Tag Archives: sans

Biggest Problem in Computer Security

What’s the biggest problem in computer security, according to valsmith at carnal0wnage.attackresearch.com? Well, it’s…

Staffing.

As the author admits, the post leans toward self-promotion of the company, but it makes many good points and deserves a read and a good pondering.

Continue reading

Advertisements

Leave a comment

Filed under Audit, Security

Free/Cheap Monitoring Tools (SANS)

In case you missed it, the Internet Storm Center had a great post the other day, asking readers:

Continue reading

Leave a comment

Filed under Free, Security

Great Security Cheatsheets (Free)

Lenny Zeltser not only created some great security cheatsheets, he compiled a list of some good reference guides developed by others.

Why should you trust his FREE cheatsheets? Lenny leads a security consulting practice, teaches malware analysis, explores security topics at conferences and in articles, and volunteers as an incident handler at the Internet Storm Center.

So whether you want to learn more about specific security practices or just have a quick reference, you’ll want these cheatsheets.

Continue reading

Leave a comment

Filed under Audit, Free, How to..., Security

Throw Password Rules Under the Bus?

I ran across Tom Olzak’s post where he quotes from an SANS article by Daniel Wesemann, Password rules: Change them every 25 years. I disagree with both of them on a few points.

First, Olzak notes in his introductory paragraph that

Continue reading

2 Comments

Filed under Security

SANS Audit Checklists

The SANS Audit Advice and Resources* website has a free checklists section:

6 VMWare Settings Every IT Auditor Should Know About

5 Things Every IT Auditor Needs to Know About: SSH Configuration

Continue reading

Leave a comment

Filed under Audit, Security

Quote of the Strong (Get Permission)

Since I started Quote of the Weak, I haven’t heard that many good quotes we can share a chuckle over. So, in contrast, here’s a great quote of the strong:

Continue reading

Leave a comment

Filed under Audit, Security

I’m out of town!

When I joined LinkedIn, it was because it was BUSINESS-like and so un-Facebook. As much as I like LinkedIn, it is becoming too much like Twitter and Facebook. Or perhaps it is more accurate to say that LinkedIn features are being used in the same casual manner.

Continue reading

Leave a comment

Filed under Security