background preloader - Computer Security Division - Computer Security Resource Center - Computer Security Division - Computer Security Resource Center
Related:  Informational

CSIRT, Computer Security Incident Response Team National Vulnerability Database Home National Vulnerability Database CVSS Scoring This page shows the components of the CVSS score for example and allows you to refine the CVSS base score. Please read the CVSS standards guide to fully understand how to score CVSS vulnerabilities and to interpret CVSS scores. The scores are computed in sequence such that the Base Score is used to calculate the Temporal Score and the Temporal Score is used to calculate the Environmental Score. Alert: Environmental Modified Impact CVSS Base Score Undefined Impact Subscore Exploitability Subscore CVSS Temporal Score Not Defined CVSS Environmental Score Modified Impact Subscore Overall CVSS Score CVSS v2 Vector Not Defined Base Score Metrics The base metric group captures the characteristics of a vulnerability that are constant with time and across user environments. Exploitability Metrics Access Vector (AV) This metric reflects how the vulnerability is exploited. Local (AV:L) Adjacent Network (AV:A) Network (AV:N) Access Complexity (AC) High (AC:H) Specialized access conditions exist. Medium (AC:M) Low (AC:L)

HowTo: Find switchport of a MAC Address on Cisco Catalyst Switch | If you have a big network with multiple Access Switches connecting to the core switches or routers then tracing a device like a PC or a laptop for troubleshooting or security purposes is one of those tasks that you often end up doing. This is not a difficult task but can certainly be time consuming. Lets start with an IP address on hand. Core1# sh ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 22 0000.1111.1111 ARPA Vlan1 From the above you know the MAC Address of for the device: IP Address : MAC Address : 0000.1111.1111 Now, do a show mac-address command on the core switch or router. Core1# sh mac-address-table address 0000.1111.1111 Legend: * – primary entry age – seconds since last seen n/a – not available vlan mac address type learn age ports ——+—————-+——–+—–+———-+————————– Supervisor: * 1 0000.1111.1111 dynamic Yes 10 Te1/1 Sometimes, the output might show as follows [note the Po1] Core1# sh cdp neighbors

Darknet - The Darkside | Ethical Hacking, Penetration Testing & Computer Security Internet Crime Schemes Auction Fraud Auction fraud involves fraud attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of products purchased through an Internet auction site. Consumers are strongly cautioned against entering into Internet transactions with subjects exhibiting the following behavior: The seller posts the auction as if he resides in the United States, then responds to victims with a congratulatory email stating he is outside the United States for business reasons, family emergency, etc. Similarly, beware of sellers who post the auction under one name, and ask for the funds to be transferred to another individual. If you believe you may have fallen victim to this type of scam and wish to report it, please file a complaint with us. In addition, visit eBay and PayPal for additional security alerts and fraud prevention tips. Auction Fraud — Romania Auction fraud is the most prevalent of Internet crimes associated with Romania. Spam

CC Blog: Recommendations to vendors for communicating product security information Hi, this is Chad Dougherty of the Vulnerability Analysis team. One of the important roles that our team plays is coordinating vulnerability information among a broad range of vendors. Over the years, we have gained a considerable amount of experience communicating with vendors of all shapes and sizes. Based on this experience, we can offer some guidance to vendors about communicating product security issues. Just to be clear, we're talking about product security as opposed to security products. Product security involves vulnerabilities caused by programming or design defects, insecure default or recommended deployment configurations, and other similar issues. First, let's address the topic of receiving information about product security. Provide an easily identifiable role email address specifically for product security issues In our experience, it's extremely beneficial for the vendor to provide a role email address (e.g., a shared mailbox or an alias) for receiving information.

Information Security Policies and Procedures Part 2 This is part of an ongoing series on documentation development. Please be sure to read the previous posts in this series: Part 1Knowing which policies are necessary in your environment can be a challenge. Most organizations will have at least some formalized policies. Many of these are in response to legal requirements (HR policies) or specific incidents. With policies and procedures, it is essential to be proactive rather than reactive. That may be a simplistic scenario where the company is out a thousand dollars for a laptop, but it illustrates a point. What if, instead of being out a thousand dollars for a laptop, you were instead out tens or hundreds of thousands of dollars in fines after a cardholder data breach? As far as information security, every organization will have a unique set of foundational policies. How then, do we determine what basic policies we need? Careful readers will note that I slipped in mention of another document, the visitor log.

Blocking Unwanted Parasites with a Hosts File What it does ... You can use a modified HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers and possibly unwanted programs. This is accomplished by blocking the connection(s) that supplies these little gems. The Hosts file is loaded into memory (cache) at startup, so there is no need to turn on, adjust or change any settings with the exception of the DNS Client service (see below). Windows automatically looks for the existence of a HOSTS file and if found, checks the HOSTS file first for entries to the web page you just requested. Example - the following entry blocks all files supplied by that DoubleClick Server to the web page you are viewing. Using a well designed HOSTS file can speed the loading of web pages by not having to wait for these ads, annoying banners, hit counters, etc. to load. Special Note: new Windows 10 users ... the MVPS Hosts file installs just fine, no need to make any changes.

Information Security Policies and Procedures Part 1 Note: This is part of an ongoing series on documentation development. Policy writing can be a daunting task, and one for which many are not overly enthused. However, Policies and Procedures are an integral part of any information security program. Not only do they provide direction and accountability, many specific policy elements are a requirement of specific laws, regulations, and/or standards. In this multipart series, I will work to help you become comfortable writing policies and their associated procedures. Before we get started, there are a few things that are important to know.Policy sets are different in each environment. There are other factors that will affect information security policy development as well. It is essential that different departments work together to ensure that policies work in concert and do not contradict each other. It is also essential to determine the audience for any given policy. It is vital to consider business need to know when distributing policies.

Hacking the WPA Airwaves It is interesting how many people believe that their wireless is secure because they are using WPA. Well we did a test recently and were able to basically password guess our way with a dictionary attack using either a straight dictionary or a rainbow table. The cool thing is I bought an ALFA USB antenna and could sit down at the corner coffee place and still see my wireless access point. Security people: Be sure that your WPA password is an unreadable string, not something found in a dictionary, and not a phrase that you can read like op3nth3p0dbayd00rs, the tables of today are too intelligent for that. In a nutshell using linux this is how it is done: Part I airmon-ng start wlan0 (this puts the wireless car in promiscuous mode) kismet -c wlan0 close console window to see collection of packetsuse alt + k to get to top pull down menu’s, turn on ability to see type of access points bsid and guess at IP address, channel # Cntrl-C to exit kismet airmon-ng stop wlan0 Part II airmon-ng start wlan0

FCC's Ten Key Cybersecurity Tips for Businesses Broadband and information technology are powerful factors in small businesses reaching new markets and increasing productivity and efficiency. However, businesses need cybersecurity tools and tactics to protect themselves, their customers, and their data from growing cyber threats. Here are ten key cybersecurity tips for businesses to protect themselves: 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. The FCC’s Cybersecurity Hub at has more information, including links to free and low-cost security tools. Source: Information Security Policies and Procedures Part 5 This is part of an ongoing series on documentation development. Please be sure to read the previous posts in this series: Part 1 Part 2 Part 3 Part 4 In this installment, we will discuss fonts, and then move on to additional structural elements necessary in documentation, starting with policies. Does the font matter? Certainly. As I mentioned in a previous post, if your organization has a corporate style guide, the font and document layout is likely already determined. If you are planning on distributing hard copies of your documents, a Serif font is easiest on the eyes. Of course, rare is the document that is viewed in one format only. Perhaps the best known example, at least to a generation raised with computers, is Arial. (In case you don’t think typography is cool, read Steve Jobs’ 1995 commencement address to Stanford “I decided to take a calligraphy class to learn how to do this. Before we get too far down the road into typography (kerning anyone?)