Bibliography:
Page 1 of 1
Bibliography:
Flor_Corella Mon Oct 31, 2011 11:28 am
Topic: Mobile Networks
Subtopic: Network Security
Bibliography:
Brecht, D. (2011, 8 30). www.brighthub.com. Retrieved 11 31, 2011, from Understanding Social Engineering and Password Network Attacks:
Quote:
“An attacker would start by mounting your drive using a linux live-cd (for instance the security distro Backtrack 3). To gain read write access they would use ntfsmount. Assuming your disk was at /dev/hda1 they would use this command: ntfsmount /dev/sda1 /mnt/hda1” (Brecht,2011)
“Once a victim falls to a social engineering attack, the attacker will provide physical access to a computer and possibly a network.”(Brecht,2011)
“The best way to prevent such an incident or event is to use hard-to-guess passwords and regularly changing them too to avoid a hacker cracking them and using them to penetrate a system and cause a physical access attack.”(Brecht,2011)
Abstract: Social engineering and passwords are two types of physical access attacks. Understanding about them and knowing some of the defense measures against them will help combat against such attacks.
*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
Bibliografía
Gary McGraw, B. C. (2011, 9 27). www.informit.com. Retrieved 10 31, 2011, from Measuring Software Security Initiatives Over Time: http://www.informit.com/articles/article.aspx?p=1755416
Quote:
“The spider charts we introduce above are also useful for comparing groups of firms from particular industry verticals or geographic locations.”(Gary McGraw, B. C.,2011)
“The most important use of the BSIMM is as a measuring stick to determine where your approach currently stands relative to other firms.”(Gary McGraw, B. C.,2011)
“Once you have determined where you stand with activities, you can devise a plan to enhance practices with other activities suggested by the BSIMM. By providing actual measurement data from the field, the BSIMM makes it possible to build a long-term plan for a software security initiative and track progress against that plan. For the record, there is no inherent reason to adopt all activities in every level for each practice. .”(Gary McGraw, B. C.,2011)
Abstract: Our work with the BSIMM model shows that measuring a firm's software security initiative is both possible and extremely useful. BSIMM measurements can be used to plan, structure, and execute the evolution of a software security initiative. Over time, firms participating in the BSIMM project show measurable improvement in their software security initiatives.
*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
Bibliografía:
Shinder, D. (21 de 4 de 2011). www.windowsecurity.com. Recuperado el 31 de 10 de 2011, de Network Security in a World without Network Firewalls: http://www.windowsecurity.com/articles/Network-Security-World-without-Network-Firewalls.html
Quote:
“What’s happened is that the once impenetrable firewall barrier has had so many holes opened in it, to accommodate all these use cases, and has developed such as complex set of firewall rules and ACLs, that there is almost no reason to even have the firewall there anymore.” (Shinder, 2011)
“Right Management Services (RMS) enables you to create policies to control how individual files are handled. For example, you can use RMS to control who can view a file, who can print it, who can copy it, who can email it, and how long the file survives (for example, you can tell the file to autodestruct after five days).” (Shinder, 2011)
“User names and passwords are the “old way” of authenticating identity, in spite of the fact that is what most people use today. But in a world without firewalls, authentication and authorization are even more critical.” (Shinder, 2011)
Abstract:
Server and domain isolation will become even more useful in an IPv6 world, where all communications have the potential to be point to point connections between any two connected devices (which was the vision of the original creators of the Internet). IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. When combined with other methods discussed in this article, IPsec is a powerful technology that will enable a high level of security in a world without firewalls.
Subtopic: Network Security
Bibliography:
Brecht, D. (2011, 8 30). www.brighthub.com. Retrieved 11 31, 2011, from Understanding Social Engineering and Password Network Attacks:
Quote:
“An attacker would start by mounting your drive using a linux live-cd (for instance the security distro Backtrack 3). To gain read write access they would use ntfsmount. Assuming your disk was at /dev/hda1 they would use this command: ntfsmount /dev/sda1 /mnt/hda1” (Brecht,2011)
“Once a victim falls to a social engineering attack, the attacker will provide physical access to a computer and possibly a network.”(Brecht,2011)
“The best way to prevent such an incident or event is to use hard-to-guess passwords and regularly changing them too to avoid a hacker cracking them and using them to penetrate a system and cause a physical access attack.”(Brecht,2011)
Abstract: Social engineering and passwords are two types of physical access attacks. Understanding about them and knowing some of the defense measures against them will help combat against such attacks.
*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
Bibliografía
Gary McGraw, B. C. (2011, 9 27). www.informit.com. Retrieved 10 31, 2011, from Measuring Software Security Initiatives Over Time: http://www.informit.com/articles/article.aspx?p=1755416
Quote:
“The spider charts we introduce above are also useful for comparing groups of firms from particular industry verticals or geographic locations.”(Gary McGraw, B. C.,2011)
“The most important use of the BSIMM is as a measuring stick to determine where your approach currently stands relative to other firms.”(Gary McGraw, B. C.,2011)
“Once you have determined where you stand with activities, you can devise a plan to enhance practices with other activities suggested by the BSIMM. By providing actual measurement data from the field, the BSIMM makes it possible to build a long-term plan for a software security initiative and track progress against that plan. For the record, there is no inherent reason to adopt all activities in every level for each practice. .”(Gary McGraw, B. C.,2011)
Abstract: Our work with the BSIMM model shows that measuring a firm's software security initiative is both possible and extremely useful. BSIMM measurements can be used to plan, structure, and execute the evolution of a software security initiative. Over time, firms participating in the BSIMM project show measurable improvement in their software security initiatives.
*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
Bibliografía:
Shinder, D. (21 de 4 de 2011). www.windowsecurity.com. Recuperado el 31 de 10 de 2011, de Network Security in a World without Network Firewalls: http://www.windowsecurity.com/articles/Network-Security-World-without-Network-Firewalls.html
Quote:
“What’s happened is that the once impenetrable firewall barrier has had so many holes opened in it, to accommodate all these use cases, and has developed such as complex set of firewall rules and ACLs, that there is almost no reason to even have the firewall there anymore.” (Shinder, 2011)
“Right Management Services (RMS) enables you to create policies to control how individual files are handled. For example, you can use RMS to control who can view a file, who can print it, who can copy it, who can email it, and how long the file survives (for example, you can tell the file to autodestruct after five days).” (Shinder, 2011)
“User names and passwords are the “old way” of authenticating identity, in spite of the fact that is what most people use today. But in a world without firewalls, authentication and authorization are even more critical.” (Shinder, 2011)
Abstract:
Server and domain isolation will become even more useful in an IPv6 world, where all communications have the potential to be point to point connections between any two connected devices (which was the vision of the original creators of the Internet). IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. When combined with other methods discussed in this article, IPsec is a powerful technology that will enable a high level of security in a world without firewalls.
Flor_Corella- Posts : 16
Join date : 2011-08-21
Location : Los Angles, San Rafael de Heredia
Support sheet
Support: 
(16/200)
User type: 0
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|