|
 |
dilluns, 13 / juny / 2005 |
[Forensic Focus] The Forensic Chain of Evidence Model explica una metodologia per a la recol·lecció de proves als ordinadors involucrats en incidents de seguretat, considerant l'existència de diversos registres d'activitat enllaçats.
This paper suggests that administrators form a new way of conceptualizing evidence collection across an intranet based on a model consisting of linked audit logs. This methodology enables the establishment of a chain of evidence that is especially useful across a corporate intranet environment. Administrators are encouraged to plan event configuration such that audit logs provide complementary information across the intranet. Critical factors that determine the quality of evidence are also discussed and some limitations of the model are highlighted.
|
07:24 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
[ComputerWorld] What to ask when evaluating intrusion-prevention systems... els elements bàsics que ha de complir un bon sistema de prevenció d'intrusions.
An intrusion-prevention system (IPS) is part of an overall security strategy to protect your network from attack. The IPS literally prevents an attack by blocking bad stuff, such as viruses or malformed packets, from getting into the company network
Sitting directly behind the firewall, the IPS examines in detail all the traffic passed by the firewall, reassembles it and "scrubs" it where necessary (removing any attempts at obfuscation or evasion) and compares it to a database of known attack patterns.
This brings us to the first and biggest difficulty faced by anyone when evaluating IPS products -- how effective is the detection mechanism? Asking vendors these questions can help you decide which IPS is right for your company.
(...)
I can't stress enough the need for a thorough bake-off in your own network. It's likely to be very different from a test lab environment and may throw up some very interesting challenges for the vendors.
|
07:12 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
[El Pais] Democracia prohibida en los 'blogs' chinos de MSN
Los usuarios chinos del servicio de Microsoft para la creación de weblogs no podrán utilizar en él términos como 'democracia', 'manifestación', 'libertad' o 'derechos humanos'. Quienes intentan hacerlo obtienen como respuesta el mensaje: "Este objeto no de contener palabras prohibidas ni blasfemias". MSN Spaces se suma así movimientos similares realizados por Google o Yahoo! para complacer a las autoridades chinas.
|
07:02 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
© Copyright 2003-2005 Xavier Caballe.  . Si no s'indica expressament el contrari, el material publicat en aquest weblog es distribueix d'acord amb la llicència Creative Commons. El contingut és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.
|
 |
 |
 |
 |
Contingut actualitzat
Categories
Darrers comentaris
Arxiu
Contingut antic
(ja no s'actualitza)
Versions anteriors
d'aquesta pàgina
|
 |
 |
 |
 |
|
