tag:blogger.com,1999:blog-7104872518647520802010-09-04T23:52:23.262+05:30Information Security BlogAnish Shaikhnoreply@blogger.comBlogger351125tag:blogger.com,1999:blog-710487251864752080.post-72042412945656702202010-07-23T16:12:00.001+05:302010-07-23T16:12:31.508+05:302010-07-23T16:12:31.508+05:30

This is a video recorded at the IBM Innovate 2010 conference, David Grant, the Director of Security Solutions at IBM Rational, talks about how software is the invisible thread in a lot of innovations that enhance the quality of our lives. Since software is present everywhere, it potentially brings forward new threats, so a high level of security is paramount. IBM's new "Secure by design"

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/07/secure-by-design-from-ibm-software.htmltag:blogger.com,1999:blog-710487251864752080.post-27151543689270821552010-06-04T17:01:00.000+05:302010-06-04T17:01:49.930+05:302010-06-04T17:01:49.930+05:30

You don't have to be a Hacker to do ATM Frauds. Read on..... A private security agency in Bangalore has busted a currency mis-dispensation racket involving two cash operating executives. The racket was busted following a series of complaints made by the ICICI bank customers about its ATMs dispensing less money. Colonel Ramesh Raman, who heads SDB CISCO, which arranges cash replenishments

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/06/atm-fraud-in-bangalore-no-tech-hacking.htmltag:blogger.com,1999:blog-710487251864752080.post-45302667300271013882010-05-04T23:41:00.000+05:302010-05-04T23:41:21.615+05:302010-05-04T23:41:21.615+05:30

I just got ubuntu 10.04 installed on a laptop and wanted to connect to internet with my Data card. Ubuntu identified my Datacard without any problem but when I tried to connect with NetworkManager, it just won’t connect. I tried to debug and went through all the logs that I can see but it just did not work and getting on the ubuntuforums seems lots of people have the same problem.  However,  This

Anish Shaikhnoreply@blogger.com22http://www.anishshaikh.com/2010/05/mobile-broadband-on-ubuntu-1004.htmltag:blogger.com,1999:blog-710487251864752080.post-34688840499878538092010-04-23T19:38:00.000+05:302010-04-23T19:38:25.432+05:302010-04-23T19:38:25.432+05:30

Latest reports from across the internet about a bad update from McAfee. We have seen this kind of mess-up happening every now and then. No AntiVirus is 100% foolproof. There might be updates that cause performance issues, some delete files due to an odd signature. One reason why I always suggest clients to invest in a testbed environment so that what ever the updates are be it OS Patches, Policy

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/04/solution-to-prevent-downtime-due-to-bad.htmltag:blogger.com,1999:blog-710487251864752080.post-47499262853443130942010-04-20T22:19:00.000+05:302010-04-20T22:19:24.754+05:302010-04-20T22:19:24.754+05:30

Microsoft has released "Fix It Center" software designed to act as a personal computer technician that troubleshoots problems with machines. A test version of the free program available online at fixitcenter.support.microsoft.com promised "tools that help solve the issues you have now and prevent new ones." Fix It Center scans computers to diagnose and repair problems, letting users

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/04/microsoft-fix-it-for-your-windows.htmltag:blogger.com,1999:blog-710487251864752080.post-71735800538479195682010-04-20T22:16:00.000+05:302010-04-20T22:16:36.515+05:302010-04-20T22:16:36.515+05:30

The OWASP Top 10 Web Application Security Risks for 2010 are: A1: Injection A2: Cross-Site Scripting (XSS) A3: Broken Authentication and Session Management A4: Insecure Direct Object References A5: Cross-Site Request Forgery (CSRF) A6: Security Misconfiguration A7: Insecure Cryptographic Storage A8: Failure to Restrict URL Access A9: Insufficient Transport Layer Protection A10:

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/04/latest-top-10-owasp-web-application.htmltag:blogger.com,1999:blog-710487251864752080.post-59764182957032216852010-03-29T23:37:00.000+05:302010-03-29T23:37:30.100+05:302010-03-29T23:37:30.100+05:30

Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin strengthening the security of your computing environment and your business. Begin the process by

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/03/security-assessment-tool-from-microsoft.htmltag:blogger.com,1999:blog-710487251864752080.post-47514856531794033302010-03-22T20:59:00.000+05:302010-03-22T20:59:19.692+05:302010-03-22T20:59:19.692+05:30

If you have worked on samba server you probably will have noticed that within the smb.conf configuration file a line that begins with security =. This is a very important part of Samba setup and generally the section that gives users the most problems. Although the security mode would seem fairly straight-forward, it is certainly worth explaining. In this article I will discuss what the

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/03/samba-server-security-modes.htmltag:blogger.com,1999:blog-710487251864752080.post-56325494960258933232010-02-26T15:50:00.000+05:302010-02-26T15:50:18.818+05:302010-02-26T15:50:18.818+05:30

Prevention is better than cure, We know it, We have seen it happen and We know people need to be educated about it. Security Awareness is a very important in every organization, a small mistake by an employee can lead to big disasters for a company. We usually see posters about not sharing password with others, not to give out any company information to strangers, etc. In short we need to educate

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/02/security-awareness-for-large-and-small.htmltag:blogger.com,1999:blog-710487251864752080.post-91064244176205568652010-02-23T19:36:00.002+05:302010-02-23T19:36:51.039+05:302010-02-23T19:36:51.039+05:30

Good news for forensics folks, Microsoft has published Outlook Personal folders file Format specification over the web. So we can now expect much better recovery rates with PST but still the new trend to keep emails over the cloud is still on. However, PST is not here to away any soon and even if emails be in cloud, we can recover data from the browser cache and even seize the cloud providers

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/02/microsoft-outlook-pst-format-is-open.htmltag:blogger.com,1999:blog-710487251864752080.post-68274229222915079002010-02-23T18:34:00.000+05:302010-02-23T18:34:27.956+05:302010-02-23T18:34:27.956+05:30

Came across this article on ComputerWorld about a message from a Security Manager whose company has outsourced Security management to India.

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/02/message-to-security-analysts-in-asia.htmltag:blogger.com,1999:blog-710487251864752080.post-11519395473679901702010-02-04T16:13:00.000+05:302010-02-04T16:13:21.142+05:302010-02-04T16:13:21.142+05:30

I was reading an interview of Anthony Abbattista about building Green Data Centers and would like to share it. You can read the interview at TechRepublic.

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/02/building-green-data-center.htmltag:blogger.com,1999:blog-710487251864752080.post-75713503454006610672010-02-04T16:09:00.000+05:302010-02-04T16:09:30.523+05:302010-02-04T16:09:30.523+05:30

Microsoft Corp today released its global SMB IT and Hosted IT Index 20101, which investigates how small and midsize businesses (SMBs) across multiple segments fared during the recession and how they use technology. The research finds that businesses that value IT as an enabler for better business productivity and effectiveness and those that use hosted services performed better fiscally than

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2010/02/hosted-it-solutions-better-for-sme.htmltag:blogger.com,1999:blog-710487251864752080.post-26543855037948071572009-12-03T18:52:00.000+05:302009-12-03T18:52:13.959+05:302009-12-03T18:52:13.959+05:30

How do you evaluate a Security Information and Event Management Solution For your Company. Below are the questions you need to ask yourself because buying a SIEM Solution. Threat identification: Raw log form vs. descriptive. Threat tracking: Ability to track through the various events, from source to destination. Policy enforcement: Ability to enforce defined polices. Application analysis:

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/12/evaluate-siem-event-log-management.htmltag:blogger.com,1999:blog-710487251864752080.post-45329027275510498822009-11-16T16:16:00.001+05:302009-11-16T16:18:12.268+05:302009-11-16T16:18:12.268+05:30

OWASP Project has updated and released the all new Web Application Security Risk List - Release Candidate, There were a few changes like Insecure Configuration Management was changed to Security Misconfiguration. New Risk was added Unvalidated Redirects and forwards. You can look at the Release candidate below and provide your feedback but as per what I feel most of the Risks are going to make

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/11/owasp-top-10-web-application-security.htmltag:blogger.com,1999:blog-710487251864752080.post-91590873296657292472009-11-10T15:11:00.000+05:302009-11-10T15:11:47.458+05:302009-11-10T15:11:47.458+05:30

I came across this interesting article that talks about how is Linux being used at Google. There is not much specific information how the tasks are scheduled and all. This was a talk between Google Folks and the Kernel Developers. Google has ported some old code to run on the kernel version that they use. It also tells us that Google uses an old kernel like 2.6 etc Well you can read the whole

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/11/how-google-uses-linux-os.htmltag:blogger.com,1999:blog-710487251864752080.post-21923862785042695722009-11-10T13:52:00.002+05:302009-11-25T15:54:59.306+05:302009-11-25T15:54:59.306+05:30

I had earlier written about Microsoft's COFEE. COFEE utilities are a set of computer forensics and auditing tools that Microsoft had put on a USB drive and provides it to law enforcement for use in trying to extract info from a computer. There was some fear that it was a "back door," but people insisted it was no such thing, but just a collection of basic tools. Still, the fact that the system

Anish Shaikhnoreply@blogger.com1http://www.anishshaikh.com/2009/11/microsoft-cofee-leaked-download-toolkit.htmltag:blogger.com,1999:blog-710487251864752080.post-20620578669721195222009-11-03T15:54:00.000+05:302009-11-03T15:54:23.806+05:302009-11-03T15:54:23.806+05:30

Microsoft has released their latest Security Intelligence Report (SIR). Some of the Top Highlights of the report are : Large increase in Worm Infection. Vista was less compromised than Windows XP machines. Phishing and Automated SQL Injection Attempts are on rise. Browser Based Exploits are increasing. You can get the report @ MS Threat Center

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/11/microsoft-report-says-more-worms-vista.htmltag:blogger.com,1999:blog-710487251864752080.post-86238338338420604392009-11-03T15:45:00.000+05:302009-11-03T15:45:13.242+05:302009-11-03T15:45:13.242+05:30

If you are interested in reading a book about source code analysis to plug in your security loop holes, I recommend this paper. It is a good read, it discusses benefits of source code analysis and puts lights on many issues like compile time issues, linking and non-linking code. etc. You can get this book @ checkmarx

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/11/good-paper-on-source-code-analysis.htmltag:blogger.com,1999:blog-710487251864752080.post-69564375264392337842009-10-17T12:35:00.000+05:302009-10-17T12:35:05.081+05:302009-10-17T12:35:05.081+05:30

The Web Application Security Consortium (WASC) has announced the WASC Web Application Security Statistics Project 2008. The statistics includes data from about 12186 web applications with 97554 detected vulnerabilities of different risk levels. The analysis shows that more than 13% of all reviewed sites can be compromised completely automatically. About 49% of web applications contain

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/10/top-web-app-vulnerabilities-in-2008.htmltag:blogger.com,1999:blog-710487251864752080.post-28267588518870083462009-10-13T15:52:00.000+05:302009-10-13T15:52:20.660+05:302009-10-13T15:52:20.660+05:30

All companies use DNS and it is a very critical part of the network, if DNS is down virtually everything is down. Cache poisoning is the most famous attack against a DNS server. There are many ways to save your DNS servers from Cache Poisoning. Below you will find a quick list to ensure you don't become a victim of DNS Cache Poisoning. 1) Restrict DNS recursion to only authorized queriers, or

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/10/guarding-your-dns-against-cache.htmltag:blogger.com,1999:blog-710487251864752080.post-29015160779504669512009-10-09T15:15:00.000+05:302009-10-09T15:15:32.399+05:302009-10-09T15:15:32.399+05:30

I came across this utility NATProbe, this tool will try to sends ICMP packets out to the LAN, and will detect all the hosts that allow NAT. Now with this tool you can find bugs in your corporate network or even find hosts that allow outgoing internet connections. This reminds me of one of my Penetration Testing assignment where we found out there was a Squid based proxy server, it was fully

Anish Shaikhnoreply@blogger.com1http://www.anishshaikh.com/2009/10/detect-hosts-with-enabled-nat-to-use.htmltag:blogger.com,1999:blog-710487251864752080.post-16990495646151033332009-10-07T20:31:00.000+05:302009-10-07T20:31:19.709+05:302009-10-07T20:31:19.709+05:30

Visa has announced new global best practices for data field encryption, also known as end-to-end encryption - a much-discussed solution in the wake of the Heartland Payment Systems breach. These best practices are designed to further the payment industry's efforts to develop a common, open standard while providing guidance to encryption vendors and early adopters. Data field encryption protects

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/10/best-practices-document-for-end-to-end.htmltag:blogger.com,1999:blog-710487251864752080.post-41990147083510885272009-10-07T16:34:00.000+05:302009-10-07T16:34:28.440+05:302009-10-07T16:34:28.440+05:30

A list of 10,000 users was posted online from a phishing scam to pastebin.com website. Initally it was thought that only microsoft's hotmail was compromised but later more details emerged and the results are more shocking there was a lot more than hotmail accounts, the compromised accounts in the second list were from various email providers including Yahoo, Gmail, Comcast and AOL. One thing is

Anish Shaikhnoreply@blogger.com0http://www.anishshaikh.com/2009/10/latest-email-phishing-scam-and-pattern.htmltag:blogger.com,1999:blog-710487251864752080.post-32827328987907515682009-10-06T00:15:00.000+05:302009-10-06T00:15:46.630+05:302009-10-06T00:15:46.630+05:30

There are many reasons why IT projects fail. Be it an IT consulting Project or IT implementation project. The most important reason why projects get screwed up is first due to People and then Technology. You need right people, right skillset and people with good mindframe. Second factor is Technology you need to decide on a technology by looking at the requirements and how efficient the

Anish Shaikhnoreply@blogger.com1http://www.anishshaikh.com/2009/10/top-reasons-why-it-projects-fail-and.html