16 Dirty Security Secrets
Also: breaking into a VPN; rootkit protection, more
Courtesy of the Ambersail Infosec Roundup blog, here are 16 oft-used explanations
as to why a company has a security issue: http://blog.ambersail.co.uk/wordpress/?p=128
No doubt youll have heard every one of these at least once, and
many far more times than youd like to admit. The real test is whether
you still get such answers from the people you work with/for!
Breaking into a VPN
Here's an interesting article that discusses the common problems VPN gateway
configurations suffer, and how that information can be exploited by criminals
to gain entry: http://www.heise-security.co.uk/articles/75265
Weve already seen a surge in VPN breaches and have kept it on our
watch-list for several weeks now. While this article doesnt teach
any new techniques, it may be a reminder to criminals that VPN gateways
are viable entry points.
Six Rootkit Detectors Protect Your System
InformationWeek has done a reasonable
review of six popular rootkit detection programs: F-Secure BlackLight,
IceSword, RKDetector, Trend Micros RootkitBuster, RootkitRevealer
and -- the winner -- Rootkit Unhooker, a freeware tool from Russia.
As InformationWeek points out, the origins of Rootkit Unhooker
certainly warrant a pause. In our own experience, the best thing to do
when looking for a rootkit is to use several tools -- the more you use
the more likely you are to find everything. Theres no guarantee
that everything will be identified as malicious, but several of the tools
are good at explaining common false positives.
This column was originally
published in our weekly Security Watch newsletter. To
subscribe, click here.
AOL Phisher Faces 101 Years in Jail
Jeffrey Goodin, 45, awaits sentencing on June 11, 2007 after becoming
first person to be convicted by a jury of operating a sophisticated phishing
scheme under the 2003 U.S. Can-Spam Act. The sentence can be as stiff
as 101 years in federal prison.
The Californian has also been convicted of wire fraud, unauthorized use
of credit cards, misuse of the AOL trademark and attempted witness harassment.
By the looks of things, Goodin stands a good chance of getting an appropriate
sentence for his crimes.
Role of DBA to Insider Threats and Regulatory Compliance
an excellent article on the problems database administrators face
with respect to complying with various regulations. The article goes into
reasonable detail with suggestions and ideas that can help you understand
both the problems you face as a result of insufficient tools, as well
as effective approaches. Well worth the read, for both DBAs and IT security
Russ Cooper is a senior information security analyst with Verizon Business, Inc.
He's also founder and editor of NTBugtraq, www.ntbugtraq.com,
one of the industry's most influential mailing lists dedicated to Microsoft security.
One of the world's most-recognized security experts, he's often quoted by major
media outlets on security issues.