ID Theft and National Security
If it turns out, as I believe, that enemies of the United States are behind a lot of the major ID thefts in the US, that would mean that a lot of money is going to our enemies. Can we therefore surmise that those who mishandle our identity information, by means of their poor stewardship [...]
Answer Question
| September 21, 2010 10:35 PM
Application security, Auditing, Biometrics, Business/IT alignment, California Security Breach Information Act, Can Spam Act, Compliance, CRM, Database, Digital certificates, Disaster Recovery, E-business, Encryption, Exchange, Gramm-Leach-Bliley Act, HIPAA, Identity & Access Management, Incident response, Information risk management, Instant Messaging, ISO 17799, Laws, Policies, provisioning, Regulations, Risk management, Sarbanes-Oxley Act, Secure Coding, Security, Security management, Security products, Security Program Management, Security tokens, Single sign-on, standards, USA Patriot Act, Vulnerability Assessment & Audit
If it turns out, as I believe, that enemies of the United States are behind a lot of the major ID thefts in the US, that would mean that a lot of money is going to our enemies. Can we therefore surmise that those who mishandle our identity information, by means of their poor stewardship [...]
Answer Question
| September 21, 2010 10:35 PM
Application security, Auditing, Biometrics, Business/IT alignment, California Security Breach Information Act, Can Spam Act, Compliance, CRM, Database, Digital certificates, Disaster Recovery, E-business, Encryption, Exchange, Gramm-Leach-Bliley Act, HIPAA, Identity & Access Management, Incident response, Information risk management, Instant Messaging, ISO 17799, Laws, Policies, provisioning, Regulations, Risk management, Sarbanes-Oxley Act, Secure Coding, Security, Security management, Security products, Security Program Management, Security tokens, Single sign-on, standards, USA Patriot Act, Vulnerability Assessment & Audit
Linux Policy
Hi, We are very new to the Linux environment and we have to create a Linux Security Policy. Can’t find any examples searching the WEB. Can you point me in the right direction to find sample policies> We are using SuSE LInux. Thanks for the assistance. Regards. Dave
Answer Question
| March 11, 2005 7:30 AM
Linux, Policies
Hi, We are very new to the Linux environment and we have to create a Linux Security Policy. Can’t find any examples searching the WEB. Can you point me in the right direction to find sample policies> We are using SuSE LInux. Thanks for the assistance. Regards. Dave
Answer Question
| March 11, 2005 7:30 AM
Linux, Policies
Users cannot change password after upgrading Domain Controllers to 2003.
Hi there, We recently upgraded our DC’s from 2000 to 2003, which were themselves upgraded from NT4. Since the upgrade users cannot change their pwds. Keeps coming back with the msg: “Your password must be at least 6 characters, cannot repeat any of your previous 5 passwords and must be at least 21 days old. [...]
Answer Question
| March 9, 2005 3:11 PM
Policies, Tech support, Windows 2000 desktop, Windows client administration and maintenance, Windows Server 2003, Windows XP
Hi there, We recently upgraded our DC’s from 2000 to 2003, which were themselves upgraded from NT4. Since the upgrade users cannot change their pwds. Keeps coming back with the msg: “Your password must be at least 6 characters, cannot repeat any of your previous 5 passwords and must be at least 21 days old. [...]
Answer Question
| March 9, 2005 3:11 PM
Policies, Tech support, Windows 2000 desktop, Windows client administration and maintenance, Windows Server 2003, Windows XP
Front-End Reporting Tools for Secure Web Service Application with MS-SQL server-2
Hi… We are a Cdn Govt agency involved in Satellite Operations with a commercial partner based across the country. We will need to build/buy a small secure web service application for reporting purposes that will require minimal IT experise to build or maintain, and will deliver maximum performance in terms of response time and data [...]
Answer Question
| March 7, 2005 10:03 AM
Compliance, CRM, Disaster Recovery, Dreamweaver, E-business, Microsoft Access, Microsoft Office, Microsoft Windows, Policies, Risk management, Security Program Management, Servers, SQL Server
Hi… We are a Cdn Govt agency involved in Satellite Operations with a commercial partner based across the country. We will need to build/buy a small secure web service application for reporting purposes that will require minimal IT experise to build or maintain, and will deliver maximum performance in terms of response time and data [...]
Answer Question
| March 7, 2005 10:03 AM
Compliance, CRM, Disaster Recovery, Dreamweaver, E-business, Microsoft Access, Microsoft Office, Microsoft Windows, Policies, Risk management, Security Program Management, Servers, SQL Server
Front-End Reporting Tools for Secure Web Service Application with MS-SQL server
Hi… We are a Cdn Govt agency involved in Satellite Operations with a commercial partner based across the country. We will need to build/buy a small web service application for reporting purposes that will require minimal IT experise to build or maintain. The back end RDBMS engine is built with MS SQL server and will [...]
Answer Question
| March 2, 2005 9:49 AM
Compliance, CRM, Disaster Recovery, Dreamweaver, E-business, Microsoft Access, Microsoft Office, Microsoft Windows, Policies, Risk management, Security Program Management, Servers, SQL Server
Hi… We are a Cdn Govt agency involved in Satellite Operations with a commercial partner based across the country. We will need to build/buy a small web service application for reporting purposes that will require minimal IT experise to build or maintain. The back end RDBMS engine is built with MS SQL server and will [...]
Answer Question
| March 2, 2005 9:49 AM
Compliance, CRM, Disaster Recovery, Dreamweaver, E-business, Microsoft Access, Microsoft Office, Microsoft Windows, Policies, Risk management, Security Program Management, Servers, SQL Server
Reporting domain/workgroup membership on your LAN using PERL
This is more of an FYI. I just posted a perl script that I use to generate a daily report of all Workstations and Servers located on our LAN. This report is sorted by domain/workgroup membership and includes any visible shares on the machine. If anyone is interested you can read it here: http://frankenrouter.homeip.net/System+Admin+Articles/111.aspx Thanks, [...]
Answer Question
| August 23, 2005 12:13 PM
Active Directory, Compliance, CRM, Desktops, DHCP, Disaster Recovery, DNS, Ethernet, IPv4, Lotus Domino, NetBIOS, Networking, Networking services, Policies, Risk management, Security, Security Program Management, Vulnerability Assessment & Audit
This is more of an FYI. I just posted a perl script that I use to generate a daily report of all Workstations and Servers located on our LAN. This report is sorted by domain/workgroup membership and includes any visible shares on the machine. If anyone is interested you can read it here: http://frankenrouter.homeip.net/System+Admin+Articles/111.aspx Thanks, [...]
Answer Question
| August 23, 2005 12:13 PM
Active Directory, Compliance, CRM, Desktops, DHCP, Disaster Recovery, DNS, Ethernet, IPv4, Lotus Domino, NetBIOS, Networking, Networking services, Policies, Risk management, Security, Security Program Management, Vulnerability Assessment & Audit
Secure Email Delivery Applications
I am currently searching for the best application or service to provide end to end security for delivering encrypted emails from one company to another accross the Internet. I need the solutions to provide Smime, PGP, TLS, SSL, etc. My goal is to some how have the app or user decide if the email needs [...]
Answer Question
| March 4, 2005 9:21 AM
Application security, Compliance, CRM, Database, Disaster Recovery, E-mail applications, Encryption, Exchange, Instant Messaging, Policies, Risk management, Secure Coding, Security, Security Program Management
I am currently searching for the best application or service to provide end to end security for delivering encrypted emails from one company to another accross the Internet. I need the solutions to provide Smime, PGP, TLS, SSL, etc. My goal is to some how have the app or user decide if the email needs [...]
Answer Question
| March 4, 2005 9:21 AM
Application security, Compliance, CRM, Database, Disaster Recovery, E-mail applications, Encryption, Exchange, Instant Messaging, Policies, Risk management, Secure Coding, Security, Security Program Management
iseries Client Access does not allow third parties applications to open the login screen to change password when it’s expired.
Hello all: I will apreciate any help about this problem. I am a system administrator (mainly Active Directory) now dealing with this ISeries Client Access Problem in my 400 workstations. There are e few applications in the company, developed in FoxPro and Visual Basic, accesing the AS/400 (now a new 810) throwh ODBC. With older [...]
Answer Question
| October 20, 2009 7:41 PM
AS/400, Compliance, CRM, Disaster Recovery, Policies, Risk management, Security Program Management
Hello all: I will apreciate any help about this problem. I am a system administrator (mainly Active Directory) now dealing with this ISeries Client Access Problem in my 400 workstations. There are e few applications in the company, developed in FoxPro and Visual Basic, accesing the AS/400 (now a new 810) throwh ODBC. With older [...]
Answer Question
| October 20, 2009 7:41 PM
AS/400, Compliance, CRM, Disaster Recovery, Policies, Risk management, Security Program Management
ChoicePoint CISO says breach not an information security issue
The CISO of ChoicePoint says the theft of private information on 145,000 from its databases isn’t an information security issue because conmen used fraud, not hacking tools or techniques, to get the information. Anyone agree with that? Check it out: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1062076,00.html
Answer Question
| March 8, 2005 5:29 PM
Compliance, CRM, Disaster Recovery, Policies, Risk management, Security, Security Program Management
The CISO of ChoicePoint says the theft of private information on 145,000 from its databases isn’t an information security issue because conmen used fraud, not hacking tools or techniques, to get the information. Anyone agree with that? Check it out: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1062076,00.html
Answer Question
| March 8, 2005 5:29 PM
Compliance, CRM, Disaster Recovery, Policies, Risk management, Security, Security Program Management
Authorization in MIGO
I would like to grant a user authorization to object S_TCODE MIGO (Goods Receipt specifically for Purchase Order (movement type 101) where they could then enter any related data but restrict their activity to HOLD. A subsequent user would have the authorization to POST the document. I have checked SU24 but fail to see any [...]
Answer Question
| February 27, 2005 1:52 PM
Application security, Biometrics, Compliance, CRM, Database, Development, Digital certificates, Disaster Recovery, Encryption, Exchange, Identity & Access Management, Instant Messaging, Policies, provisioning, Risk management, Secure Coding, Security Program Management, Security tokens, Single sign-on
I would like to grant a user authorization to object S_TCODE MIGO (Goods Receipt specifically for Purchase Order (movement type 101) where they could then enter any related data but restrict their activity to HOLD. A subsequent user would have the authorization to POST the document. I have checked SU24 but fail to see any [...]
Answer Question
| February 27, 2005 1:52 PM
Application security, Biometrics, Compliance, CRM, Database, Development, Digital certificates, Disaster Recovery, Encryption, Exchange, Identity & Access Management, Instant Messaging, Policies, provisioning, Risk management, Secure Coding, Security Program Management, Security tokens, Single sign-on
Developing an antivirus (efficient):for Windows:Using VC++-2
I am working on a Project for making an antivirus.I have 2 other project parteners. But we don’t have an guidance on how to develop the antivirus.Plz give me any relevent Information on this subject.(like components of AV,Algorithms(efficient),methods,general dection & removal of virus).(Also tell me )where can i find this information ?
Answer Question
| June 29, 2012 3:49 AM
Application security, Architecture/Design, Central Command, Compliance, Computer Associates, configuration, CRM, Database, DataCenter, Desktop antivirus, Development, Disaster Recovery, Documentation, Encryption, Exchange, F-Secure, Features/Functionality, Fortinet, Help Desk, Information risk management, Instant Messaging, Intrusion management, Lifecycle development, Microsoft Windows, patching, PEN testing, Platform Security, Policies, Product evaluation, Redundancy, Risk management, Secure Coding, Security, Security management, Security products, Security Program Management, Service and support, Signature updating/Management, Software Quality Assurance, Storage, Tech support, Third-party services, Trend Micro, Vendor support, Vendors, VPN, Vulnerability Assessment & Audit, vulnerability management
I am working on a Project for making an antivirus.I have 2 other project parteners. But we don’t have an guidance on how to develop the antivirus.Plz give me any relevent Information on this subject.(like components of AV,Algorithms(efficient),methods,general dection & removal of virus).(Also tell me )where can i find this information ?
Answer Question
| June 29, 2012 3:49 AM
Application security, Architecture/Design, Central Command, Compliance, Computer Associates, configuration, CRM, Database, DataCenter, Desktop antivirus, Development, Disaster Recovery, Documentation, Encryption, Exchange, F-Secure, Features/Functionality, Fortinet, Help Desk, Information risk management, Instant Messaging, Intrusion management, Lifecycle development, Microsoft Windows, patching, PEN testing, Platform Security, Policies, Product evaluation, Redundancy, Risk management, Secure Coding, Security, Security management, Security products, Security Program Management, Service and support, Signature updating/Management, Software Quality Assurance, Storage, Tech support, Third-party services, Trend Micro, Vendor support, Vendors, VPN, Vulnerability Assessment & Audit, vulnerability management
Developing an antivirus (efficient):for Windows:Using VC++
I am working on a Project for making an antivirus.I have 2 other project parteners. But we don’t have an guidance on how to develop the antivirus.Plz give me any relevent Information on this subject.(like components of AV,Algorithms(efficient),methods,general detection & removal of virus).(Also tell me )where can i find this information ?
Answer Question
| June 29, 2012 3:49 AM
Application security, Architecture/Design, Central Command, Compliance, Computer Associates, CRM, Database, DataCenter, Desktop antivirus, Development, Disaster Recovery, Documentation, Encryption, Exchange, F-Secure, Features/Functionality, Fortinet, Help Desk, Information risk management, Instant Messaging, Intrusion management, Lifecycle development, Panda, Policies, Product evaluation, Redundancy, Risk management, Secure Coding, Security, Security management, Security products, Security Program Management, Service and support, Signature updating/Management, Software Quality Assurance, Storage, Tech support, Third-party services, Trend Micro, Vendor support, Vendors, VPN, Vulnerability Assessment & Audit
I am working on a Project for making an antivirus.I have 2 other project parteners. But we don’t have an guidance on how to develop the antivirus.Plz give me any relevent Information on this subject.(like components of AV,Algorithms(efficient),methods,general detection & removal of virus).(Also tell me )where can i find this information ?
Answer Question
| June 29, 2012 3:49 AM
Application security, Architecture/Design, Central Command, Compliance, Computer Associates, CRM, Database, DataCenter, Desktop antivirus, Development, Disaster Recovery, Documentation, Encryption, Exchange, F-Secure, Features/Functionality, Fortinet, Help Desk, Information risk management, Instant Messaging, Intrusion management, Lifecycle development, Panda, Policies, Product evaluation, Redundancy, Risk management, Secure Coding, Security, Security management, Security products, Security Program Management, Service and support, Signature updating/Management, Software Quality Assurance, Storage, Tech support, Third-party services, Trend Micro, Vendor support, Vendors, VPN, Vulnerability Assessment & Audit
MS Office Outlook 2003 Address book
I use MS office outlook 2003 but this is not adding the e-mail addresses to the address book/contacts automatically when I reply to someone. This feature is available in Outlook express but I didn’t find this feature in MSOO 2003. Is there any simple way I can add e-mail ids to contacts /address book without [...]
Answer Question
| February 18, 2005 5:32 AM
Compliance, configuration, CRM, DataCenter, DataManagement, Desktop management applications, Desktops, DHCP, Disaster Recovery, DNS, E-business, E-mail applications, Exchange, Help Desk, HP OpenMail, IMAP4, Intel, Intrusion management, IT architecture, LANDesk, Managed security services, Microsoft Windows, Netscape Mail, Networking, Networking Products, Networking services, Operating system platforms, Outlook, Outlook Mobile Access, patching, PEN testing, Platform Security, Policies, POP3, Risk management, Security, Security management, Security products, Security Program Management, Sendmail, SMTP, System utilities, Systems management software, Tech support, Third-party services, Vendor support, Vulnerability Assessment & Audit, vulnerability management, Wireless
I use MS office outlook 2003 but this is not adding the e-mail addresses to the address book/contacts automatically when I reply to someone. This feature is available in Outlook express but I didn’t find this feature in MSOO 2003. Is there any simple way I can add e-mail ids to contacts /address book without [...]
Answer Question
| February 18, 2005 5:32 AM
Compliance, configuration, CRM, DataCenter, DataManagement, Desktop management applications, Desktops, DHCP, Disaster Recovery, DNS, E-business, E-mail applications, Exchange, Help Desk, HP OpenMail, IMAP4, Intel, Intrusion management, IT architecture, LANDesk, Managed security services, Microsoft Windows, Netscape Mail, Networking, Networking Products, Networking services, Operating system platforms, Outlook, Outlook Mobile Access, patching, PEN testing, Platform Security, Policies, POP3, Risk management, Security, Security management, Security products, Security Program Management, Sendmail, SMTP, System utilities, Systems management software, Tech support, Third-party services, Vendor support, Vulnerability Assessment & Audit, vulnerability management, Wireless
orcing a limit for the internet temp folder in windows 2000
Hello all, Setup is as follows: Server is NT4, clients are windows 2000 I CANNOT spend any money. All my users log on do all work as normall and then go on the internet. Now all users default size for the internet’s temp folders is 596MB!! and the Pc’s will be used by 700+ Kids!! [...]
Answer Question
| February 3, 2005 9:49 AM
Desktop security, Desktops, Hardware, Policies, Registry, Tech support, Windows, Windows 2000 desktop, Windows client administration and maintenance
Hello all, Setup is as follows: Server is NT4, clients are windows 2000 I CANNOT spend any money. All my users log on do all work as normall and then go on the internet. Now all users default size for the internet’s temp folders is 596MB!! and the Pc’s will be used by 700+ Kids!! [...]
Answer Question
| February 3, 2005 9:49 AM
Desktop security, Desktops, Hardware, Policies, Registry, Tech support, Windows, Windows 2000 desktop, Windows client administration and maintenance
RUNAS error: Unable to acquire user password
I am trying to write a VBScript that will use local admin rights to run another script. However, for some reason I can’t get the RUNAS command to take the password. I am including my script below: set WshShell = CreateObject(“WScript.Shell”) WshShell.Run (“%comspec% /k RUNAS /user:/LocalACCOUNT/LOCALcomputerNAME C:proxyDISABLE.vbs”) Wscript.Sleep 500 WshShell.Sendkeys “PASSWORD~” The exact error is: [...]
Answer Question
| January 28, 2005 3:08 AM
Desktops, Hardware, Policies, Security, Windows XP
I am trying to write a VBScript that will use local admin rights to run another script. However, for some reason I can’t get the RUNAS command to take the password. I am including my script below: set WshShell = CreateObject(“WScript.Shell”) WshShell.Run (“%comspec% /k RUNAS /user:/LocalACCOUNT/LOCALcomputerNAME C:proxyDISABLE.vbs”) Wscript.Sleep 500 WshShell.Sendkeys “PASSWORD~” The exact error is: [...]
Answer Question
| January 28, 2005 3:08 AM
Desktops, Hardware, Policies, Security, Windows XP
Need a way to audit ANY change access to selected database files.
A client has had a request from auditors that they should be able to audit every change to three critical database files when I am remotely signed on to their ISeries. They would want to turn on and off the auditing so that it is NOT on all day while being hit by 100′s of [...]
Answer Question
| March 12, 2010 11:53 AM
Auditing, Policies, Security management
A client has had a request from auditors that they should be able to audit every change to three critical database files when I am remotely signed on to their ISeries. They would want to turn on and off the auditing so that it is NOT on all day while being hit by 100′s of [...]
Answer Question
| March 12, 2010 11:53 AM
Auditing, Policies, Security management
Data Visibility in RBAC and Rule-based systems issues
Actually, I have two questions: 1) are there known solutions of how to control access to data ( database records ) in RBAC system where business policy states, e.g., that data belonds to the users in certain geographical are may be viewed by users located in the same area? This is quite actual issue for [...]
Answer Question
| January 16, 2005 2:28 PM
Biometrics, Compliance, CRM, Digital certificates, Disaster Recovery, Identity & Access Management, Information risk management, Policies, provisioning, Risk management, Security, Security management, Security products, Security Program Management, Security tokens, Single sign-on
Actually, I have two questions: 1) are there known solutions of how to control access to data ( database records ) in RBAC system where business policy states, e.g., that data belonds to the users in certain geographical are may be viewed by users located in the same area? This is quite actual issue for [...]
Answer Question
| January 16, 2005 2:28 PM
Biometrics, Compliance, CRM, Digital certificates, Disaster Recovery, Identity & Access Management, Information risk management, Policies, provisioning, Risk management, Security, Security management, Security products, Security Program Management, Security tokens, Single sign-on
Security COncern, Files deleted from Server
Good morning to all, and hope everyone is dooing well. I have a security issue, and need help solving this. Someone in my company within Engineering staff deleted an entire group of folders. Unfortunately it was on a project that ended, and it was discovered this morning. I have luckily a back up tape of [...]
Answer Question
| January 24, 2005 10:21 AM
Auditing, Compliance, CRM, DataCenter, Disaster Recovery, Hardware, Intrusion management, Managed security services, Policies, Risk management, Security, Security management, Security Program Management
Good morning to all, and hope everyone is dooing well. I have a security issue, and need help solving this. Someone in my company within Engineering staff deleted an entire group of folders. Unfortunately it was on a project that ended, and it was discovered this morning. I have luckily a back up tape of [...]
Answer Question
| January 24, 2005 10:21 AM
Auditing, Compliance, CRM, DataCenter, Disaster Recovery, Hardware, Intrusion management, Managed security services, Policies, Risk management, Security, Security management, Security Program Management
Access to security log in Windows 2000
In my company we want to give full access to the security log of Windows 2000 only to the security manager, but we want to give only read access to the support people, Is there how to do it ?
Answer Question
| January 12, 2005 3:29 PM
Biometrics, Compliance, configuration, CRM, DataCenter, Digital certificates, Disaster Recovery, Identity & Access Management, Managed security services, patching, PEN testing, Platform Security, Policies, provisioning, Risk management, Security, Security management, Security Program Management, Security tokens, Single sign-on, Tech support, vulnerability management
In my company we want to give full access to the security log of Windows 2000 only to the security manager, but we want to give only read access to the support people, Is there how to do it ?
Answer Question
| January 12, 2005 3:29 PM
Biometrics, Compliance, configuration, CRM, DataCenter, Digital certificates, Disaster Recovery, Identity & Access Management, Managed security services, patching, PEN testing, Platform Security, Policies, provisioning, Risk management, Security, Security management, Security Program Management, Security tokens, Single sign-on, Tech support, vulnerability management
DOS attack, DNS question
My question has two parts, first: today at the place where i work we lost the internet, and after checking the firewall (sonicwall, this is a non profit organization so they cant afford the best stuff) i discovered it was more than likely a DOS attack. nobody could access the internet, and i could not [...]
Answer Question
| January 13, 2005 6:07 PM
Compliance, configuration, CRM, Disaster Recovery, Firewalls, Forensics, Incident response, Information risk management, Intrusion management, IT architecture, Managed security services, Network security, Networking, patching, PEN testing, Platform Security, Policies, Product/service procurement, Risk management, Security, Security management, Security products, Security Program Management, Tech support, VPN, vulnerability management, Wireless
My question has two parts, first: today at the place where i work we lost the internet, and after checking the firewall (sonicwall, this is a non profit organization so they cant afford the best stuff) i discovered it was more than likely a DOS attack. nobody could access the internet, and i could not [...]
Answer Question
| January 13, 2005 6:07 PM
Compliance, configuration, CRM, Disaster Recovery, Firewalls, Forensics, Incident response, Information risk management, Intrusion management, IT architecture, Managed security services, Network security, Networking, patching, PEN testing, Platform Security, Policies, Product/service procurement, Risk management, Security, Security management, Security products, Security Program Management, Tech support, VPN, vulnerability management, Wireless
