SecurityRatty: tag: collect

Logging Poll #6 "Which Logs Do You LOOK At?" Analysis

2008-03-06 15:01:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...collect (see picture showing results from my previous poll below These are Unix/Linux server syslog Firewall logs Web server logs Huh? They are the same - doesn't it just make sense? What are the possibilities here a. People only collect the logs they plan to look at, OR b. People look at logs they collect (duh Strangely, I find a) unlikely;...

Windows Log Collection Poll Analysis

2008-04-02 16:46:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...Collection and Analysis ") was pretty popular (157 responses) and controversial as well; let's analyze it. The results are here and below as well So, what catches your eye first ? Despite the fact that I was trying hard to list most of the tools that collect Windows logs known to humankind (and certainly, I thought I included ALL of the...

Tags: windows, logs, windows event logs, collect windows logs, windows version, remote windows collectors, collect, poll, ignore windows logs

Civilians Ask Whats With All the Privacy Act Kerfluffle?

2008-06-26 21:51:41 by rybolov in The Guerilla CISO

...collected by the Census Bureau when theyll go count everybody in 2010 The Privacy Act talks about the stuff that everybody in the Government needs to know about: how youre going to jail if you disclose this information to a third party. For those of you who have ever been in the military or had to fill out a government form that required your...

Tags: privacy act, privacy act procedures, privacy act deals, privacy act data, privacy, data, data lies, privacy act talks, privacy policy

PCI Data Collection: Your CVV isn't special

2007-08-22 00:00:00 by Manju Mude in Speaking of Security, the RSA Blog and Podcast

...collect and store card data for extended periods of time, for bookkeeping, transmission or customer service needs. Additionally, an extremely limited number of them may even have to collect CVV2 information, to ease the customer experience. PCI is very clear about forbidding the storage of PIN and CVV2 information and most merchants...

Tags: collect cvv2 information, cvv2 information, information, collect, store card data, competitive business edge, encrypt data, audit results, customer experience

Poll: What logs do you actually LOOK at?

2008-02-13 18:29:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...Collect? In other words, are you a log packrat? Are you collecting and never using the log data? You are making a mistake , if you don't Past polls Poll #5 " What are your top challenges with logs? " ( analysis Poll #4 " Who looks at logs in your organization? " ( analysis Poll #3 "What do you do with Logs?" ( analysis Poll #2 " Why collect...

Tags: logs, poll, collect logs, collect, analysis, polls, past polls, deceptively similar, log data

NSA's Domestic Spying

2008-03-26 06:02:18 by schneier in Schneier on Security

...collection, and data mining. The result is essentially the same as Total Information Awareness. According to current and former intelligence officials, the spy agency now monitors huge volumes of records of domestic emails and Internet searches as well as bank transfers, credit-card transactions, travel and telephone records. The NSA receives...

Tags: nsa, data haul, haul, information, transactional information, data, nsa receives, mass data, terrorism information awareness

268,000 donors exposed through stolen Memorial Blood Centers laptop

2007-12-06 14:09:42 by Evan Francen in The Breach Blog

...collect Social Security numbers as part of their blood collection process? I assume that they use Social Security numbers as identifiers, which everyone should know is a "no-no" unless its require by law. I'm no lawyer, so is it required by law Let's say for a second that Memorial Blood Centers is required by law to collect and store Social...

Tags: donors, blood, security, security cameras, store social security, memorial blood centers, donors social security, breach description, blood components

Five stolen Florida Department of Children and Families laptops

2008-01-04 10:12:20 by Evan Francen in The Breach Blog

...Collect the necessary information on the application, enter the information into a secured database, then shred the application If you can't or don't know how to reasonably secure laptops and other mobile devices, then don't use them. If you can't or don't know how to reasonably secure confidential information, then don't collect, create,...

Tags: agency, law enforcement agency, law, confidential information, information, confidential personal information, law enforcement led, laptops, sensitive personal information

Maryland Department of Assessments & Taxation web exposure

2008-01-05 14:02:15 by Evan Francen in The Breach Blog

...collect information from residents over the internet was not adequately secured with encryption leaving some sensitive personal information un-protected while transferred from clients to the Web server Reference URL Washington Times News Story Report Credit Gary Emerling, The Washington Times Response From the online source cited above ...

Tags: maryland, sensitive personal information, personal information, secure server hadhas, server, web application server, application, information, information security

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo