S3cur1ty_Guy Says: Thank's for stopping by

Recent Articles PoC's

While you're here: Learn how to protect your assets

Recomended Resources Public domain research

Access Control Methods

MAC – Mandatory Access Control Used in envornments requiring high levels of security (Government, Military) Need to Know Each access control subject (users & programs) are assigned clearance labels and access control system objects are assigned sensitivity labels. No read up – No write down applied to each subjects sensitivity…

Monitoring Security

Types of Monitoring Real Time – Someone sitting and watching live Active – Syslog type monitoring/alerting (additional layer of traffic) Passive – SNMP and HW devices with software that watched traffic like packet sniffers or probes. Components to Monitor: Network Security Keystroke *Intrusion Detection Systems are major security monitoring mechanisms.

Reasons to Perform Security Auditing

Find out who, what, when, where of transactions Identify potential breaches and/or incidents To fulfill goals and assessment of security policy To reconstruct events and activities For forensic proof of actions To facilitate a security review To generate reports Things To Audit External Boundary/DMZ – (Internet Routers and Firewall) Internal…

Security Operation Modes

Modes for authorizing processing and/or tranport Dedicated Mode – each user of service that has indirect or direct access to system including periphals has valid sec clearance/ formal approval and need to know for all aspects of the system. Very high level of access. Exclusive use by one particular type…

Systems Security Architecture

RAM – Random Access Memory ROM – Read Only Memory PROM – Programmable ROM ( Non volatile) EPROM – Erasable PROM (erased via ultra-violet light) EEPROM – Electrically Erasable PROM (erased by electrical charge instead of light) PLD – Programmable Logic Device (Electronic device used to build digital circuits. Combination…