- 10 ways the Chinese Internet is different
- Hacker writes rootkit for Cisco's routers
- Verizon snares $678 million federal network deal
- Cisco loses $2 million order to Nortel
- HP buys EDS for $13.9 billion
Hacker writes Cisco rootkit; Microsoft launches online telescope. Listen now!
Wireless dangers at airports. Listen now!
The movement towards laptop computers has fueled an unprecedented number of data breaches. For IT and Information Security, encryption and training has proven ineffective against careless users and insider threats. This paper discusses these limitations and explains how endpoint security allows remote deletion of sensitive data, tracking of computers outside the network and the physical recovery of missing computers. Learn how you can ensure mobile data protection regardless of end-user interference.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
Find out how you can consolidate Windows workloads and create a more efficient virtualized data center in this informative webcast, "Reduce Complexity and Cost - Windows Server Consolidation with Virtualization." Six concise webcast modules are available for your viewing. Watch them all consecutively or only the topics that interest you. The modules cover performance, user case studies, enterprise-level support, managing windows workloads, setup and configuration and the future of virtualization. Learn more today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
Microsoft is not telling folks the WWT will not run on millions of older PC's unless they go out and...- Anonymous
In this column, I review three important aspects of early warnings in CIRT management: notification of vulnerabilities, notification of threats and notification of incidents.
Vulnerabilities
A computer incident response team (CIRT) relies on operations managers to maintain adequate defenses by maintaining up-to-date system and application software. The subject of patch management is complex and will be discussed in another series, but I can remind readers that there are many resources on which to draw for notification of newfound vulnerabilities. Each network-equipment and system-software vendor generally provides a notification service; many organizations have one of their employees subscribe to these to keep up with the news.
A better approach, less susceptible to interruption, is to set up a special e-mail address for all the subscriptions and to assign one or more people to read that mail every day. If one of the team members is away on assignment or on vacation, be sure that a replacement person takes over the task of scanning the notices to spot anything that is relevant to your network configuration. Instead of forwarding the messages to an individual’s mailbox, all of them can be kept in a separate mailbox accessible to everyone on the team.
There are also many newsletters that summarize vulnerabilities; I particularly like “@RISK: The Consensus Security Alert” from the SANS Institute; you can subscribe at no cost using:
https://portal.sans.org
Finally, regular readers will recall that the Common Vulnerabilities and Exposures (CVE) dictionary ( http://cve.mitre.org/ ) is a superb compendium of standardized names for vulnerabilities and exposures. MITRE writes, “CVE aspires to describe
and name all publicly known facts about computer systems that could allow somebody to violate a reasonable security policy
for that system.”
http://cve.mitre.org/about/terminology.html
MITRE also uses the term “exposure” and defines it as “security-related facts that may not be considered to be vulnerabilities by everyone.” You can download the CVE in various formats or you can use the ICAT Metabase ( http://icat.nist.gov/icat.cfm ) to search the CVE for various subsets of vulnerabilities (e.g., by product, version, type, and so on). At the time of this writing (late June) there were 6,663 vulnerabilities in the CVE. As a side note, of these, 1,383 involved buffer overflows (about one-fifth).
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
