Next Page >>
Best Practices
----------------------------------------------------------------------
Top 5-ish Threats to Watch for in 2009
1. This continuing trend to invest in the constant reminders of
assumed security best practices screamed at all levels and types of
workers across the work site will continue to eat away budgets,
prevent security professionals from actually enhancing security and
distract employees from working. This includes policy tidbits and
factoids for employees to see everywhere from posters in the bathroom
to mouse pad messages on their desks to screensaver quizzes they need
** Hosted products are VMware Workstation, Player, ACE, Server, Fusion.
Note: This vulnerability can be exploited remotely only if the
attacker has access to the Service Console network.
Security best practices provided by VMware recommend that the
Service Console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
release.
Note: This vulnerability can be exploited remotely only if the
attacker has access to the service console network.
Security best practices provided by VMware recommend that the
service console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
release.
Note: This vulnerability can be exploited remotely only if the
attacker has access to the service console network.
Security best practices provided by VMware recommend that the
service console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
Themen der Konferenz
=> PHP Core
=> PHP & Web Security
=> Web Architecture
=> Best Practices
=> Scaling & Performance
=> Agile Development
=> Continuous Integration
=> Tools & Frameworks
=> Frontend Development
* vMA JRE is updated to version JRE 1.5.0_21
Notes: These vulnerabilities can be exploited remotely only if the
attacker has access to the Service Console network.
Security best practices provided by VMware recommend that the
Service Console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
The currently installed version of JRE depends on your patch
EUSecWest CALL FOR PAPERS
LONDON, U.K. -- The second annual EUSecWest applied technical
security conference - where the eminent figures in the
international security industry will get together share best
practices and technology - will be held in downtown London at
the Sound club in Leicester Square on May 21/22 2008. The most
significant new discoveries about computer network hack attacks
and defenses, commercial security solutions, and pragmatic real
world security experience will be presented in a series of
informative tutorials.
CanSecWest 2010 CALL FOR PAPERS
VANCOUVER, Canada -- The eleventh annual CanSecWest applied
technical security conference - where the eminent figures in
the international security industry will get together share
best practices and technology - will be held in downtown
Vancouver at the the Sheraton Wall Centre on March 22-26,
2010. The most significant new discoveries about computer
network hack attacks and defenses, commercial security
solutions, and pragmatic real world security experience will
be presented in a series of informative tutorials.
CanSecWest CALL FOR PAPERS
VANCOUVER, Canada -- The twelfth annual CanSecWest applied technical
security conference - where the eminent figures in the international
security industry will get together share best practices and
technology - will be held in downtown Vancouver at the the Sheraton
Wall Centre on March 9-11, 2011. The most significant new discoveries
about computer network hack attacks and defenses, commercial security
solutions, and pragmatic real world security experience will be
presented in a series of informative tutorials.
Although it is often difficult to block traffic that transits a
network, it is possible to identify traffic that should never be
allowed to target infrastructure devices and block that traffic at
the border of networks. Infrastructure Access Control Lists (iACLs)
are a network security best practice and should be considered as a
long-term addition to good network security as well as a workaround
for these specific vulnerabilities. The iACL example below should be
included as part of the deployed infrastructure access-list which
will protect all devices with IP addresses in the infrastructure IP
address range:
CanSecWest 2008 CALL FOR PAPERS
VANCOUVER, Canada -- The ninth annual CanSecWest applied technical
security conference - where the eminent figures in the
international security industry will get together share best
practices and technology - will be held in downtown Vancouver at
the the Mariott Renaissance Harbourside on March 26-28, 2008. The
most significant new discoveries about computer network hack
attacks and defenses, commercial security solutions, and pragmatic
real world security experience will be presented in a series of
informative tutorials.
EUSecWest CALL FOR PAPERS
AMSTERDAM, Nederland -- The sixth annual EUSecWest applied technical
security conference - where the eminent figures in the international
security industry will get together share best practices and technology
- will be held in downtown Amsterdam at the the Melkweg Multimedia
Center near Leidseplein on June 16/17, 2010. The most significant new
discoveries about computer network hack attacks and defenses,
commercial security solutions, and pragmatic real world security
experience will be presented in a series of informative tutorials.
CanSecWest 2008 CALL FOR PAPERS
VANCOUVER, Canada -- The ninth annual CanSecWest applied technical
security conference - where the eminent figures in the
international security industry will get together share best
practices and technology - will be held in downtown Vancouver at
the the Mariott Renaissance Harbourside on March 26-28, 2008. The
most significant new discoveries about computer network hack
attacks and defenses, commercial security solutions, and pragmatic
real world security experience will be presented in a series of
informative tutorials.
EUSecWest CALL FOR PAPERS
LONDON, U.K. -- The second annual EUSecWest applied technical
security conference - where the eminent figures in the
international security industry will get together share best
practices and technology - will be held in downtown London at
the Sound club in Leicester Square on May 21/22 2008. The most
significant new discoveries about computer network hack attacks
and defenses, commercial security solutions, and pragmatic real
world security experience will be presented in a series of
informative tutorials.
EUSecWest CALL FOR PAPERS
LONDON, U.K. -- The third annual EUSecWest applied
technical security conference - where the eminent figures
in the international security industry will get together
share best practices and technology - will be held in
downtown London at the Sound Club in Leicester Square
on May 27/28, 2009. The most significant new discoveries
about computer network hack attacks and defenses,
commercial security solutions, and pragmatic real world
security experience will be presented in a series of
BA-Con 2008 CALL FOR PAPERS
BUENOS AIRES, Argentina -- The first annual BA-Con applied
technical security conference - where the eminent figures in the
international and South American security industry will get together
and share best practices and technology - will be held in Buenos
Aires on September 30 and October 1st. 2008. The most
significant new discoveries about computer network hack attacks
and defenses, commercial security solutions, and pragmatic real
world security experience will be presented in a series of
informative tutorials.
World Security Pros To Converge on Japan
TOKYO, Japan -- To address the increasing importance of information
security in Japan, the best known figures in the international
security industry will get together with leading Japanese
researchers to share best practices and technology. The most
significant new discoveries about computer network hack attacks
and defenses will be presented at the sixth annual PacSec conference.
The PacSec meeting provides an opportunity for foreign specialists
to be exposed to Japanese innovation and markets and collaborate
PacSec CALL FOR PAPERS
TOKYO, Japan -- To address the increasing importance of information
security in Japan, the best known figures in the international
security industry will get together with leading Japanese researchers
to share best practices and technology. The most significant new
discoveries about computer network hack attacks will be presented at
the eighth annual PacSec conference to be discussed.
The PacSec meeting provides an opportunity for foreign specialists to
be exposed to Japanese innovation and markets and collaborate on
CanSecWest CALL FOR PAPERS
VANCOUVER, Canada -- The tenth annual CanSecWest applied
technical security conference - where the eminent figures
in the international security industry will get together
share best practices and technology - will be held in
downtown Vancouver at the the Sheraton Wall Centre on
March 18-20, 2009. The most significant new discoveries
about computer network hack attacks and defenses,
commercial security solutions, and pragmatic real world
security experience will be presented in a series of
PacSec CALL FOR PAPERS
TOKYO, Japan -- To address the increasing importance of information security
in Japan, the best known figures in the international security industry will
get together with leading Japanese researchers to share best practices and
technology. The most significant new discoveries about computer network
attacks will be presented at the ninth annual PacSec conference to be
discussed.
The PacSec meeting provides an opportunity for foreign specialists to be
World Security Pros To Converge on Japan
TOKYO, Japan -- To address the increasing importance of information
security in Japan, the best known figures in the international
security industry will get together with leading Japanese researchers
to share best practices and technology. The most significant new
discoveries about computer network hack attacks will be presented at
the seventh annual PacSec conference to be discussed.
The PacSec meeting provides an opportunity for foreign specialists to
be exposed to Japanese innovation and markets and collaborate on
The patch listed above for affected products is available from the following location:
Build 6235: http://support.veritas.com/docs/294241
Build 7170: http://support.veritas.com/docs/294237
Best Practices
As part of normal best practices, Symantec recommends:
* Restrict access to administration or management systems to authorized privileged users
* Block remote access to all ports not essential for efficient operation
* Restrict remote access, if required, to trusted/authorized systems only
* Remove/disable unnecessary accounts or restrict access according to security policy as required
More information is available from McAfee at:
McAfee Security Bulletin SB10004
Intrushield NSM update fixes XSS flaw
https://kc.mcafee.com/corporate/index?page=content&id=SB10004
Follow best practices of placing the security management console on a segregated management network. Apply restrictive, default-deny firewall policies to protect these assets from access by unauthorized users.
Do not perform administrative access of security management consoles from computers exposed to the Internet through web browsing, email, and other applications. Lock down and heavily monitor systems used to perform administrative tasks such as accessing security management consoles.
Details
More information is available from McAfee at:
McAfee Security Bulletin SB10005
Intrushield NSM update fixes Session Hijacking flaw
https://kc.mcafee.com/corporate/index?page=content&id=SB10005
Follow best practices of placing the security management console on a segregated management network. Apply restrictive, default-deny firewall policies to protect these assets from access by unauthorized users.
Do not perform administrative access of security management consoles from computers exposed to the Internet through web browsing, email, and other applications. Lock down and heavily monitor systems used to perform administrative tasks such as accessing security management consoles.
Details
Successful exploitation can lead to theft of user credentials. These
vulnerabilities can be exploited remotely only if the attacker has
access to the Service Console network.
Security best practices provided by VMware recommend that the
Service Console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
Client-side protection measures included with current browsers are not
Although it is often difficult to block traffic that transits a
network, it is possible to identify traffic that should never be
allowed to target infrastructure devices and block that traffic at
the border of networks. Infrastructure ACLs (iACLs) are a network
security best practice and should be considered as a long-term
addition to good network security as well as a workaround for this
specific vulnerability. The iACL example below should be included as
part of the deployed infrastructure access-list, which will help
protect all devices with IP addresses in the infrastructure IP
address range:
Articles in the magainze:-
Tech Gyan - Pentesting your own Wireless Network
Tool Gyan - Wi-Fi tools
Mom's Guide - Wireless Security - Best Practices
Legal Gyan - Copyrights and cyber space
Matriux Vibhag - Forensics with Matriux Part - 2
Poster of the month - Can you cage a Wi-Fi signanl ?
Hope you'll enjoy the magazine.
ESX 3.5
Refer to the VMware KB article at http://kb.vmware.com/kb/1006878.
Note: This vulnerability can be exploited remotely only if the
attacker has access to the service console network.
Security best practices provided by VMware recommend that the
service console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
This issue covers following articles:-
0x00 Tech Gyan - Looking Into the Eye of the Bits
0x01 Tool Gyan - Ravan – JavaScript Distributed Computing System
0x02 Mom's Guide - Best Practices of Web Application Security
0x03 Legal Gyan - Law relating to Cyberterrorism
0x04 Matriux Vibhag - OWASP Mantra’s MoC Crawler
0x05 Poster - Ravan
Check http://chmag.in/ for articles.
control-plane
service-policy input CoPP-policy
Additional information on the configuration and use of the CoPP
feature is available in the Control Plane Policing Implementation
Best Practices.
Obtaining Fixed Software
========================
Cisco has released free software updates that address this
Next Page>>
|
