Featuring the 25 most popular papers within the past week as of November 27, 2015
Session Hijacking in Windows Networks
by Paul Jess - March 28, 2008 in Windows Issues
Before we can explore the session hijack attack, it is essential that we gain a basic understanding of network communications. The first section of this paper covers some of this background information needed to understand how computers communicate on a network. First we take a look at the TCP/IP protocol (Transmission Control Protocol/Internet Protocol) examining a concept critical to network communication called the three-way-handshake. Once we have a basic understanding of these concepts, we can then work towards understanding how the session hijack attack exploits the design flaws inherent in the TCP/IP protocol.
Encryption Solutions for Small Networks
by David Reed - November 20, 2015 in Encryption & VPNs
Data is being created faster than ever before. Every minute in 2014 users created 2.5 million pieces of Facebook content, 300,000 Tweets, and 220,000 Instagram photos (Gunelius, 2014). Each swipe of a credit card, scan of a loyalty card, and launch of a smartphone app creates even more data.
On the x86 Representation of Object Oriented Programming Concepts for Reverse Engineers
by Jason Batchelor - November 24, 2015 in Malicious Code
While object oriented programming is generally understood by developers using higher level languages, such as C++, the reverse engineer is required to understand how these concepts manifest themselves within a compiled binary.
United Airlines May 2015 Data Breach: Suggested Near, Mid and Long-Term Mitigating Actions Using the 20 Critical Security Controls
by Philip G. Rynn - November 23, 2015 in Breaches
A series of highly-publicized data breaches in recent years have shed light on the growing threat and prevalence of private and public organizational loss of valuable online data at the hands of illegitimate sources.
There's No Going it Alone: Disrupting Well Organized Cyber Crime
by John Garris - November 23, 2015 in Case Studies
On July 8th, 2015, Vladimir Tsastsin pled guilty to charges relating to his development and long-term management of a criminal enterprise that conducted a complex, highly profitable Internet fraud scheme involving millions of compromised computers located in over 100 countries.
SSL and TLS: A Beginners Guide
by Holly McKinley - May 12, 2003 in Protocols
This paper particularly serves as a resource to those who are new to the information assurance field, and provides an insight to two common protocols used in Internet security.
Forensic Analysis on iOS Devices
by Tim Proffitt - January 25, 2013 in Forensics
Technology in smart phones and tablets is advancing in a feverish pace.
SSL/TLS: What's Under the Hood
by Sally Vandeven - August 19, 2013 in Authentication
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are both protocols used for the encryption of network data.
Disaster Recovery Plan Strategies and Processes
by Bryan Martin - March 5, 2002 in Disaster Recovery
This paper discusses the development, maintenance and testing of the Disaster Recovery Plan, as well as addressing employee education and management procedures to insure provable recovery capability.
A Forensic Look at Bitcoin Cryptocurrency
by Michael Doran - November 16, 2015 in Forensics
Since the creation of the Internet in 1969, there have been notable technological advances involving the Internet that not only drastically affect each aspect of a person's life, but also forever changes the way that a society functions (Strickland, 2007).
Designing a Secure Local Area Network
by Daniel Oxenhandler - January 30, 2003 in Best Practices
This paper examines of some of the issues in designing a secure Local Area Network (LAN) and some of the best practices suggested by security experts.
Incident Handler's Handbook
by Patrick Kral - February 21, 2012 in Incident Handling
An incident is a matter of when, not if, a compromise or violation of an organization's security will happen.
An Introduction to Information System Risk Management
by Steve Elky - June 6, 2006 in Auditing & Assessment
Key elements of information security risk, offering insight into risk assessment methodologies.
2015 Analytics and Intelligence Survey
by Dave Shackleford - November 10, 2015
- Associated Webcasts: Security Analytics Maturation Curve: Part 1 of the 3rd Annual SANS Security Analytics and Intelligence Survey Moving up the Analytics Maturation Curve: Part 2 of the 3rd Annual SANS Security Analytics and Intelligence Survey
- Sponsored By: LogRhythm AlienVault Lookingglass Cyber Solutions, Inc. SAS INSTITUTE INC ThreatStream DomainTools
Although survey results indicate slow and steady progress in the use of analytics and intelligence, most analytics programs lack maturity. Read this survey to understand what is missing and learn where most organizations plan to invest funds to drive improvement.
Cloud Assessment Survival Guide
by Edward Zamora - November 10, 2015 in Cloud Computing, Penetration Testing
The time has come where the society at large is living in the cloud. Many have questioned the security of information in the cloud and many have been told that information is safe there. But how can one be sure that information is indeed safe in the cloud? In this day and age where there is an increased dependence on such complex technology as cloud systems, there are needs for methodologies to test cloud deployments. For organizations that have or seek to implement cloud technology in their environment, this paper will present a brief background on cloud technology and a methodology for assessing the security of their cloud implementation based on penetration testing principles.
Windows Logon Forensics
by Sunil Gupta - March 12, 2013 in Forensics
Digital forensics, also known as computer and network forensics, is the application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data.
Penetration Testing: Assessing Your Overall Security Before Attackers Do
by Stephen Northcutt, Jerry Shenk, Dave Shackleford, Tim Rosenberg, Raul Sile, Steve Mancini - November 17, 2006 in Penetration Testing
- Sponsored By: Core Security Technologies
CORE IMPACT provides a stable, quality-assured testing tool that can be used to accurately assess systems by penetrating existing vulnerabilities.
An Overview of Threat and Risk Assessment
by James Bayne - January 22, 2002 in Auditing & Assessment
The purpose of this document is to provide an overview of the process involved in performing a threat and risk assessment
The Importance of Security Awareness Training
by Cindy Brodie - January 14, 2009 in Security Awareness
One of the greatest threats to information security could actually come from within your company or organization. Inside attacks have been noted to be some of the most dangerous since these people are already quite familiar with the infrastructure. It is not always disgruntled workers and corporate spies who are a threat. Often, it is the non-malicious, uninformed employee (CTG, 2008).
Writing a Penetration Testing Report
by Mansour Alharbi - April 29, 2010 in Best Practices, Penetration Testing
`A lot of currently available penetration testing resources lack report writing methodology and approach which leads to a very big gap in the penetration testing cycle. Report in its definition is a statement of the results of an investigation or of any matter on which definite information is required (Oxford English Dictionary). A penetration test is useless without something tangible to give to a client or executive officer. A report should detail the outcome of the test and, if you are making recommendations, document the recommendations to secure any high-risk systems (Whitaker & Newman, 2005). Report Writing is a crucial part for any service providers especially in IT service/ advisory providers. In pen-testing the final result is a report that shows the services provided, the methodology adopted, as well as testing results and recommendations. As one of the project managers at major electronics firm Said "We don't actually manufacture anything. Most of the time, the tangible products of this department [engineering] are reports." There is an old saying that in the consulting business: If you do not document it, it did not happen. (Smith, LeBlanc & Lam, 2004)
Securing the Internet of Things Survey
by John Pescatore - January 15, 2014 in Covert Channels, Information Warfare
- Associated Webcasts: SANS Analyst Webcast: SANS Survey on Securing The Internet of Things
- Sponsored By: Codenomicon Norse
Survey reveals the risks introduced by an increasing array of "smart" things with wireless or Internet connections.
Introduction to Business Continuity Planning
by Gan Chee-Syong - October 1, 2001 in Disaster Recovery
The purpose of this document is to give an overview of what is Business Continuity Planning and provide some guidance and resources for beginner.
Conducting a Penetration Test on an Organization
by Chan Wai - October 4, 2001 in Auditing & Assessment
A methodology for executing penetration testing.
Implementing a Vulnerability Management Process
by Tom Palmaers - April 9, 2013 in Threats/Vulnerabilities
A vulnerability is defined in the ISO 27002 standard as "A weakness of an asset or group of assets that can be exploited by one or more threats" (International Organization for Standardization, 2005).
Easy Steps to Cisco Extended Access List
by Nancy Navato - July 5, 2001 in Network Devices
The purpose of this document is to explain in simple words how you can easily create an Extended Access List and apply it to your Cisco Router interface.
All papers are copyrighted. No re-posting or distribution of papers is permitted.