September 9, 2009 11:03 AM
Posted by: Arian Eigen Heald
free tools,
information security,
Tools & Tricks of the Trade,
Tools for Auditing and Security,
WirelessIf you're like me, you're always hunting for the free tools out there you can add to your arsenal to keep (or in my case, test) the security of your network. Just out, a great addition to my toolset, is a new update to the well-known tool, aircrack-ng...
August 30, 2009 12:46 AM
Posted by: Arian Eigen Heald
Admins and Auditors,
information security,
Tools for Auditing and SecurityA number of commentators, notably IBM's Kris Lamb, have reported that malicious code is no longer limited, for the most part, to p0rn and other sleazy websites. Hackers are targeting the...
May 21, 2009 6:19 PM
Posted by: Arian Eigen Heald
firewalls,
routers,
Security Devices,
Tools & Tricks of the Trade,
Tools for Auditing and SecurityI see a LOT of firewall configuration files and router configuration files. It's the bane of my auditor's existence to read through a PIX firewall config (up to 500 pages of a text file). After the 35th page of text, you could drive a truck through that firewall while I tried to wake up.
Plus,...
May 18, 2009 3:08 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
free tools,
information security policy,
IT Compliance - Policies,
security policies,
Tools & Tricks of the Trade,
Tools for Auditing and SecurityThanks to an email, I've come across a great website to offer you when it's time to go looking for some good policy templates.
SANS, the be-all end-all of security training, has organized a website that offers us
April 10, 2009 8:28 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
Database,
DataManagement,
Tools for Auditing and Security(Sorry, I apologize for using an acronym, but I couldn't resist.)
Whenever the subject comes up of logging activity in a database, immediately the complaints of "Too much overhead!" can be heard. Everybody thinks it's a good idea in theory, but from a practical standpoint, it adds a lot of...
December 28, 2008 3:14 PM
Posted by: Arian Eigen Heald
"How Do You Know?",
Admins and Auditors,
Compliance,
Hardware & InfoSec,
IT audit,
Security Devices,
TCM (Truly Clueless Management),
Tools & Tricks of the Trade,
Tools for Auditing and SecurityOK, so you've bought the glow-in-the-dark, meets all the compliance requirements and looks really shiny "security solution" from a vendor (one or many).
Or maybe your management has bought it and presented it to you as a fait accompli. (Hope I'm spelling that fancy French right!) And of course...
October 28, 2008 3:08 PM
Posted by: Arian Eigen Heald
Hardware & InfoSec,
Mobile,
Tools & Tricks of the Trade,
Tools for Auditing and SecurityI'm having very mixed feelings, I must say, on what I've been reading about accessing information from cell phones. On the one hand, in my line of work, which occasionally includes forensics, I'm pleased to see new tools come out that make my job that much easier. The Cell Seizure Investigator...
October 23, 2008 4:41 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
DataCenter,
Hardware & InfoSec,
Security,
Tools for Auditing and SecurityThe most secure Data Centers I've seen utilize electronic access cards of some type that have a good reporting mechanism, right down to which door. Of course, these systems don't do you a bit of good if no one looks at the logs, but that seems to be the exception, rather than the rule. Thank...
October 6, 2008 8:19 PM
Posted by: Arian Eigen Heald
Admins and Auditors,
AS/400,
Compliance,
IT audit,
Security,
Tools & Tricks of the Trade,
Tools for Auditing and SecurityIBM's system iSeries are some of the most solid server systems around. Formerly (and by some, still called) the AS400, those servers are at the top of the food chain for reliability and stability. DB2, the native database system for iSeries, is as solid as a rock, and powers many of the banking,...
