|
|
|
|
08-15-2003, 04:09 PM
|
#1 |
ISS Advisor Update
Here are some good security information links on an open ISS community web
site. This information is geared towards the Internet Security Systems’ Dynamic Protection platform, but can be applied generically to all security platforms. ** New Walk-thru on Evolution of IDS. Gives great detail on how IDS engines work, including Snort and most IDS/IPS technologies. It demystifies many of the SECURITY ALGORITHMS that are being used. http://www.issadvisor.com/viewtopic.php?t=207 Whitepapers: Dynamic Protection: Transitioning from reactive to proactive security http://www.issadvisor.com/viewtopic.php?t=60 Modern GSM Insecurities . Using a GSM enabled phone? Good background on the security capability of GSM networks. http://www.issadvisor.com/viewtopic.php?t=119 All Patched Up? The Dangers of Dynamic Content (SQL Injection) http://www.issadvisor.com/viewtopic.php?t=125 Powerpoint Presentations: Hackers and Hybrid Threats http://www.issadvisor.com/viewtopic.php?t=116 Dynamic Protection Deployment Strategy http://www.issadvisor.com/viewtopic.php?t=115 SQL Injection. 3 parts. The first part discusses the basics of how to test web applications for SQL injection vulnerabilities. The second part goes into the specifics of how to manually identify and test for SQL injection vulnerabilities. And the third part describes how to exploit SQL injection to retrieve data from the database. http://www.issadvisor.com/viewtopic.php?t=123 Selecting an Managed Security Service (MSS) Partner An overview on the MSS business and what services to look for. http://www.issadvisor.com/viewtopic.php?t=67 Security Fusion Module Combining security events to optimize what gets escalated. http://www.issadvisor.com/viewtopic.php?t=83 Security Tutorials: ISS SiteProtector 2.0 - Security Information Management (SIM). While these tutorials focus on ISS Site Protector, this could be applied to other SIM technologies. Tutorials include Installation Tutorial, Asset Configuration Tutorial, Report Generation Tutorial, Peer-2-Peer (P2P) Policy Creation Tutorial *VERY GOOD*, Gambling and Adult Site Policy Creation, and Automated Email Reporting and distribution. http://www.issadvisor.com/viewforum.php?f=35 Opinion pieces: Vulnerability Disclosure Guidelines. Vendors need to be held accountable. http://www.issadvisor.com/viewtopic.php?t=41 Anti-Virus Fails against SQL Slammer Worm. Antivirus companies are not open about this fact. http://www.issadvisor.com/viewtopic.php?t=118 ForeScout’s honeypot. What are some of the downsides of a honeypot technology. http://www.issadvisor.com/viewtopic.php?t=108 marky |
|
|
|
08-18-2003, 07:56 AM
|
#2 |
|
Posts: n/a
|
Re: ISS Advisor Update
marky wrote:
> ** New Walk-thru on Evolution of IDS. Gives great detail on how IDS > engines work, including Snort and most IDS/IPS technologies. It > demystifies many of the SECURITY ALGORITHMS that are being used. > http://www.issadvisor.com/viewtopic.php?t=207 nice! Have yet to review the other links, yet the above link gave me some more background information about (modern) IDS systems. recommendable if you have some time to spare. -- "Wisdom lies not in obtaining knowledge, but in using it in the right way" - kroesjnov http://www.securitydatabase.net http://www.mostly-harmless.nl http://www.outerbrains.nl email: rnet (remove inter to reply) UIN: 85685870 MSN: |
|
|
