Blog Posts Tagged with "Administration"
June 08, 2012 Added by:Brent Huston
The time it takes to crack a password is the only true measure of its worth. Morris has created a tool for administrators that allows them to configure a password policy based on the time to crack, the possible technology that an attacker might be using, and the password protection technology in use...
January 09, 2012 Added by:Rafal Los
How do our organizations treat administrators (more specifically highly privileged users) when they are removed from active duty? It seems that in large organizations the issue is easier to at last draw a line around than in smaller orgs - but the problems remain...
August 04, 2011 Added by:Brent Huston
The purpose of a trust map is to graphically demonstrate trust between components of your organization. It is a graphic of how authentication occurs, what systems share accounts and what systems trust other systems in an environment. Done properly, they become a powerful tool with a real payoff...
June 01, 2011 Added by:Rob Fuller
When trying to dump password hashes on a Windows 2008 R2 64 bit box I constantly run into the "The parameter is incorrect" error in Meterpreter. Well, with a bit of migration you'll be back to passing the hash. Here is how, with a bit of the thought process first...
May 16, 2011 Added by:Alex Hamerstone
The purpose section should include information about why the policy is necessary. You may also wish to add some information about how the issue was dealt with historically. It is also a great place to reiterate some company values. An example is “To ensure compliance with..."
May 09, 2011 Added by:Alex Hamerstone
The formatting and structure of documentation is not the most enthralling topic. It is however one of the most important elements of effective documentation. Delivering information in a clear and consistent way is essential to ensure documents are easy to use and effective...
May 05, 2011 Added by:Gurudatt Shenoy
The argument that devices can be stolen and thus cannot be fail-proof against data theft can be certainly countered by the fact that such devices can be detected quite early and rendered unusable, as compared to stolen passwords that are most often detected only once the damage is done...
May 03, 2011 Added by:Alex Hamerstone
As far as information security, every organization will have a unique set of foundational policies. Although there will be many that are common to all organizations, the unique qualities of each organization call for custom policies. How then, do we determine what basic policies we need?
April 19, 2011 Added by:Bill Gerneglia
A sizable number of comments took the line that playing games on corporate systems was either beneficial to the company or caused no significant harm. One agreed with an IT professional quoted in the story, who said that gaming helps IT employees “stay sharp"...
April 07, 2011 Added by:Global Knowledge
As users have to create several passwords for different systems and change them every 60 or 90 days, it’s little wonder they default to the least complicated password their systems allow and make only minor variations when forced to change them. Unfortunately, such passwords are easy to guess...
April 05, 2011 Added by:Jamie Adams
System admins must take into account all methods in which software may get installed onto systems. A strong change management program and strict access is required. Unfortunately, I have yet to experience an all-encompassing software version scanner and patch management tool...
March 24, 2011 Added by:Robert Gezelter
The WebSocket protocol is a new facility; originally conceived as part of the HTML5 effort. Together with its applications programming interface (API), the WebSocket protocol provides a standard framework for ongoing communications between web clients and servers...
March 22, 2011 Added by:Headlines
Network administrators may be conducting their own personal risk assessments in the course of their daily duties. They may be weighing factors such as performance pay incentives, the thoroughness of security audits, and time constraints when deciding what is or is not a priority...
March 04, 2011 Added by:Alex Hamerstone
It is important to note that certain policies may be confidential according to an asset classification program. A Network Security Policy delineating requirements for protections such as connection restrictions or intrusion protection and detection may be valuable for an attacker...
February 24, 2011 Added by:Ben Rothke
Security Information and Event Management (SIEM) attempts to fix that by aggregating, correlating and normalizing the log and audit data. The end result is a single screen that presents all of the disparate data into a common element. While great in theory, the devil is in the details...
February 21, 2011 Added by:Robert Gezelter
OpenVMS system managers need to develop the plans, processes, and procedures to respond to legal process requests. Correctly dealing with these requests minimizes the impact on production systems. Failure to address these situations can expose the organization to significant liability...
Wanna Buy Some Dumps?... Biniohs Chekcer on 06-19-2013
Student Pleads Guilty to Counterfeiting Coup... on 06-18-2013