Featuring 128 Papers as of November 17, 2010
Creating Robust IT Security and Efficiency by Reducing Infrastructure Complexity in Higher Education Masters
Keith Lard - November 17, 2010
Recent economic conditions have created a business problem unique to higher education and its IT infrastructure. In the past ten years, IT systems and infrastructure have experienced a rapid change in complexity as a result of moving from mainframes to web services (Weinschenk, 2003). The technical landscape continues to become more complex as technology advances and application sophistication increases more rapidly, creating a greater dependency on IT services. To stay competitive and efficient, private and for-profit businesses have spent the last ten years keeping up with technology and training their staff. However, the university has been insulated in its own microcosm, having the luxury of ignoring business cycles, as the product offered has not changed drastically. Now, recent economic conditions and rapid advancement in technology have created the perfect storm within the university setting.
Smart IDS - Hybrid LaBrea Tarpit
Cristian Ruvalcaba - December 28, 2009
The importance of IDS in corporate defense is seen as an ever growing necessity. Major strides have been made for numerous IDS tools, but some have seen a stalemate. The next evolutionary step in IDS would involve the concept of a 'Smart Intrusion Detection System (IDS)', one that generates signatures. The question of how to generate these signatures becomes instrumental, and can involve a number of different components. In this case, it could involve a tool that uses a hybrid LaBrea concept.
Mitigating Insider Sabotage
Joseph Garcia - September 28, 2009
How failing to create an effective termination policy and deploy correct user access controls to deter insider threats can be costly.
Inside a Phish Masters
John Brozycki - June 25, 2009
This paper will document both sides of a phishing campaign, the phisher and the phished, providing a unique view as best as Im able to recreate it from the phishers own emails and information from the phished financial institution.
Capture the flag for education and mentoring
Jerome Radcliffe - January 30, 2009
A case study on the use of competitive games in computer security training.
- Google Desktop Search as an Analysis Tool Chris Poldervaart - September 11, 2008
Effectiveness of Antivirus in Detecting Metasploit Payloads Masters
Mark Baggett - March 28, 2008
Your neighbor stops you at your curb. He knows you‟re a computer security guru and wants to know the secret to protecting his computer from hackers. You need to get back to mowing the lawn and don‟t really have time to explain log monitoring, patch management, vulnerability assessments, penetration testing, least required access, the CIA triad, and the finer points of risk management. Besides, you know youre the only guy on the block with syslog servers, hardware firewalls, IDS and HIPS watching the one computer in your house that you only use for online banking. So what do you tell him? Keep your patches and antivirus software up to date and don‟t run untrusted programs. You know its not enough, but any more advice would commit you to hours of free consulting or get you uninvited to the neighborhood Christmas party. Don‟t run untrusted programsgood advice! The problem is most people trust everyone when it comes to free software.
Catching Phishers with Honey-Mail
Dennis Dragos - February 7, 2008
On the technical side, the tools and tactics employed to track and document the incident will be examined. In the broader scope, the high level of cooperation needed between law enforcement, corporate IT departments, and the various ISPs, email providers, and web hosting companies will be explained. Additionally, it will be shown that by taking a proactive approach, one can get a better insight to the incident, and actions of the phisher than by traditional reactionary investigation techniques.
Case Study in Information Security: Securing The Enterprise
Roger Benton - May 17, 2005
This practical is a case study of an Insurance Company's migration to an enterprise-wide security system. It is the intent of this practical to provide a path to follow when creating or migrating to a security system. Initially, a primitive online security system was the only mechanism to control access to corporate data.
Centralized Tracking and Risk Analysis of 3rd Party Firewall Connections
Neeta Maniar - May 17, 2005
The goal of this case study was to simplify the firewall ruleset validation process by creating a central database of rulesets that enables reporting on existing vendor connections. The overall impact included compliance with auditing requirements, a more robust risk assessment of firewall rulesets, and centralized visibility bringing about management response.
Simple Traffic Analysis With Ethereal
Neil Orlando - May 17, 2005
This paper describes how to use the Ethereal Display Filter to examine a capture log file. The data analyzed was recorded by port and the amount of packet traffic received.
GCFW Practical Assignment Critique
Bart Hubbs - May 5, 2005
Many companies are adopting a preference toward buying vendor software versus building software in-house to meet business needs. Some of the drivers for this preference are integration, scalability, outsourcing, support, speed-to market, process savings, and reducing the cost of information technology (IT).
GCFW Practical Assignment Critique
Bart Hubbs - March 9, 2005
The purpose of this practical is to critique a GIAC Certified Firewall Analyst (GCFW) practical to enable implementation in a public healthcare company.
Adding and securing a Public Wireless Access Point within a home network
Steven Christall - February 19, 2005
This project details the migration of a simple home wireless network to include a public wireless access point. This is done using open source products and utilising older, retired hardware.
Case Study: The Get Connected CD
David Greenberg - February 19, 2005
To protect the Indiana University network and student computers in the residence halls, we prevent new computers from connecting to the network before running our "Get Connected" CD-ROM.
Case Study: A Path towards a Secure, Multi-role Wireless LAN in a Higher Education Environment
Sean Malone - January 28, 2005
Network security is an issue for all businesses. The challenges faced by small-to-medium size businesses (SMBs) are unique and significant.
Seldom cry wolf: Tuning out false positives on Network Intrusion Detection Systems
Paul Leitao - January 28, 2005
The following document describes the tuning methodology design and implementation steps. It provides a step-by-step process of deployment within a medium size organization (all IP ranges have been changed to protect the innocent of course). The paper will focus on providing a methodology that may be used as a starting point to identify and minimize false positives.
Implementation of a Comprehensive Enterprise Virus Defense Infrastructure in a Global Company
Robert Doeden - January 26, 2005
This paper will follow a global corporation's move from traditional, client based and controlled virus defense to a centrally controlled and monitored system.
Away from home. Securing Internet Cafes whie maximizing customer freedom
Alex Tilley - January 18, 2005
This essay is a real world example of steps taken by the author when hired to redesign and manage the IT aspects of 2 medium sized (100 user PCs in total) Internet cafes in Europe in 2001.
Improving Firewall Security post Acquisition
Leona Conolly - January 18, 2005
This paper aims to discuss the challenges in putting together a secure Check Point Firewall-1 solution to protect our existing information and assets and that of our new acquisition. It is assumed that the reader will have a generic knowledge of firewalls, related terms and their use. In the paper the word 'policy' refers to the security document and the word 'rulebase' refers to the Check Point rules.
Endpoint Security Justification and Establishment
Samuel Ho - January 18, 2005
As the information security officer at a prominent utilities organization, I witnessed first hand the pitfalls of providing network security only at the network perimeter, the false sense of security, and the potential monetary, regulatory and credibility consequences this traditional solution provides.
Case Study: Providing malware outbreak protection for controlled and uncontrolled zones within a university
Christopher Jackson - September 16, 2004
Many environments find it difficult at best to ensure the security posture of the devices under their direct control. Universities and like organizations have to tackle this problem without the ability to administratively control many of the computers attached to the network.
Setting Up a Honeypot Using a Bait and Switch Router
Lorie Carter - September 16, 2004
While conducting research for this practical I found that there were many different arenas that warrant a closer look. I chose honeypots for this practical because they allow an administrator to track and learn from black-hats first hand without the attacker ever being aware that somebody is watching.
Case Study In Secure File Transfer: Implementing Secure FTP with SSL In a Healthcare Organization
Steve Tobias - August 28, 2004
Secure electronic file transfer between organizations has become essential for business transactions and communication. Healthcare organizations are no exception to this requirement.
Enhancing ABC Inc Security Strategy with IDS and Centralized Syslog
George Plytas - August 25, 2004
I am a Security Analyst/Administrator for a medium sized company, ABC Inc I, along with a team of System Administrators, am tasked with the responsibility of protecting our customer's confidential information, maintaining the integrity of our applications and keeping our systems available.
Sit, Fetch, Drop: Training the Clearswift anti-spam filter
Emma Sutcliffe - August 15, 2004
I wasn't quite drowning but was certainly tiring from treading water. Managing spam had become a daily task and I wanted a dynamic filter that could be customised to suit my environment.
A Model for Handling Security Issues within a Network Operations Center
Tonya Heath - August 15, 2004
The Network Operations Center uses numerous tools ranging from Intrusion Detection (Snort) and Intrusion Protection (Tipping Point) to simple SNMP monitors (Netsight Element Manager). I will discuss how they use these tools to maintain a secure IT environment and assist Network Administrators as well as protect the campus community.
Implementing Secure HTTP-to-HTTPS Redirection
Robert Hercey - July 25, 2004
I have found myself in the fortunate position of working for a company full of bright, hard working people. While standout individual performances are encouraged and recognized, what makes our company successful is the ability for everyone to come together as a team when a crisis happens.
Fighting Spam Proxies in a University Environment
Kevin Shivers - July 25, 2004
Spam is a huge annoyance for everyone. Fighting spam is difficult enough, but when spammers team up with hackers to produce ultra-sneaky Trojan horses that turn end-user computers into one stop proxies that allow spammers and hackers to hide their digital tracks, they've gone too far.
Removing Server Based Trust Relationships
Keith Gaughan - July 25, 2004
The goal of this project was to develop, implement and deploy solutions as well as supporting processes and standards to remediate and mitigate the risks that are inherent to utilizing UNIX server based trust relationships in a enterprise networked environment within 30 days.
Securing an Existing IIS 5.0 DMZ Infrastructure
Julius Fitzgerald - July 25, 2004
The task of designing a secure infrastructure for IIS 5.0 web servers within a DMZ is difficult enough. Securing an existing DMZ becomes exponentially more difficult due to the added requirement of retrofitting those currently working servers with more appropriate security settings, policies and operational procedures while not adversely affecting website or application availability and keep costs to a minimum throughout the process.
Acceptable Security on Public Access Computer Workstations in Public University Libraries
Cheryl Lytle - July 25, 2004
Providing highly secure workstations in public university libraries requires defining what is acceptable for the working environment and determining what types of security can be implemented to compensate for lesser security at lower layers at the workstation level.
CIRT, Through Conception Labor and Delivery
Peter Ridgley - June 9, 2004
The purpose of this case study is to show the efforts, successes and failures that a company, new to adopting a security posture, recently experienced.
Design and Deployment of a Rapid Response Security Vulnerability Scanning Infrastructure
Eliot Lim - June 9, 2004
A large research university presents a formidable challenge to computer security professionals. Among the hazards are a completely porous, non firewalled border and decentralized administration of computers.
System Certifications: An Administrative Makeover
John Modransky - May 2, 2004
Described in this paper are the administrative controls that were implemented to certify and accredit UNIX (herein referred to as UN*X) and Microsoft Windows (herein referred to as Windows) based computer systems for a financial institution (herein referred to as The Firm).
Corporate Governance and Information Security
Steve Loyd - May 2, 2004
Corporate governance has a long history of ups and downs within US corporations. With the recent streak of scandals affecting public companies, governance and related legislation has again been brought into focus.
Assessing the Impact of Unsolicited Commercial E-mail in a Large Corporation
Joseph McComb - April 8, 2004
Unsolicited commercial e-mail has become an increasing issue in corporate environments. This case study examines the impact of unsolicited commercial email (also known as spam) on the productivity of employees in the research division of a large global corporation.
A Secure By Numbers Approach To An All
Darrell Rodgers - April 8, 2004
These multi-functional devices are very simple to setup and use, but may not provide us with the layered Defense In Depth functionality that we desire nor will they provide the additional features of higher end components such as those made by Cisco.
Implementing Defense In-Depth at the Department Level
Sean Fahey - April 8, 2004
This case study describes the procedures used to improve computer security within my department by following the principles of defense in-depth. It presents a step-by-step approach for improving security by defining risks, assessing vulnerabilities, and implementing measures to reduce the likelihood that those vulnerabilities may be exploited.
A Policy to Prevent Outsider Attacks on the Local Network
Clarissa Brown - April 8, 2004
We used to be able to say, "If the laptop or computer is not owned by us, then it is not allowed to touch our network." However, over the last few years, business need has exceeded the desire to keep our network "pure" and many non-agency owned computers now have access to our local area network (LAN).
Introducing Information Security to a Cyber Cafe
Barry Basselgia - April 8, 2004
Due to growing concern over Information Security, I was approached by the director responsible for a company sponsored Cyber Cafe to evaluate the Cafe for Information Assurance and Network Security concerns. The director was concerned that a virus or other forms of cyber attack could cause extended downtime, which would have a negative impact on morale and productivity.
Securing Sensitive Data in a Research Environment
Tim VanAcker - March 9, 2004
Several years ago, staff on one of the research projects in my organization developed guidelines for disseminating sensitive data to researchers around the country.
The Impact of the Sarbanes Oxley Act on IT Security
Scott Byrum - March 9, 2004
This paper goes on to define the Sarbanes-Oxley Act and its requirements, a framework for compliance, and specific IT security areas that must be considered during compliance efforts.
Internet Service Providers:The Little Mans Firewall
Luke Dudney - March 8, 2004
There has recently been call for Internet Service Providers to begin filtering traffic related to the spread of malicious data traffic such as viruses, worms and open proxy abuse to and from their end-users. This case study outlines the planning, implementation, and results phase of such an endeavour by a medium sized national Australian ISP.
Implementing Vulnerability Assessment with eEyes EVA Suite
Kevin Austin - March 4, 2004
Vulnerability assessment is an important part of any Defense in Depth implementation. I discovered that in my company vulnerability assessment was not being used to its full advantage inside the perimeter. My team was continually fighting the same battles against unpatched and vulnerable systems as they would acquire various viruses from the network.
Personal Media Devices: The Cool Threat Vector
Keith Daly - March 2, 2004
This paper discusses the use of personal media devices as a potential threat vector towards corporations.
Eric Rupprecht - February 26, 2004
This paper describes how a packet will flow through these tools to provide a better understanding of these technologies and enabling the administrator to write firewall rules with fewer errors.
Study: Improving Security in Corporate (SMTP) E-Mail Delivery
Brian Sommers - February 26, 2004
For this case study, I will examine one of these Internet services, e-mail over SMTP (Simple Mail Transfer Protocol), and what was done to improve the security of that system.
Circumventing Access Control Lists by Transparent Proxy - A Case Study
Robert Gannon - January 11, 2004
This paper describes a method used in an actual case to circumvent seemingly adequate access controls by using the transparent caching mechanism of the WCCP protocol to abuse an otherwise protected network for the purposes of sending spam and connecting anonymously to unsavory sites.
The Unintentional Criminal: DDoS from the inside!
Miguel Dilaj - January 11, 2004
This paper will highlight the IT Security problems resulting from the economic constraints on an ISP in a developing country and of their impact everywhere.
Government Financial Architecture: A Focus on Centralized Security and Continuity of Operations
Matthew Mickelson - January 11, 2004
The primary focus of this paper addresses security issues laid out by the CFO; specifically the following key areas for improvement which include: De-Centralized Architecture, Disaster Recovery, Continuity of Operations, Network and Server Availability.
An intrusion, in an outsourcing data center, that works in spite of security
Rick Kryger - December 21, 2003
No matter how secure the architecture, how complete the procedures, or how diligent and skilled the network support team is, nothing short of knowing and analyzing all changes inside and outside of the solution can protect an environment completely.
Introducing Defense-in-Depth to a Small ISP
Rodney Anderson - December 21, 2003
This paper presents a case study about a rural Internet Service Provider (ISP) who requested some assistance in assessing the security of their production server and network environment.
Using LDAP to solve one companys problem of uncontrolled user data and passwords
Andres Andreu - December 21, 2003
This case study will analyze a massive undertaking of centrally consolidating user data, and in particular passwords, from numerous sources
Case Study: Implementing a Secure Wireless Network using WPA
Randy Hensel - December 13, 2003
Wireless network cards are becoming quite common at my company especially in notebook computers. With this proliferation of wireless network cards have come requests from the users of these computers to access the corporate network using a wireless connection.
Implementing Identity Management with BMC Control-SA
Adrian Grigore - December 13, 2003
This paper is a case study describing how the organization I work for implemented Identity Management using BMC Control-SA product.
Reducing the Risk associated with Authentication and Authorization through the deployment of SUDO and Powerbroker: A Case Study in Information Securit
Steve Mancini - December 13, 2003
This case study explores sudo and Powerbroker, discussing their strengths and weaknesses as they apply to a large scale work environments and their implications in considering your authentication - authorization process, and offer one possible solution which uses both applications in a manner to minimize some of the risks known to exist with shared accounts, both traditional and super-user.
Architecting, Designing and Building a Secure Information Technology Infrastructure, a case study
John Johnston - December 13, 2003
This case study follows the building of an Information Technology Infrastructure with an integrated Security Architecture.
Defense in Depth For Private Wireless Communications Networks: A Case Study
Walt Andserson - November 6, 2003
This paper examines the threats and vulnerabilities of private wireless communications infrastructures, discusses the selection and prioritization of security countermeasures, and describes the security enforcing equipment and security management services that are now being introduced.
Retain control of Security (even in the wake of an IT Outsource)
Leslie Martinez - November 5, 2003
This paper provides a case study and serves as a methodology for dealing with any outsource where security is of concern; sighting actual problems encountered and the solutions that were deployed, along with the tools used, and the policies implemented.
Case Study: A Risk Audit of a Very Small Business
Douglas Browne - November 5, 2003
This paper describes a security audit of a small business, focusing on the discovery and risk analysis process and provide technical details in appendices.
Programmatic Management of Active Directory Groups
Don Quigley - November 5, 2003
This paper provides detail on an automated group provisioning/deprovisioning process developed for the management of security group membership requests and includes the Perl code designed to work with Critical Path's MetaConnect product as a constructed attribute.
RBAC In The Real World
Christine Occhipinti - October 31, 2003
This paper discusses Role-Based Access Control (RBAC), a type of non-discretionary access control, was chosen as the best solution to mitigate the risk from vulnerabilities on a system I worked on.
Lessons Learned in Securing Blackboard
Peter Benedict - October 31, 2003
This paper details the efforts taken to secure Blackboard, a Course Management System (CMS), at an educational institution.
Securing an IIS 4.0 Web Server, Machine and All
Marshall Heilman - October 31, 2003
The objective of this paper is to show how I secured my organization's web server, which fatally crashed earlier this year.
A Secure Implementation of HP OpenView Web Transaction Observer
Matthew Patterson - October 31, 2003
This paper discusses an actual implementation of the product HP OpenView Web Transaction Observer 3.0 (WTO) as a repeatable service offering within an Outsourcing environment.
Forced Evolution of Security on Redhat Linux Server due to System Compromise
Alec Wood - October 31, 2003
This paper describes my experiences in setting up the office computer network system for a small engineering company in Hong Kong and handling the system when it was compromised.
Help We Just Fired Our Only IT Person!
Doug Cox - October 31, 2003
This study covers about 18 months of activity at the pace that could be absorbed by the organization. It is not meant to be universal solution, but lessons taken from a real event.
Securing the Perimeter: A Case Study
George Kelschenbach - October 31, 2003
The Linux, Help Desk, Mail server and the two Active Directory servers had direct network links to both the internal network and the Internet making them prime targets for intruders.
The Value of Risk Assessment - A Case Study
Elton Pierce - October 31, 2003
This paper will examine the application of the security risk assessment process to a rather complex project from the initial phases of its design prior to security risk assessment to its production state. It will discuss how risks were assessed and identified and show how the risk assessment process changed the final outcome of the project.
The Logbook of The World
Ted Demopoulos - October 31, 2003
This paper describes the Logbook of The World (LoTW) project to create electronic confirmations of contact (eQSLs) for amateur radio operators worldwide.
SSL Web Proxy - A Secure and Inexpensive Remote Access Implementation
David Culp - October 31, 2003
The objective of this system is to allow external clients without any configuration changes to securely access our internal web applications via the Internet.
Case Study for Understanding the 30,000 Foot View Before Diving In
Bill Baker - October 31, 2003
The goal of this paper will be to provide some insight to help the reader become a bit more business-savvy, where gearing solutions to the needs of the organization will help raise acceptance rates.
Recovering From a Failed Security Audit - A Case Study
Wayne Fielder - October 31, 2003
This case study opens with recognition of the security and privacy issues within the Agency and walks through the process of remediation, securing the use of sensitive data, development and implementation of strong policies, and initiating a solid monitoring system at very low cost due to a deteriorating budget scenario.
I-VPN - Porting a corporate network to Internet
Thorstein Oeverby - October 31, 2003
This paper describes the process of implementing a corporate business network over Internet that replaces a variety of communication solutions developed over the years.
Implementing Vulnerability Scanning in a Large Organisation
Richard Grime - October 31, 2003
This paper describes how our security group now uses vulnerability scanning to demonstrably improve the security posture of our organization.
Label Controlled File Transfer Server - Case Study
Don Weber - October 31, 2003
The following discussion provides the process that I used to configure my portion of the label controlled file transfer system, touching on Trusted Solaris (TSOL), the secure operating system, Washington University File Transfer Protocol Daemon (wuftpd), file transfer program, and a chroot jail, along with the suggested direction of implementation.
Securing a University Environment; An Evolutionary Case Study
James Mayne - October 31, 2003
This case study outlines the steps that my university took to transition from an open network to one that balances the needs of faculty doing teaching and research, students needing to learn as well as be entertained and staff that require a secure and stable network environment to perform their business functions.
Remote Access using Telstra Dial IP
Jamie Rossato - October 31, 2003
This paper will demonstrate how the real-world security problem of remote access to an Enterprise network was addressed and validated (post-implementation) through the Internet Security Alliance's (ISA) Common Sense Guide for Senior Mangers.
VPN Project: Remote Access to a Novell Network
John Porter - October 31, 2003
As a senior network administrator, I became project leader and was responsible for directing our security initiative to replace our existing remote access facilities with encrypted Virtual Private Networking (VPN) technology.
Case Study - Windows 2000 ISA Proxy Server Authentication Inside a DMZ
Michael Kerr - October 31, 2003
This paper describes the investigation process and implementation of IPSec policies to manage a wide range of communication traffic between two Windows 2000 servers.
Small-site Information Security on a (very loose) shoestring - a case study
Michael Millow - October 31, 2003
This paper will describe the lack of information security within a small company and the corrective actions (and their limitations) that significantly enhanced the overall security posture.
IMPLEMENTING sudo TO REPLACE su
Robert Agnolo - October 31, 2003
This paper discusses the implementation of sudo to replace su access on two key Sun/Solaris servers used by a small group of scientists who do research and development for a major US manufacturer
Benefits Of Implementing Secure Computing'S Sidewinder Firewall Appliance At A U.S. Army Mil
Andrew Rafla - October 31, 2003
This paper addresses the added protection mechanisms supplied by the implementation of a Sidewinder firewall appliance, along with strict "least privilege" access control policies would assist the Designated Approval Authority in accepting the new minimized level of risk and, therefore, approve the site's new DITSCAP accreditation.
Case Study: Automating Common InfoSec Auditing Tasks on a Windows 2000 Network
Clay Risenhoover - October 31, 2003
This paper examine how automating information security audit procedures at a university had the effect of increasing security through increased policy compliance.
Case Study: Transforming a Traditional Windows Client/Server Application
David Strubbe - October 31, 2003
Our software firm's financial application was developed on a traditional clientserver model and this paper explores some of security issues and the process that we (the software vendor) and our client (the ASP provider) used to securely implement a solution.
Wireless Security Protection In a Logistic Environment Case Study
Ferran Gallego - October 31, 2003
This case study is based on a Logistic Company where they have implemented wireless LANs (WLANs) to all their Warehouse sites.
Adventures in implementing a strong password policy
Marsha Williams - October 31, 2003
This paper explores the issues we had to negotiate in strengthening our passwords, some of the of the special situations which had to be handled as exceptions to the policy, and our planned future directions.
Wireless Security Protection In a Logistic Environment Case Study
Ferran Gallego - October 31, 2003
This project is proposing a way to secure the wireless LANs, allowing authorized and authenticated wireless users to gain access to their host application.
Detailed Forensic Procedure for Laptop computers
Matt Pierce - October 31, 2003
This document will discuss what forensic analysis is, why it is important and how laptop computers affect forensic analysis.
Achieving Executive Buy-in: The Case For Security
Chad Boeckmann - October 31, 2003
This paper conveys a real world approach to selling security to upper management and creating a foundation to build security upon.
Case Study in Developing Fault Tolerant and Highly Available Systems with Secure Zones of Protection
Kevin Knox - October 31, 2003
This paper will discuss the processes and actions taken to provide 24X7 fault tolerant and highly available systems with physical as well as cyber security in the forefront.
Deploying a website built using Oracle9iAS Portal
Stephen Coates - October 31, 2003
This paper is a case study of the deployment of a website built using the Portal component of Oracle9i Application Server (Oracle9iAS) in 2001.
Discovery, Eradication and Analysis of an attack on an open system: Welcome to the Jungle
Steve Terrell - October 31, 2003
This paper relates the procedures and policies that were put into effect to increase the security of the system, post attack, and how those procedures might affect the way the system will be used in the future to conduct the business of the school.
Douglas Brown - October 31, 2003
By using a combination of security tools and procedures, universities can provide a more secure computing environment than has generally been available.
How to Identify and "Contain" Some of the Information Security Problems Created by Unique
John Cupps - October 31, 2003
Several aspects of the university's business environment are unique only to universities and this paper explores the effect of the student user group within the environment and the problems they can create for information security initiatives.
Security Considerations in the Merger/Acquisition Process
Anita Hartman - October 31, 2003
This document will focus on the high-level security issues that if included in the due diligence process, can help facilitate integration of the companies involved.
Securing the Gold through Better Network Design: A Case Study
Todd Sheppard - October 31, 2003
The purpose of this research was to introduce new technologies to the sales force in order to enhance the solutions-based selling approach for a marketing and office equipment servicing company.
Information and Network Resource Administration and Security in an Education Network Environment
Ryan Davis - October 31, 2003
The goal of this document is to discuss and apply knowledge of Information Security to common security problems and concerns in an educational environment.
Secure Password Storage
Shelby Reeves - October 31, 2003
This paper addresses secure methods to archive and retrieve passwords.
Case Study: Implementing a Centralized Logging Facility
Richard DuClos - October 31, 2003
This paper provides a discussion on implementing a centralized logging server.
Connecting a Classified Network to the Internet. A case study.
Henrik Kram - October 31, 2003
The purpose of this document is to point out some common elements from the guidelines published to regulate computer security and suggest administrative action and technical solutions to build a network that may be connected to the Internet, and still obtain/retain a classification up to and including NATO RESTRICTED.
Case Study: Security Assessment at a Small Technology Corporation
Ryan Reiber - October 31, 2003
The following independent security assessment included the areas of its ASP, internal network infrastructure, and firewalls.
Establishing and Verifying the Stunnel SSL Encryption of Pine IMAP Email Sessions
Christopher Ursich - October 31, 2003
This paper documents one method for establishing and verifying the operation of SSL encryption using Stunnel for Pine IMAP email sessions.
Unique Security Challenges in Higher Education - Securely Integrating Student-owned Computers into Y
Kerry Vosswinkel - October 31, 2003
This paper addresses basic areas of information security such as policy, security awareness training, restricting access, monitoring and intrusion detection, and incident response that can keep your networks as secure as possible.
Securing Information within SAP v4.6b
Lori Kirk - October 31, 2003
The following thoughts and best practices are the end result of an upgrade, experience with the necessary clean up after the cutover and review of best practices offered by third parties.
Comprehensive Anomaly Detection (CAD)
Niles Mills - October 31, 2003
This paper provides a discussion on Comprehensive Anomaly Detection (CAD).
Network Security Concepts and Essentials: A University Overview
Matthew Leng - October 31, 2003
Using my experience from working at an Australian university, this paper addresses how the number of internal and external threats is increasing and providing intruders with a vast array of "ways to compromise university machines.
Twists in Security for Law Enforcement
Conrad Larkin - October 31, 2003
This paper is an attempt to not only briefly cover the basics of computer security that should be in use by everyone, but also an attempt to introduce to those unfamiliar with the extra challenges of supporting law enforcement what additional computer security precautions need to be addressed.
eVoting - A Perspective on Security
Damon Small - October 31, 2003
This paper will discuss how technology can be used to improve the voting process in the United States, and what should be done to get from current state to "eVoting."
Tackling Malicious Code in a University Environment: A Case Study
Sandy Goldston - October 31, 2003
This paper is a case study of malicious code incidents in a large public university as seen through the eyes of the security liaison over a one-and-a-half year period.
Application of the Survivable Network Analysis Method to Secure My Office System
Dale Wutz - October 31, 2003
This paper addresses the results of applying the Survivable Network Analysis method to my office system.
Is Your Personal Financial Information Safe? Practical Lessons in Quicken Password Vulnerabilities
William Geimer - October 31, 2003
This paper examines password encryption and authentication techniques applied to the file-level protection of personal documents and databases.
Can Microsoft .NET Deliver "Trustworthy Computing"?
Nikhil Viswanathan - October 31, 2003
The aim of this paper was to analyze the security framework of Microsoft .NET, and examine whether its components and features will deliver Microsoft chairman Bill Gates, his ambition of transforming Microsoft into the leading software provider of web services and "trustworthy computing".
Steps to Secure a Law Enforcement Network
David Brown - October 31, 2003
This paper addresses several common issues such as training for system administrators, risk assessment, physical security, security policies, and proper system administration.
Protecting Your Internal Systems from a Compromised Host
Michael Nancarrow - October 31, 2003
The concept for this paper came from a recent incident when one of our customer machines was compromised.
Designing Secure IT Environments for Pharmaceutical Clinical Trial Data Systems
Paul Drapeau - October 31, 2003
Pharmaceutical companies are subject to regulations imposed by the FDA (Food and Drug Administration), and this paper details the relevant regulations for security professionals and the special concerns they pose.
Is IEEE 802.1X Ready for General Deployment?
Scott Baily - October 31, 2003
This paper examines the suitability of deploying IEEE 802.1X as the principal authentication mechanism for Colorado State University's wireless network.
Defense In Depth: A Small University Takes Up the Challenge
David Robinson - October 31, 2003
This paper briefly explores the vital network security design concept of Defense in Depth (DiD).
CASE STUDY ON IMPROVING THE SECURITY OF A FIRM IN A LEGACY APPLICATION SETTING
Susan Bradley - October 31, 2003
This paper documents the steps that were taken by me to increase the security within my firm's computer network system, a system that includes Windows XP workstations and Windows 2000 Server systems.
Securing a Small Community College - A Case Study
Bobby Hoyle - October 31, 2003
This paper identifies critical computing resources used in a small community college, develops a method of defining risk, presents a network design, as well as, implements security policies to address risks, and formulates a long term strategy for securing vital campus resources.
Implementation of a Secure Web Environment for a Government Agency
Chad Steel - October 31, 2003
This paper details the decision making process and implementation of a secure, multi-site redundant web hosting environment for a large government agency.
Practical Implementation of Syslog in Mixed Windows Environments for Secure Centralized Audit Loggin
Frederick Garbrecht - October 31, 2003
This paper presents some of the options available to access the Windows Event log and demonstrate how to implement a versatile centralized remote logging solution using a commercially available Win32 implementation of the Syslog protocol.
Full Lifecycle Security Assessment - A Case Study
Gregory Golightly - October 31, 2003
This paper presents a 'before and after' look at helping a non-profit organization with assets of over a billion dollars secure their infrastructure using a best practice approach, expert knowledge, along with vulnerability assessment tools by ISS.
Using IDS to Evaluate Outbound Port Usage for Security and Reduction of IDS Alerts A Case Study
Kenneth Underwood - October 31, 2003
Knowing" what traffic is leaving your network, is like turning on the light, where there was once darkness. This paper will give examples of what I found in our corporate network, and what I did about it.
Case Study in Automating Branches of a Bank
Tim Rhome - October 31, 2003
This case study will highlight points that were addressed while automating 85 locations for a bank.
Wireless and Moneyless
Ryan Blake - October 31, 2003
This is a study of how one organization met the challenge of deploying a reasonably secure WLAN with virtually no capitol.
Integrating Real-Time Services on the Web
Pete Kobak - October 31, 2003
This paper describes the development of technical processes and analysis models that enable the institution to quickly and safely integrate new business services into the institution's web site.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact email@example.com.
All papers are copyrighted. No re-posting or distribution of papers is permitted.