Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Episode Fifteen: End Game
This is the fifteenth and final episode in SecurityFocus's popular series, "Chasing the Wind". In the last episode, Baseball Cap, spotted by federal agents, had taken flight. Several hundred miles above the Earth's surface, a killer satellite closed in on its target, a United States Intelligence satellite. Ian, the aspiring hacker, was confronted by two OSI agents. Jake continued to investigate Merv's computer for clues to Merv's incarceration. And Douglas wrestled with a weighty moral dilemma.
The Devil You Know: Responding to Interface-based Insider Attacks
It is estimated that up to eighty-five percent of intrusions are perpetrated by insiders. This article will examine how response teams can detect and investigate interface-based insider attacks. It is also hoped that the article will provide the basis of incident response policies for responding to and investigating insider attacks that exploit interface-based vulnerabilities.
Episode Fourteen: A Bird in the Hand
This is the fourteenth episode in SecurityFocus's popular Chasing the Wind series. As we left off last time, Jake was puzzled that one of the boxes on his network seemed to have been used to compromise a major project, Baseball Cap was on the run, and Douglas considered a unique application of the Bellatrix supercomputer. Meanwhile, as Ian started to suspect that someone might be onto him, OSI agents started to put the pieces together in their investigation.
Episode Thirteen: Cabbages and Kings
Jake sat at the incarcerated Merv's terminal and scratched his head. The military security people had told him that this box was sending bursts of (presumed) classified data to an undisclosed location in another country. Okay, except that this segment of the network had no physical attachment to the secured net. In fact, the segment into which this box was plugged wasn't even on his network map. That was a little disturbing, but not entirely surprising , since the data telecomm documentatio...
Incident Management with Law Enforcement
Working with law enforcement may be the most interesting and challenging part of the computer security professional's job. This article will offer an overview of dealing with law enforcement agencies in security incident handling. It will offer some suggestions that will help to make private sector involvement with the cyber-police satisfactory and effective for both sides.
Appropriate Response: More Questions Than Answers
One of the issues that the Security community must wrestle with is how to respond to detected incidents. The discussion has been contentious - with two major camps emerging from the crowd - the first can be considered Defenders, the second can be considered Digilantes, or digital vigilantes. This article will take a look at both camps, including the appropriateness of each form of incident response.
Episode Twelve: The Serpent's Tooth
This is the twelfth installment in the popular Chasing the Wind series. As we left off last time, Ian was scrambling to notify the appropriate people of an unexpected discovery. Douglas was titillated by an unexpected discovery of his own. An analyst at Defense Intelligence Analysis Center had detected a troublesome message that was being sent to Global Technical Products, AG in the Netherlands. Meanwhile, Col. Briggs had sent a message to Bob at Acme Ailerons that simply read: Red Licorice ...
Freeware Forensics Tools for Unix
This article will offer an overview of some basic steps to take when gathering data using three popular freeware forensics tools for the Unix platform: TCT, TCTUtils, and Autopsy. These tools, when used together, offer a comprehensive solution for forensic data gathering.
Episode Eleven: Fire and Brimstone
This is the eleventh installment in the popular SecurityFocus series, Chasing the Wind. As we left off last time, Jake was trying to crack a target server in his hands-on hacking class. Following a disappointing trial of the Bellatrix project, Douglas had entered some new parameters with some potentially interesting results. In the midst of scanning Acme Ailerons' network, Ian had come across some suspicious traffic. Meanwhile, in Anatolia, a small mysterious satellite could be seen st...
How to Design a Useful Incident Response Policy
A security policy acts as an informed guide for an organization's information activities. Good policy can help an organization manage its security risks better by providing structure, sensible rules and recommendations. This article will offer readers an overview of a specific type of security policy: the incident response policy. The incident response policy allows organizations to establish proper procedure and protocol in the case of an incident in order to minimize the damage caused by an...