +0000

Ages ago, a computer science professor of mine spent several weeks of an operating systems design course talking about virtual memory management and paging strategies. One of the goals of a good paging strategy was to avoid "thrashing"... the undesirable state in which the kernel spends more time swapping pages in and out of physical memory than it spends doing real work.

This "thrash" seems like a pretty good way to describe much of what I see IT shops going through with their various compliance initiatives. PCI. SOX. HIPAA. All of the time they spend responding to security audits leaves them with precious little time to get any real work done. Audit Thrash.

Now don't get me wrong... security audits aren't fundamentally bad. In fact, when done right I've seen them add a lot of value. It's just that we need a strategy for managing the workload they create so we can get back to getting some real work done.

Perhaps the most important first step is to start auditing against your own consolidated controls framework. This controls framework should be the central repository for everything you do for security. It should cover every regulation you're subject to, your organization's security policy, and the controls that your customers and partners require you to implement.

Similar controls should be cross-referenced and consolidated into a single control. The main objective in designing your controls framework is to eliminate as much redundancy and overlap as possible without losing any controls information. The value is in the consolidation and cross-referencing, not in the raw number of controls created.

Every security audit from this point forward should be conducted against that framework, and the results should be documented in a way that makes it easy to cross-reference them to your framework. Subsequent audits will be able to leverage that information, resulting in a lot less net-new audit work each time around.

What's the Snag Behind the Spyware

Wed, 01 Aug 2007 15:28:00 +0000

What's the Snag Behind the Spyware

The concept behind the technology of spyware is that, a number of advertising companies take interest to install tracking software into the computer system, that illusions to call it host with aims to use all internet connections, get statistical or other information data to what they will claim "home" attesting assurance of company's security policies not to collect sensitive data for confidentiality, and with full promise to establish continuity of anonymity.

However, it is an establish fact that the PC functions as a "live" server that is open for any kind of information disseminations with or without the consent of the server; bottom lining the fact, there is always a risk for any transfer of any information even those covered by protection policies between the advertiser and the so called "mothership." In the end just as nobody would wish, it will be sending assimilated data that might escape the benefit of payment from the PC database.

Although spyware and adware could be two in one to front probable interference to the server's privacy, spyware could stage sole manipulation to indulge deeper in affecting the users privacy, prompting slow-down computer's effectiveness, windows' pop-ups of undesirable ads, and spam e-mails.

Several media companies are perennially seeking ways to eliminate large expense for web development and internet costs; but instead, tend to pay part of their revenue solicitations from reputable brands' banner sales to host servers by installing reputable piece software by way of so called "piggybacking," or tricking methods as the Trojan horse technique, installing some "rogue" anti-spyware program, eluding detection of its being a disguised security software.

A spyware no adware technology is an advertising copyright itself, can stand without having to do with any adware's vulnerability threats. The so-called "Web accelerator" or helpful software agents: Example, the Bonzi Buddy (quoted from: Wikipidea), targeted to children: "He will explore the internet with you as your own friend and sidekick. He can talk, walk, joke, browse, search, e-mail and download like no other friend you've ever had! . . Best of all, it is FREE."

This piece of copyright text is so deceptive for unknowingly, motives behind depict to pursue some ends in order to evade something that will disrupt the mobility of cash flow of the mother host.

Why is Spy ware Deceptive?

1. It does not self-replicate; instead, it invades infected computers for commercial gains purposes.
2. It monitors Web browsing activity (sales strategy) and routes of all HTTP to advertising agencies.
3. Delivery of pop-up advertisements
4. Theft of Credit and Identification card numbers in relation to the notorious identity theft around.
5. Spyware gets into the system by exploitations of other software vulnerability.

The Effects of the Spyware upon the Use of the Computer

There are so many complicated effects that are induced by spyware. It may not even be detected as an obvious virus infection, but comes in, a core factor of ineffective results of computers' performance; like network traffic, disk usage, CPU malfunction which may be mislead to be a PC crash, and finally resolving to replace the whole system with a new one.

The demand for technical support and assistance is another recourse for badly spyware-infected computers. Another option is to have a thorough "cleanup" of the whole system. It needs massive reinstalling on software in order to revitalize as new.