TECHNICALINFO.NET has Good Resources by M. E. Kabay, PhD, CISSP-ISSMP CTO, School of Graduate Studies Norwich University, Northfield VT
One of the joys of teaching is that students can support and stimulate teachers' curiosity and enthusiasm. Norwich University< http://www.norwich.edu > Computer Security and Information Assurance< http://www.norwich.edu/academics/business/infoAssurance/index.html > major Amanda Brown is a brilliant and enthusiastic contributor to the CJ341 Cyberlaw/Cybercrime< http://www.mekabay.com/courses/academic/norwich/cj341/index.htm > class and a stalwart of the Norwich Security and Forensics Club. She often circulates interesting references and recently pointed the class to a new White Paper (“Continuing Business with Malware Infected Customers: Best Practices and the Security Ergonomics of Web Application Design for Compromised Customer Hosts”)< http://www.technicalinfo.net/papers/MalwareInfectedCustomers.html > by Gunter Ollmann< http://www.technicalinfo.net/gunter/index.html >, Director of Security Strategy for IBM Internet Security Systems.< http://iss.net/ > I am grateful to her for introducing me to Mr Ollman's fine collection of published works and want readers to be aware of his contributions to the field. The first section readers might like to explore on the Web site he calls “TECHNICAL INFO: making sense of security” is the collection of White Papers< http://www.technicalinfo.net/papers/index.html > on a number of hot topics in security. Because the index page has excellent abstracts, I’ll simply list the titles and subtitles and urge readers to visit the site themselves:
Advice on Assessing your Custom Application
Advice on Assessing your IT Security Posture
Anti Brute Force Resource Metering: Helping to Restrict Web-based Application Brute Force Guessing Attacks through Resource Metering
Application Assessment Questioning: What should a consultant be looking for when conducting an application assessment?
Application Security Assessments
Assessing Your Security
Attacks Using the common web browser
Best Practices on Securing Custom HTML Authentication Procedures
Continuing Business with Malware Infected Customers: Best Practices and the Security Ergonomics of Web Application Design for Compromised Customer Hosts
Custom HTML Authentication
HTML Code Injection and Cross-site Scripting: Understanding the cause and effect of CSS (XSS) Vulnerabilities
Instant Messenger Security: Securing against the "threat" of instant messengers
Mail Non-delivery Notice Attacks
Old Threats Never Die: Why Protection for Old Vulnerabilities can never be Retired
Passive Information Gathering: The Analysis of Leaked Network Security Information
Pharming Guide, The
Phishing Guide: Understanding and Preventing Phishing Attacks, The
Second-order Code Injection: Advanced Code Injection Techniques and Testing Procedures
Securing WLAN Technologies: Secure Configuration Advice on Wireless Network Setup
Security Best Practice - Host Naming and URL Conventions Security: Considerations for Web-based Applications
SEO Code Injection: Search Engine Optimization Poisoning
Stopping Automated Attack Tools: An analysis of web-based application techniques capable of defending against current and future automated attack tools
Understanding the Web browser threat: Examination of vulnerable online Web browser populations and the "insecurity iceberg"
URL Embedded Attacks
Vishing Guide: A close look at voice phishing, The
Web Based Session Management: Best practices in managing HTTP-based client sessions
X-morphic Exploitation: One-of-a-kind Exploit Delivery Systems and Services
Another useful section of TECHNICAL INFO is Tools< http://www.technicalinfo.net/tools/index.html >, where Mr Ollman has provided Web interfaces to a number of tools that can scan open-source information about Internet domains and IP addresses. As explained in his paper on “Passive Information Gathering Techniques,”< http://www.technicalinfo.net/papers/PassiveInfoPart1.html >, organizations should routinely monitor the details of information about their networks by scanning the ‘Net and ensuring that what’s actually available is only what should be available. Finally, the blog< http://www.technicalinfo.net/blog/index.html > has occasional postings about topics of interest, including Mr Ollman’s new papers. There’s also a set of archives and an RSS feed so we can be kept informed of changes automatically. Mr Ollman can be proud of his professional work and I hope readers will tell him so. *** M. E. Kabay, PhD, CISSP-ISSMP < mailto:
[email protected] > specializes in security and operations management consulting services. CV online.< http://www.mekabay.com/cv/ > Copyright 2008 M. E. Kabay. All rights reserved. Permission is hereby granted to Network World to distribute this article at will, to post it without limit on any Web site, and to republish it in any way they see fit.