The creation, processing, distribution, and management of Intrusion Detection/Prevention System rulesets

Contributed by Mike Richter.


The Increasing use of Digital Technology in Public Schools, Possible Threats, and Methods used for IT Security

Contributed by Larry Gene Hastings Jr.

This paper seeks to provide an understanding of the different computing needs being utilized in public school systems by identifying devices used to provide digital communication services to employees and students. By identifying what services are being provided, protocols and procedures for security can be identified as well. This will enable the reader to more fully understand what is needed to secure the underlying networks that make up the backbone for the devices used throughout a public school system.

This document is in PDF format. To view it click here.


Berkeley Packet Filters – The Basics

Contributed by Jeff Stebelton.

What are Berkeley Packet Filters? BPF’s are a raw (protocol independent) socket interface to the data link layer that allows filtering of packets in a very granular fashion1. BPF were first introduced in 1990 by Steven McCanne of Lawrence Berkeley Laboratory, according the FreeBSD man page on bpf2.

This document is in PDF format. To view it click here.


Mobile Device Forensics

Contributed by Vicki Holzknecht.


Mitigation Techniques and Practical Implementation of EMET

Contributed by Ben Rain.

As the size of the internet and number of devices both on the personal and enterprise level increases, so does the number of cyber criminals. With so many devices, and so many vulnerabilities within these networks, how do we keep information safe? The answer is a endless amount of applications, physical devices, intrusion detection systems and the list goes on. Wouldn't it be nice if there was an application already loaded on most operating systems that could give a substantial amount of protection for our vulnerable programs but was not hard to implement?

The answer is EMET. EMET stands for Enhanced Mitigation Experience Toolkit and is a free Windows-based security tool that adds security defenses by using specific mitigation techniques to prevent exploits related to memory corruption. EMET defends against memory corruption vulnerabilities; EMET is easily implemented; and EMET has many practical uses.


Subscribe to RSS - Sistema