SEARCH RESULTS
 
Showing 1-10 of 34 records
 
Expand article

Anton Security Tip of the Day #15: Fear and Loathing in Event 560 (and 562 and 567)

The Article has images
2008-05-08 13:37:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...Anton Security Tip of the Day #15: Fear and Loathing in Event 567 This tip digs into a seemingly simple, but really VERY esoteric subject: monitoring file access and modification via a Windows event log. Now, some people - who never studied this subject - tend to have a very simplistic view of this: just enable Object Access auditing, then...
 
Tags: text file, 0testbedsimple text file, audit file access, file access, simple text file, event, access, file, anton security tip
 
 
 
 
Expand article

Anton Security Tip of the Day #14: More accesslog Fun: What Are You Not GETting?

2008-03-12 13:35:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...Anton Security Tip of the Day #14: More access log Fun: What Are You Not GETting In this tip, we will look at some bizarre artifacts that show up in web server access logs today. Here we have a production log from an Apache web server that is full of interesting (and sometimes ominous!) little mysteries that we will investigate in order to...
 
Tags: web server, server, web, web browsers, security, web discussion board, anton security tip, fun, modern apache
 
 
 
 
Expand article

Anton Security Tip of the Day #16: Virtually There - Journey Into VMWare ESX Log Analysis

2008-08-25 12:11:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...Anton Security Tip of the Day #16: Virtually Screwed - Journey Into VMWare ESX Log Analysis CISecurty guide for VMWare ( here ) and DISA STIG for virtual machines ( here ) both mandate collection and analysis of VM platform logs; none goes into enough details on what to look for in logs. Let's try to shed some light on security-focused log...
 
Tags: vmware, vmware esx, analyze vmware logs, analyze, vmware esx logs, esx, security tip, anton security tip, user
 
 
 
 
Expand article

Admins , Good Guys or "I am NOT an Idiot!"

The Article has images
2008-07-29 15:19:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...Anton up to? Isn't it kind of OBVIOUS that controls are for everybody?" Controls know no good/bad! For example, a network control, say a NIPS, will block malicious web access due to a typo in a URL (by - gasp! - a good guy) or due to determined malicious hacking I think a few of my readers have watched one too many "Batman" movies and have...
 
Tags: terry childs, childs, guys, admins, terry childs story, bad boss, boss, underneath management, management
 
 
 
 
Expand article

Links for 2008-01-29 [del.icio.us]

2008-01-30 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Anton Chuvakin, Chief Logging Evangelist with LogLogic Dr. Anton Chuvakin from LogLogic has agreed to be interviewed by the Security Laboratory and we certainly thank him for his time! He is probably the number one authority on system logging in the world, and his employer is probably the leading vendor for l Schneier on Security: Security...
 
Tags: security laboratory, security, security versus privacy, privacy, anton chuvakin, money delivery service, sans technology institute, fundamental dichotomy, political rhetoric
 
 
 
 
Expand article

Sexing up the logs

2008-04-03 04:00:00 by Stuart King in Stuart King's Security and Risk Management Blog
 
...Anton Chuvakin. His latest blog is on the "top eleven reasons to hate logs." I recommend reading back through Anton's archive - there's a wealth of good guidance. Let's remember that we don't "do security" just for the sake of compliance. Compliance is a side-effect of having a well planned security governance regime. The top level objectives...
 
Tags: logs, logs enables, security event logs, security, review logs, perform security functions, log, log output, information security events
 
 
 
 
Expand article

Links for 2008-05-08 [del.icio.us]

2008-05-09 00:00:00 by Editor in Anton Chuvakin Blog -
 
Anton Chuvakin Blog - "Security Warrior": Anton Security Tip of the Day #15: Fear and Loathing in Event 560 (and 562 and 567
 
Tags: anton security tip, anton chuvakin blog, security warrior, fear, day, event
 
 
 
 
Expand article

Is that black box technology?

The Article has images
2008-06-22 23:32:31 by HASH0x8bfce84 in StillSecure, After All These Years
...Anton has a short to the point post up about a conversation he had with someone recently. The bought a "security appliance" (and I use that term loosely) that is just off the shelf hardware with Linux/BSD and some security software. The vendor however refuses to give the customer who bought the frigging box the root password! Root password is...
 
Tags: black box, box, root password, security software, security appliance, term loosely, anton, shelf hardware, support people
 
 
 
 
Expand article

At SANSFIRE 2008 in Washington, DC

2008-07-22 19:01:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...Anton Chuvakin, GCIA, GCIH, GCFA Wednesday, July 23rd, 2008 * 12:30pm - 1:15 pm Want to learn all the embarrassing mistakes and pitfalls that await you on the path to log management nirvana? Attend "'Worst Practices' of Log Management" presentation by LogLogic's Logging Evangelist Dr Anton Chuvakin that covers all the things that can go wrong...
 
Tags: log management, log management nirvana, log management solution, worst practices, practices, anton chuvakin, chuvakin, lunch, loglogic lunch