Category: Secure Administration

Are You Secure? Ten Signs That Your Security Program is Doing Pretty Well

Security is a process. It’s an evolving process that when mature, has certain qualities about it. Here are ten signs that your security program is at a decent point of maturity. A new critical security advisory is released and you

Posted in Dialogue, Incident Response, Secure Administration, Secure Design, Standards, Systems Hardening

The Immutable Friday Fav Five for September 9, 2011

Here are the five links that I found interesting for this week: The Shadowserver foundation is comprised of a group of volunteer security professionals who gather information about Internet-based crime. One of the more interesting projects is a compilation of

Posted in Computer Crime, Dialogue, Incident Response, Intrusion Detection, Log Analysis, Research, Secure Administration, Secure Design, Standards, Systems Hardening Tagged with: ,

Don’t Swallow the Blue Pill Just Yet

Virtualization is a quickly growing area in IT right now. The prospect of running dozens of virtual servers on one physical server is most appealing. As long as licensing costs don’t eat up too many of the savings, it really

Posted in Computer Crime, Risk Management, Secure Administration, Systems Hardening Tagged with:

The Security Diplomat

I have a dirty little secret. It doesn’t have anything to do with the NSA, a leaked memo or pink leotards. But it’s a secret just as earth-shattering, just as awe-inspiring and just as potentially devastating as any other well-hidden

Posted in Dialogue, Risk Management, Secure Administration, Secure Design

My 2011 Advice: New Threats Don’t Matter

Everyone is doing it. Whenever the new year rolls around, security bloggers feel the urge to predict the year ahead. We invent new acronyms like APT (Advanced Persistent Threat), talk about mobile malware shutting down communications networks and warn about

Posted in Secure Administration, Secure Design

Using Logrotate With Centralized Log Servers

Logrotate is a fantastic little utility for, well, rotating logs. It has several options available. It can rotate by date, file size, set specific owners on rotated files, and it even gives you the capability to run pre and post-rotate

Posted in Log Management, Secure Administration

OSSEC In the Enterprise: Wednesday, May 19, 2010

For those that did not see me at the Rochester Security Summit last year, and who would like to see me present my OSSEC in the Enterprise presentation, I will be giving it again at the ISSA Ft. Worth chapter

Posted in Intrusion Detection, Log Analysis, Secure Administration, Secure Design Tagged with: ,

When Insecure Really Isn’t

Encrypted is good. Clear-text is bad. AV is good. Not having AV is bad. Those are the messages we have been receiving and teaching for some time now. And while they do contain sound security advice, it is important to also

Posted in Secure Administration, Secure Design Tagged with: ,

An Analysis of the Analysis of the Apache.org Attack

Over at the Apache blog, you’ll find a nice and detailed incident report on the recent, successful attack on Apache.org. I thought it might be worth a few minutes to share my thoughts on their write-up. First, I would like

Posted in Computer Crime, Ethics, Incident Response, Intrusion Detection, Log Analysis, Secure Administration, Secure Design, Systems Hardening Tagged with: , ,

Five Things to Monitor During a Layoff

Letting people go is rarely a feel-good experience. Even if everything goes smoothly, there are always human emotions involved, and those emotions make some people unpredictable.  It’s important, therefore, to make sure extra attention and detail is paid to certain

Posted in Computer Crime, Intrusion Detection, Secure Administration