|
|
Call for papers SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: editor@securityfocus.com 
Advanced Log ProcessingReading logs is a crucial part of incident detection and response. However, it is easy for security personnel to be overwhelmed by the sheer volume of logs. This article will offer a brief overview of log analysis, particularly: log transmission, log collection and log analysis. It will also briefly touch upon log storing and archival. 2002-08-01 http://www.securityfocus.com/infocus/1613
Detecting and Removing Malicious CodeCrackers have access to countless variations of malicious code: automated rootkits, trojans, viruses and specific exploits, all designed to breach your security. Detecting and removing these programs can be a daunting task, with little room for error or wasted time. This article will explain techniques readers can use to get their system back on-line and prevent it from happening again. 2002-07-22 http://www.securityfocus.com/infocus/1610
Detecting and Containing IRC-Controlled Trojans: When Firewalls, AV, and IDS Are Not EnoughThis paper discusses IRC-based trojans as a distinctly underestimated class of malicious activity, and how real time security event monitoring is the key to identifying and containing similar compromises. It discusses the general methodology used to discover, track, and stop such malicious activity by presenting a real-world case study. 2002-07-10 http://www.securityfocus.com/infocus/1605
No Stone Unturned, Part FiveThis is the fifth and final installment of a five-part series describing the (mis)adventures of a sysadmin named Eliot and his haphazard journey in discovering "The Way" of incident response. As we left off last time, Eliot had started putting together a toolkit to help with incident response and analysis. 2002-06-25 http://www.securityfocus.com/infocus/1597
Developing an Effective Incident Cost Analysis MechanismOne of the challenges facing security and accounting personnel is to calculate the real costs of security incidents. In this article, SecurityFocus contributor Dave Dittrich discusses the Incident Cost Analysis Modeling Project (I-CAMP), an attempt to develop a workable model for estimating the costs of computer security incidents. 2002-06-12 http://www.securityfocus.com/infocus/1592
No Stone Unturned, Part FourThis is the fourth installment of a five-part series describing the (mis)adventures of a sysadmin named Eliot and his haphazard journey in discovering "the Way" of incident response. 2002-05-27 http://www.securityfocus.com/infocus/1584
No Stone Unturned, Part ThreeThis is the third installment of a five-part series describing the (mis)adventures of a sysadmin named Eliot and his haphazard journey in discovering “the Way” of incident response. As we left off last time, Eliot had just begun compiling a list of tools that would be helpful in incident investigation when he was interrupted by a call from Dave, a sys admin with a branch office on the West Coast. Dave had asked for Eliot's assistance with an apparent incident. Now, having begun an... 2002-04-30 http://www.securityfocus.com/infocus/1574
No Stone Unturned, Part TwoThis is the second installment of a five-part series describing the (mis)adventures of a sysadmin named Eliot and his haphazard journey in discovering “the Way” of incident response. 2002-03-27 http://www.securityfocus.com/infocus/1561
Going to the Source: Reporting Security Incidents to ISPsOnce a security incident has been detected, one of the most effective ways to prevent a recurrence of the attack is to notify the source ISP. However, this is not always as straightforward as it may seem. This article will offer a brief overview of the dos and don'ts, so that security administrators can file effective incident reports. 2002-03-12 http://www.securityfocus.com/infocus/1555
No Stone Unturned: Part OneNo Stone Unturned is a five-part fictional series about a system administrator named Eliot who progresses through several stages on his way toward developing and implementing an incident response policy. The intention is to present this process as a work of fiction based closely on real events. 2002-02-27 http://www.securityfocus.com/infocus/1550 |
|
Privacy Statement |