Cyber Security Awareness Month

Published: 2009-09-27
Last Updated: 2009-10-01 20:42:42 UTC
by Marcus Sachs (Version: 1)
0 comment(s)

October is Cyber Security Awareness Month, and as we have done the past two years we plan to use our handler diaries throughout the month to conduct a deep dive into various security issues.  In 2007 we covered a large range of subjects based on what our readers submitted as ideas.  In 2008 we took a closer look at the six steps of incident handling.  This year we are going to examine 31 different ports/services/protocols/applications and discuss some of the major security issues plus pass along reader comments on tips and tricks for securing it.

We're still working on our list but here are some examples of what we will be discussing on different days in October:

- telnet (port 23)
- SMB over tcp (port 445)
- ssh (port 22)
- Microsoft Terminal Services (port 3389)
- dns (port 53)

We will publish a complete list of what will be covered on each day shortly.

By the way, Cyber Security Awareness Month has expanded beyond the United States.  Since 2007, Canada also recognizes the month of October for cyber security awareness.  If you know of other countries that are recognizing October as Cyber Security Awareness Month, please pass them to us via our contact form and we'll update this diary to get a more complete list.

Canada:  http://www.publicsafety.gc.ca/prg/em/cbr/index-eng.aspx
United States:  http://www.dhs.gov/files/programs/gc_1158611596104.shtm
 

Marcus H. Sachs
Director, SANS Internet Storm Center

 

Keywords:
0 comment(s)

Use Emerging Threats signatures? READ THIS!

Published: 2009-09-27
Last Updated: 2009-09-27 21:14:32 UTC
by Stephen Hall (Version: 1)
0 comment(s)

For all you who use the signatures supplied by Emerging Threats within your IDS deployment, time to pay attention!

Matt Jonkman over at ET, has announced that they will be making some changes to the way their rules are categorised which will result in you needing to change your configuration.

As these changes come into effect on the 2nd October 2009, if you use these signatures its time to plan what you need to do to keep your IDS doing what you think its doing.

For details, Matt has posted a detailed explanation over on the ET site.

 

0 comment(s)

Comments

What's this all about ..?
password reveal .
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
https://thehomestore.com.pk/
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
https://defineprogramming.com/
https://defineprogramming.com/
Enter comment here... a fake TeamViewer page, and that page led to a different type of malware. This week's infection involved a downloaded JavaScript (.js) file that led to Microsoft Installer packages (.msi files) containing other script that used free or open source programs.
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
Enter corthrthmment here...

Diary Archives