?

Log in

[icon] Information Security
View:Recent Entries.
View:Archive.
View:Friends.
View:Profile.
You're looking at the latest 10 entries, after skipping 10 newer ones.
Missed some entries? Then simply jump back 10 entries or forward 10 entries

Security:
Subject:Social Engineering Again
Time:03:37 pm
USB Thumb Drive Social Engineering Stunt
comments: 2 comments or Leave a comment Share

Security:
Subject:OSVDB LJ RSS syndicated feed fixed
Time:02:33 pm
FYI, the OSVDB LJ RSS syndicated feed is now fixed, and named osvdb_rss

You know, http://www.osvdb.org/ - The Open Source Vulnerability Database


x-posted
comments: Leave a comment Share

Security:
Subject:encryption algorithm
Time:03:45 pm
Does anyone know of a tool that will tell you what encryption algorithm was used to encrypt an application?

This is not for any devious means. Apparently someone "forgot" to mention what algorithm he used before leaving work.
comments: 15 comments or Leave a comment Share

Security:
Subject:Needed: some ISS NIDS manuals
Time:12:15 am
I am on a quest for some ISS NIDS manuals, specifically on the Realsecure Siteprotector Version 7 for a box I am trying to figure out the alerts on.

Any thoughts?

TIA!!



x-posted
comments: 2 comments or Leave a comment Share

Security:
Subject:Weird Windows Password Situation
Time:11:08 am
Maybe one of you can suggest something here. I'm not finding much yet, possibly because I'm not finding it easy to define precise search terms for.

In short: One of our users here no longer requires a password to login. That is, he gets the normal login box (for the NT domain) that asks for his login and password, but it accepts anything you put in the password box, even a blank password.

Once he's logged in, he can successfully access network resources on servers around the network with his normal rights, whether he entered his usual password, a totally random password or left the password box blank when he logged in.

Changing / resetting his password doesn't fix the situation.

Needless to say, I'm not really thrilled about this development.

His workstation is running XP Pro SP2. The authentication servers are running NT 4.0 SP6a. The servers he's successfully logging in to once authenticated are running various things.
comments: 4 comments or Leave a comment Share


[weev]
Security:
Time:03:14 pm
http://weev.livejournal.com/193178.html

thinking out loud about authentication schemes.

would appreciate input/thoughts.
Share

Security:
Time:03:50 pm
If I wanted to give someone a link to a quick, concise document that introduces basic principles of Operational Security, what would you recommend? It should be business focused, not government. Also it should hit all the major points; door locks, shredding, challenging unknown persons, keycard/ID badge security, etc.
Any help is mucho gracias.
comments: 1 comment or Leave a comment Share

Security:
Time:11:25 pm
I wonder if anyone saw this already and what do you think of it?

-----------------------------------
BP takes 18,000 laptops off LAN
And plugs them securely into the net...

Energy group BP has shifted thousands of its employees off its LAN in an attempt to repel organised cyber criminals.

Rather than rely on a strong network perimeter to secure its systems, BP has decided that these laptops have to be capable of coping with the worst that malicious hackers can throw at it, without relying on a network firewall....
--------------
full article http://software.silicon.com/security/0,39024655,39156608,00.htm

comments: 2 comments or Leave a comment Share

Security:
Subject:The future of IA
Time:11:57 am
What do you think the future of infomraiton assurance holds for us? Where will we be in 5, 10, or 20 years?
comments: 28 comments or Leave a comment Share

Security:
Subject:LJ CSS attack
Time:02:08 pm
http://blogs.washingtonpost.com/securityfix/2006/01/account_hijacki.html
comments: 1 comment or Leave a comment Share

[icon] Information Security
View:Recent Entries.
View:Archive.
View:Friends.
View:Profile.
You're looking at the latest 10 entries, after skipping 10 newer ones.
Missed some entries? Then simply jump back 10 entries or forward 10 entries