Security Management Strategies for the CIOAccess "On The Radar: Preaching the merits of log review"
This article is part of the June 2005 issue of With SSL VPNs on the offense, will IPSec VPNs eventually be benched?
Have you been hacked and don't know it? Unfortunately, stealth hacking occurs because many security managers and admins aren't looking for clues or don't know what to look for. How often do your admins actually check their server logs? They're often too busy to wade through reams of log data. And, even if you've got an especially diligent admin, he may tell you, "I've seen lots of stuff, but so what? Everything is running smoothly." But what if you came across this piece of gibberish? viewtopic.php?t=%33%32&rush=%65%63%68%6F%20%5F%53%54%41%52%54%5F%3B%20%63%64%20%2E%2E%2F%3B%65%63%68%6F%20%44%61%72%6B%2D%55%6E%64%65%72% Nonsense? Not At All. It's part of the message, "Dark Underground was here." This is the wake-up call. Some hackers like to leave calling cards to boast of their work. It may seem like a simple defacement, but it could be a clue that something really bad is going on under the placid surface. Unfortunately, you can't assume that every hacker is going to "sign" his work. Finding that covert intruder takes a combination of good logging strategy,... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Nothing But 'Net: SSL VPNs provide cheap secure remote access
by Michael S. Mimoso, Editorial Director
SSL VPNs provide The Sports Authority, and a growing number of enterprises, with cheaper secure remote connectivity. Will they eventually slam dunk IPSec?
-
CrossTec's NetOp Desktop Firewall 3.0 Product Review
In this product review of small and medium sized business (SMB) Cross Tec NetOp Desktop Firewall 3.0 product, get information on the products logging, reporting and policy capabilities.
-
Unwelcome Callers
Unsecured RPCs can leave you open to attack. Take steps to secure your networks.
-
Hot Pick: Sana Security's Primary Response 3.0
Sana Security's Primary Response 3.0
-
Secure Reads: The Black Book on Corporate Security
Read a review of The Black Book on Corporate Security.
-
Nothing But 'Net: SSL VPNs provide cheap secure remote access
by Michael S. Mimoso, Editorial Director
-
-
Patch Tuesday
Microsoft's regular patch release cycle is a combination of information, process and automated tools that makes updates go more smoothly.
-
Sploit!
Exploit frameworks are the machine guns of automated attacks. Don't get caught on the wrong end of the barrel.
-
TriGeo Network Security's TriGeo Security Information Manager 3.0
A review of the security information management product: TriGeo Network Security's TriGeo Security Information Manager 3.0.
-
E-mail Security: Symantec Mail Security 8200 series
Symantec's Symantec Mail Security 8200 series
-
Recent Releases: Security product briefs, June 2005
Learn about security products released in June 2005.
-
Patch Tuesday
-
Columns
-
Ping: Robby Ann Hamlin
Robby Ann Hamlin
-
Editor's Desk: Patch Tuesday in the real world
Patching Routine
-
On The Radar: Preaching the merits of log review
Smart Logging
-
Ping: Robby Ann Hamlin
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...