Sunday, January 29, 2006

The Security Monitoring and Attack Detection Planning Guide

Found this Guide while reading a thread on Windows Log management.
Here is a quick brief description:

This guide is designed to help organizations plan a security monitoring and attack detection system based on Windows Security Event logs. It highlights how to interpret the events and which events indicate the possibility that an attack is in progress.

Overview
The Security Monitoring and Attack Detection Planning Guide is a practical support document for business and information technology professionals who are working to develop systems to monitor security on a network and to detect intruders. Its primary goals and objectives are to:
  1. Introduce the concepts of security monitoring and attack detection.
  2. List applications that can provide event log correlation.
  3. Describe best practice activities and processes for developing a security monitoring and attack detection system.
  4. Identify business, technical, and security issues for:
    Detecting policy violations
    Detecting external attacks
    Implementing forensic analysis
  5. Design a security monitoring and attack detection solution that can identify when attacks on the network take place.
  6. Provide the ability to implement data retention for Forensic Analysis.

Download it and start reading it. If not all, some parts of it maybe useful, for sure. Imagine starting to understand Forensic Analysis using Windows Log!!

Saturday, January 21, 2006

Windows XP SP3 Due Out in Second Half of 2007

(18 January 2006)

Microsoft has set a tentative release date of the second half of 2007 for Windows XP Service Pack 3 (SP3) the professional and home editions.
Windows XP SP2 was released in 2004. Microsoft reportedly pushed back the release date for XP SP3 to allow them to concentrate resources on Windows Vista, which is scheduled to be released later this year.
http://www.zdnetasia.com/news/software/printfriendly.htm?AT=39305800-39000001c
http://www.theregister.co.uk/2006/01/18/windows_xp_sp3_delay/
http://www.microsoft.com/windows/lifecycle/servicepacks.mspx

From sans.org

The Smart Card Deployment Cookbook

Overview
Typically, a cookbook is a collection of recipes, or instructions, that explain how to do something and what you need to do it. This "cookbook" is a set of "recipes" for deploying smart cards in an enterprise that is deploying Microsoft Windows 2000 Active Directory. The white papers in this series will help you understand the principal smart card concepts and guide you through the planning tasks.
The cookbook is divided into three sections:
On This Page

About This Cookbook

Who Should Read This Series

Section 1: Smart Card Backgrounder

Section 2: Smart Card Deployment Planning Considerations

Section 3: Smart Card Deployment Scenario

Related Materials