ISS Advisor Update
From: marky (markynospam_at_issadvisor.com)
Date: 07/15/03
- Previous message: Mathieu Pagé: "Hight sevurity environement"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 15 Jul 2003 11:09:31 -0400
Here are some good security information links on an open ISS community web
site. This information is geared towards the Internet Security Systems’
Dynamic Protection platform, but can be applied generically to all
security platforms.
** New Walk-thru on Evolution of IDS. Gives great detail on how IDS engines
work, including Snort and most IDS/IPS technologies. It demystifies many of
the SECURITY ALGORITHMS that are being used.
http://www.issadvisor.com/viewtopic.php?t=207
Whitepapers:
Dynamic Protection: Transitioning from reactive to proactive security
http://www.issadvisor.com/viewtopic.php?t=60
Modern GSM Insecurities . Using a GSM enabled phone? Good background on the
security capability of GSM networks.
http://www.issadvisor.com/viewtopic.php?t=119
All Patched Up? The Dangers of Dynamic Content (SQL Injection)
http://www.issadvisor.com/viewtopic.php?t=125
Powerpoint Presentations:
Hackers and Hybrid Threats
http://www.issadvisor.com/viewtopic.php?t=116
Dynamic Protection Deployment Strategy
http://www.issadvisor.com/viewtopic.php?t=115
SQL Injection. 3 parts. The first part discusses the basics of how to test
web applications for SQL injection vulnerabilities. The second part goes into
the specifics of how to manually identify and test for SQL injection
vulnerabilities. And the third part describes how to exploit SQL injection to
retrieve data from the database.
http://www.issadvisor.com/viewtopic.php?t=123
Selecting an Managed Security Service (MSS) Partner
An overview on the MSS business and what services to look for.
http://www.issadvisor.com/viewtopic.php?t=67
Security Fusion Module
Combining security events to optimize what gets escalated.
http://www.issadvisor.com/viewtopic.php?t=83
Security Tutorials:
ISS SiteProtector 2.0 - Security Information Management (SIM). While these
tutorials focus on ISS Site Protector, this could be applied to other
SIM technologies.
Tutorials include Installation Tutorial, Asset Configuration Tutorial, Report
Generation Tutorial, Peer-2-Peer (P2P) Policy Creation Tutorial *VERY GOOD*,
Gambling and Adult Site Policy Creation, and Automated Email Reporting and
distribution.
http://www.issadvisor.com/viewforum.php?f=35
Opinion pieces:
Vulnerability Disclosure Guidelines. Vendors need to be held accountable.
http://www.issadvisor.com/viewtopic.php?t=41
Anti-Virus Fails against SQL Slammer Worm. Antivirus companies are not open
about this fact.
http://www.issadvisor.com/viewtopic.php?t=118
ForeScout’s honeypot. What are some of the downsides of a honeypot technology.
http://www.issadvisor.com/viewtopic.php?t=108
- Previous message: Mathieu Pagé: "Hight sevurity environement"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
