CLASP guidelines
My company is considering implementing the CLASP (Comprehensive, Lightweight, Application, Security Process) in our development cycle. Has anyone done this? How was it handled? How did it affect production? Any info you can share would be extremely helpful.
My company is considering implementing the CLASP (Comprehensive, Lightweight, Application, Security Process) in our development cycle. Has anyone done this? How was it handled? How did it affect production? Any info you can share would be extremely helpful.
0 pts.
Opinions about firewalls and VPN
I currently have watchguard firewalls and IPSec tunnels between them and the other watchguard firewalls. We also have remote users VPN into the firewall for access to our network. Our firewalls are fine but we haven't been that happy with the support over the last 5 or so years. We are joining...
I currently have watchguard firewalls and IPSec tunnels between them and the other watchguard firewalls. We also have remote users VPN into the firewall for access to our network. Our firewalls are fine but we haven't been that happy with the support over the last 5 or so years. We are joining...
How to Block Chat in the Network
Dear All, I am wrting this mail to you all, to know if any you have been successfull in Blocking Chats on your networks, and if so, then how have you acheived it? Could you please tell me which Ports to Block for MSN, Yahoo, Rediff, ICQ, Skype. I am using a NetAPPs Net Cache C 1300, and I am...
Dear All, I am wrting this mail to you all, to know if any you have been successfull in Blocking Chats on your networks, and if so, then how have you acheived it? Could you please tell me which Ports to Block for MSN, Yahoo, Rediff, ICQ, Skype. I am using a NetAPPs Net Cache C 1300, and I am...
SAVACTWAIT time on SAVLIB, etc.
Hi, Has anyone experimented with the SAVACTWAIT time on the SAVLIB command. The default on 120 second seems rather long. What I am looking for is a realistic value based on fact such as that if an object does not become available after 5 second the change that it will become available after 120...
Hi, Has anyone experimented with the SAVACTWAIT time on the SAVLIB command. The default on 120 second seems rather long. What I am looking for is a realistic value based on fact such as that if an object does not become available after 5 second the change that it will become available after 120...
Local LAN Vulnerabilities and Open Ports NAT
QUESTION: How someone would go about exploiting a vulnerability within a LAN sitting behind a router running NAT/NAPT...where would you start? Hacking the open port? Routing Tables? Accessing remote administration on the modem? (disable NAT)?? bah... MY SYSTEM/SETUP: I have 1 XP SP2 Machine...
QUESTION: How someone would go about exploiting a vulnerability within a LAN sitting behind a router running NAT/NAPT...where would you start? Hacking the open port? Routing Tables? Accessing remote administration on the modem? (disable NAT)?? bah... MY SYSTEM/SETUP: I have 1 XP SP2 Machine...
Batch Password Changes
I initiate many FTP sessions to many AS400's via a MVS mainframe. The problem I am running into is that I need to change the passwords periodically. I need to find a method to do this in a batch mode. I think I should be able to use the QUOTE RCMD but have been unable to come up withthe correct...
I initiate many FTP sessions to many AS400's via a MVS mainframe. The problem I am running into is that I need to change the passwords periodically. I need to find a method to do this in a batch mode. I think I should be able to use the QUOTE RCMD but have been unable to come up withthe correct...
Network Resource Allocation cum Planning cum Technical Problem
This is the real commercial problem face by my company. Well, the reason I ask this problem is I salute and respect all of you as I believe all of you are as good as network solution company out there, or even better!! Lets me rephrase the entire problem again. Company expand so fast that the...
This is the real commercial problem face by my company. Well, the reason I ask this problem is I salute and respect all of you as I believe all of you are as good as network solution company out there, or even better!! Lets me rephrase the entire problem again. Company expand so fast that the...
Design NEW network cum NEW IT infrastructure-2
Company expand so fast that the IT infrastructure is not fast enough to cater high volume of traffic; the initial design is not scalable. The number of new branch offices setup caused the company pay a high price in the leased line communication. Salesman and management staffs dial into company...
Company expand so fast that the IT infrastructure is not fast enough to cater high volume of traffic; the initial design is not scalable. The number of new branch offices setup caused the company pay a high price in the leased line communication. Salesman and management staffs dial into company...
Design NEW network cum NEW IT infrastructure
Company expand so fast that the IT infrastructure is not fast enough to cater high volume of traffic; the initial design is not scalable. The number of new branch offices setup caused the company pay a high price in the leased line communication. Salesman and management staffs dial into company...
Company expand so fast that the IT infrastructure is not fast enough to cater high volume of traffic; the initial design is not scalable. The number of new branch offices setup caused the company pay a high price in the leased line communication. Salesman and management staffs dial into company...
Outlook and Windows Firewall
I have a workstation running XP SP2 and Outlook 2002. Outlook is configured to communicate with an Exchange server. Recently, Outlook has been operating as though the necessary Windows Firewall program exception and registry entry have not been made. New emails do not appear without first...
I have a workstation running XP SP2 and Outlook 2002. Outlook is configured to communicate with an Exchange server. Recently, Outlook has been operating as though the necessary Windows Firewall program exception and registry entry have not been made. New emails do not appear without first...
Architectural risk analysis
I just read the Q&A with Gary McGraw on building security into the development process -- http://searchappsecurity.techtarget.com/qna/0,289202,sid92_gci1187360,00.html -- and he said architectural risk analysis is one thing everyone should be doing to make sure you're developing secure apps. I...
I just read the Q&A with Gary McGraw on building security into the development process -- http://searchappsecurity.techtarget.com/qna/0,289202,sid92_gci1187360,00.html -- and he said architectural risk analysis is one thing everyone should be doing to make sure you're developing secure apps. I...
Group policy change - cannot get back into Group policy MMC
Recently implemented change to group policy recommended by software vendor by the below instructions: 1. Click Start, point to Programs, point to Administrative Tools, and then click Domain Controller Security Policy. 2. Click Security Settings. 3. Click Local Policies, and then click User Rights...
Recently implemented change to group policy recommended by software vendor by the below instructions: 1. Click Start, point to Programs, point to Administrative Tools, and then click Domain Controller Security Policy. 2. Click Security Settings. 3. Click Local Policies, and then click User Rights...
What is SSI injection
I recently read an article that mentioned SSI injection. I'm aware of SQL injection, but not SSI. Can anyone explain what it is and what should be done to protect against it? Thanks
I recently read an article that mentioned SSI injection. I'm aware of SQL injection, but not SSI. Can anyone explain what it is and what should be done to protect against it? Thanks
route mail with fax service in sbs 2003
i have a sbs 2003 on my network and i configure him to get all the fax of my company, the only problem is that when i configure him to route all the incoming fax to some mail it does not seem to work, i check the event log and i get error 32083 and with this massage: Unable to route fax...
i have a sbs 2003 on my network and i configure him to get all the fax of my company, the only problem is that when i configure him to route all the incoming fax to some mail it does not seem to work, i check the event log and i get error 32083 and with this massage: Unable to route fax...
Looking for application vulnerability scanner
My group is considering implementing an application vulnerability scanner to look for security holes in our Web sites. Can you recommend some products? Thanks
My group is considering implementing an application vulnerability scanner to look for security holes in our Web sites. Can you recommend some products? Thanks
Laptop Security (Remotely)
Hi, I am an Information Security Consultant. We want to monitor all activities done by Laptop Users when they are working offline. Can somebody suggest a tool which can push all logs on server while a user is working offline. We have banned USB sticks in our office and also all email activity is...
Hi, I am an Information Security Consultant. We want to monitor all activities done by Laptop Users when they are working offline. Can somebody suggest a tool which can push all logs on server while a user is working offline. We have banned USB sticks in our office and also all email activity is...
MSWord Password and MSExcel Password
I am using different password for my secured files but I loose which one i use in certain file. Now I can not retrieve it. Is there any way i can open it again or retrieve my password so I can open my files? I have little knowledge in VB6, is there any one generous to give me a source code about...
I am using different password for my secured files but I loose which one i use in certain file. Now I can not retrieve it. Is there any way i can open it again or retrieve my password so I can open my files? I have little knowledge in VB6, is there any one generous to give me a source code about...
Blocking pop access over http
Dear you, How can I exactly block the following: 1- Hotmail pop access over http 2- Block skype phone calls 3- Block sites like gotomypc.com etc 4- Block internet file share drives like yousendit.com google drive Thank you Kindi
Dear you, How can I exactly block the following: 1- Hotmail pop access over http 2- Block skype phone calls 3- Block sites like gotomypc.com etc 4- Block internet file share drives like yousendit.com google drive Thank you Kindi
Folder Security
We have a folder containing lots of confidential docs that supposedly accessible to all employees that should have read permission only. They should not be able to Print/Copy/SaveAs/E-Mail and do other docs stuff. Our IT staff had made the folder read only though people could still re-save the...
We have a folder containing lots of confidential docs that supposedly accessible to all employees that should have read permission only. They should not be able to Print/Copy/SaveAs/E-Mail and do other docs stuff. Our IT staff had made the folder read only though people could still re-save the...
Explanation & remedy for Web-based Attack
Fully Patched fresh Windows 2003 with PLESK 7.5.6 Compromised again in 30 minutes after a CLEAN rebuild here is How attack occurs ========================== first we observe service.dll Nadeware.msi in system32 folder and a clone of srv-u FTP had run. then we observe an account named help added...
Fully Patched fresh Windows 2003 with PLESK 7.5.6 Compromised again in 30 minutes after a CLEAN rebuild here is How attack occurs ========================== first we observe service.dll Nadeware.msi in system32 folder and a clone of srv-u FTP had run. then we observe an account named help added...
