ISS Advisor Update

Discussion in 'Computer Security' started by marky, Jul 15, 2003.

  1. marky

    marky Guest

    Here are some good security information links on an open ISS community web
    site. This information is geared towards the Internet Security Systems’
    Dynamic Protection platform, but can be applied generically to all
    security platforms.

    ** New Walk-thru on Evolution of IDS. Gives great detail on how IDS engines
    work, including Snort and most IDS/IPS technologies. It demystifies many of
    the SECURITY ALGORITHMS that are being used.


    Dynamic Protection: Transitioning from reactive to proactive security

    Modern GSM Insecurities . Using a GSM enabled phone? Good background on the
    security capability of GSM networks.

    All Patched Up? The Dangers of Dynamic Content (SQL Injection)

    Powerpoint Presentations:
    Hackers and Hybrid Threats

    Dynamic Protection Deployment Strategy

    SQL Injection. 3 parts. The first part discusses the basics of how to test
    web applications for SQL injection vulnerabilities. The second part goes into
    the specifics of how to manually identify and test for SQL injection
    vulnerabilities. And the third part describes how to exploit SQL injection to
    retrieve data from the database.

    Selecting an Managed Security Service (MSS) Partner
    An overview on the MSS business and what services to look for.

    Security Fusion Module
    Combining security events to optimize what gets escalated.

    Security Tutorials:

    ISS SiteProtector 2.0 - Security Information Management (SIM). While these
    tutorials focus on ISS Site Protector, this could be applied to other
    SIM technologies.

    Tutorials include Installation Tutorial, Asset Configuration Tutorial, Report
    Generation Tutorial, Peer-2-Peer (P2P) Policy Creation Tutorial *VERY GOOD*,
    Gambling and Adult Site Policy Creation, and Automated Email Reporting and

    Opinion pieces:

    Vulnerability Disclosure Guidelines. Vendors need to be held accountable.

    Anti-Virus Fails against SQL Slammer Worm. Antivirus companies are not open
    about this fact.

    ForeScout’s honeypot. What are some of the downsides of a honeypot technology.
    marky, Jul 15, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.