Call for papers

SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: editor@securityfocus.com

Infocus: Incidents (Page 2 of 9)   < Prev  1 2 3 4 5 6 7  Next >
Windows NTFS Alternate Data Streams
The purpose of this article is to explain the existence of alternate data streams in Microsoft Windows, demonstrate how to create them by compromising a machine using the Metasploit Framework, and then use freeware tools to easily discover these hidden files.
By: Don Parker 2005-02-16
http://www.securityfocus.com/infocus/1822

Detecting Rootkits And Kernel-level Compromises In Linux
This article outlines useful ways of detecting hidden modifications to a Linux kernel. Often known as rootkits, these stealthy types of malware are installed in the kernel and require special techniques by Incident handlers and Linux system administrators to be detected.
By: Mariusz Burdach 2004-11-18
http://www.securityfocus.com/infocus/1811

Forensic Analysis of a Live Linux System, Pt. 2
This article is the second of a two-part series that provides step-by-step instructions for forensics of a live Linux system that has been recently compromised.
By: Mariusz Burdach 2004-04-12
http://www.securityfocus.com/infocus/1773

Forensic Analysis of a Live Linux System, Pt. 1
This article is the first of a two-part series that provides step-by-step instructions on forensics of a live Linux system that has been recently compromised.
By: Mariusz Burdach 2004-03-22
http://www.securityfocus.com/infocus/1769

Incident Response Tools For Unix, Part Two: File-System Tools
This article is the second in a three-part series on tools that are useful during incident response and investigation after a compromise has occurred on a OpenBSD, Linux, or Solaris system. This installment will focus on file system tools.
By: Holt Sorenson 2003-10-17
http://www.securityfocus.com/infocus/1738

Maintaining System Integrity During Forensics
This article discusses best practices for maintaining system integrity during forensic examinations.
By: Jamie Morris 2003-08-01
http://www.securityfocus.com/infocus/1717

Tracking Down the Phantom Host
This article explains techniques on how to locate a problem host when you are not sure where it is physically located.
By: John Payton 2003-06-18
http://www.securityfocus.com/infocus/1705

Starting from Scratch: Formatting and Reinstalling after a Security Incident
This article will examine the process of starting over, and more specifically, reinstalling after a security incident.
By: Matthew Tanase 2003-05-07
http://www.securityfocus.com/infocus/1692

IDS Logs in Forensics Investigations: An Analysis of a Compromised Honeypot
This paper will deconstruct the steps taken to conduct a full analysis of a compromised machine. In particular, we will be examining the tool that was used to exploit a dtspcd buffer overflow vulnerability, which allows remote root access to the system. The objective of this paper is to show the value of IDS logs in conducting forensics investigations.
By: Alan Neville 2003-03-20
http://www.securityfocus.com/infocus/1676

Windows Forensics - A Case Study: Part Two
This article is the second in a two-part series that will offer a case study of forensics in a Windows environment. This article deals with determining the scope of the compromise, and understanding what the attacker is trying to accomplish at the network level. Along the way, we'll be discussing some tools and techniques that are useful in this type of detective work.
By: Stephen Barish 2003-03-06
http://www.securityfocus.com/infocus/1672

Incidents (Page 2 of 9)   < Prev  1 2 3 4 5 6 7  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus