SEARCH RESULTS
 
Showing 1-10 of 98 records
 
Expand article

Top 11 Reasons to Analyze Your Logs

2008-02-20 16:56:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...analyze them. Why? Here are the reasons Seen an obscure log message lately? Me too - in fact, everybody have. How do you know what it means (and logs usually do mean something) without analysis? At the very least, you need to bring additional context to know what some logs mean Logs often measure in gigabytes and soon will in terabytes; log...
 
Tags: time, real-time analysis, analysis, analyze, log analysis systems, logs, analysis tools, log analysis expert, suddenly analyze logs
 
 
 
 
Expand article

Actns/Swif.T virus found in YouTube videos

2008-12-02 10:51:00 by Russ McRee in HolisticInfoSec.org
 
...analyze (or have the analysis done for me, to be more concise) malicious Flash or JavaScript I grabbed the evil .swf in question from the URL below via command-line on my trusty Ubuntu box wget hxxp://www.youtube.com/v/O7tB1pYSNuE&rel=1 I then fed l.swf to Adops Tools and Wepawet The results from each analysis are below for your review Note...
 
Tags: wepawet results, results, adops tools results, adops tools, tools, analysis, youtube, malicious flash, flash analysis
 
 
 
 
Expand article

NSA's Domestic Spying

2008-03-26 06:02:18 by schneier in Schneier on Security
 
...analyze the various transactions for suspicious patterns. Then they spit out leads to be explored by counterterrorism programs across the U.S. government, such as the NSA's own Terrorist Surveillance Program, formed to intercept phone calls and emails between the U.S. and overseas without a judge's approval when a link to al Qaeda is...
 
Tags: nsa, data haul, haul, information, transactional information, data, nsa receives, mass data, terrorism information awareness
 
 
 
 
Expand article

Embassy of Brazil in India Compromised

The Article has images
2008-11-13 09:47:45 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...analyze .com/socket/index.php (216.195.59.77) from where we're redirected to google-analyze.com/tracker/load.php which is serving system.exe (Trojan-Spy.Win32.Zbot.ehk; Win32.TrojanSpy.Zbot.gen!C.5), and google-analyze .com/tracker/pdf.php (Exploit:Win32/Pdfjsc.G; Exploit.JS.Pdfka.w; Bloodhound.Exploit.196). Naturally, within the live exploit...
 
Tags: embassy, php, traffic redirection doorway, syrian embassy, exploit, live exploit urls, cgi, pdf exploits durin, pdf exploits
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
...analyze issues found Stage 6: Identify root cause, fix bugs, rerun failures, analyze coverage data (rinse and repeat How we do file fuzzing There are a number of approaches taken by product teams to meet the SDL file fuzzing requirements. They often include the use of generation and mutation-based fuzzers as well as a combination of multiple...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle
 
...analyze our products, and often share their processes and tools with us, but its rare to see a top-to-bottom product review released. In California, there was both white and black box testing done by different teams, and weve studied these reports to see the perceptions of development practices from other vendors and results of a different...
 
Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system
 
 
 
 
Expand article

Fun TLR Log Management Questions

2008-03-14 12:04:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...analyzed all this data? Are there products that can process all this data and receive valuable information A3: Yes, but you need to ask one question first: analyze why (example reasons here )? To discover something "interesting" (my favorite reason)? To find some specific artifact that you need in the logs? Or for some other reason? Before...
 
Tags: log, log ownership issues, log services, log messagessecond, log management, log management solution, management, log sources, incident response team
 
 
 
 
Expand article

Software Security Metrics and Commentary on "Metrics Framework" Paper

2007-09-17 20:41:00 by Security Retentive in Security Retentive
 
...analyze software metrics in three phases of an application's lifecycle Design Deployment Runtime The paper uses the OWASP top-10 as the basis for measure and comes up with metrics that will tell us how we're doing against it The goal of metrics should be, where possible, to create objective measures of something. Whereas some of the metrics...
 
Tags: metrics, software security metrics, metrics framework, metrics miss, design-time metric, design, upstream sdl metrics, application, web application security
 
 
 
 
Expand article

Cross-Device-Type Log Management vs Device-Specific Log Management

2008-06-02 14:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...analyzed on one system, neither hundreds, nor several Also, while looking at logging tools, one needs to make a distinction between tools that can collect all sorts of logs but only allow you to analyze one log type at a time (e.g. sawmill) vs tools that can collect all sorts of logs AND allow you to analyze all of them together (e.g....
 
Tags: logs, pci relevant logs, log management, database logs, logs remain, gather windows logs, device-specific log management, server logs, type