Hacker Highschool - Security Awareness for Teens How To Secure Your Wi-Fi Network Against Intrusion Insecure Wi-Fi is the easiest way for people to access your home network, leech your internet, and cause you serious headaches with more malicious behavior. Read on as we show you how to secure your home Wi-Fi network. Why Secure Your Network? In a perfect world you could leave your Wi-Fi networks wide open to share with any passing Wi-Fi starved travelers who desperately needed to check their email or lightly use your network. Securing Your Wi-Fi Network Securing your Wi-Fi network is a multi-step affair. Note: It would be impossible for us to include step-by-step instructions for every brand/model combination of routers out there. Update Your Router and Upgrade to Third Party Firmware If Possible: At minimum you need to visit the web site for the manufacture of your router and make sure there are no updates. Even better, if you’re going to go through the hassle of updating, is to update to one of the awesome third-party router firmwares out there like DD-WRT or Tomato.
Container-Based Controls versus Dynamic Authorization: The Difference in Windows Environments (Part 1 of 2) By Sandeep Chopra. If you are debating whether to upgrade to Windows Server 2012, plenty of articles describe its new security benefits (for example, see here and here). Fewer articles discuss the basic shift in Access Management this release can enable. To understand the potential benefits of one key feature, Dynamic Access Control, it’s useful to compare this approach with more well-known models of Access Management, such as ACLs and Security Groups. This blog is first in a series that compares how Access Management was handled in Windows environments prior to the 2012 release with what’s possible now. Container-Based Controls: ACLs and Group Management ACLs and Security Groups are currently the most ubiquitous model of Access Management. The ACL and Security Group model is both manual (with permissions defined per container, by an Administrator), and static (pre-determined and applied ahead of time). From the Perspective of IT Administrators For End Users Like this: Like Loading...
Websites Websites about digital forensics and related topics. Bruce Nikkel's Computer Forensics Homepage Bruce Nikkel's Computer Forensics Homepage Presentations, links, references Digital Forensic Solution Provider Website Forensic People Website Certfied Computer Examiner Website Certfied Computer Examiner Website Open certification process for digital forensics. Computer Forensics and Investigations project “COMPUTER FORENSICS AND INVESTIGATIONS” Computer Forensics articles, and website of Igor Michailov Computer Forensics World Website with online discussion forums relating to computer forensics. Cyberspeak podcast Cyberspeak Podcast Computer forensics, network security, and computer crime podcast. Digital Forensics Discussion Forum Digital Forensics Discussion Forum A forum for the discussion of computer and digital forensics examinations, certified and non-certified investigators welcome Digital Forensic Research Workshop (DFRWS) E-Evidence Information Centre MySecured.com
Second Look® | Linux Memory Images Second Look: Linux Memory Forensics for Incident Response and Intrusion Detection Second Look combines memory forensics and integrity verification to provide unparalleled assurance that the software running on Linux servers and workstations, from the kernel to system services and applications, is of known origin and has not been modified. There is no more powerful tool for uncovering malware, backdoors, unauthorized processes, and other signs of compromise on Linux systems. Sample Linux Memory Images We make these sample Linux memory images freely available in the hope they may be useful for research, training, testing, or other purposes. We also invite you to learn about the value of Second Look for Linux incident response and intrusion detection. Each of the files below is a raw physical memory image, compressed with bzip2.
Tech Insight: Making The Most Of Open-Source Forensics Tools Emerging offerings can turn network forensics into a low-cost, do-it-yourself security project A Special Analysis for Dark Reading Network forensic solutions come in many different shapes, sizes, and price ranges, but in the end they all have the same goal: recording activity on the network. As IT budgets tighten with the economy, it might be time for your organization to take a closer look at a do-it-yourself approach to forensics that leverages free and open-source tools. While your CFO might love the price of these tools, it may be difficult to "sell" them to your IT management. But don't let the support question turn you away. Making the case to build your own network forensics capabilities often means highlighting the shortcomings of your company's existing tools. Network forensic tools also fill in the blanks when performing internal investigations. Building a basic network forensic system -- including installing the software and deploying it -- can be accomplished quickly.
Wi-Fi Best Practices | Mobile content from Windows IT Pro Like most technologies that an IT pro deals with, wireless technology changes from day to day. Not too long ago, having a wireless LAN (WLAN) was considered a mere luxury or something "nice to have." Nowadays, however, access to a WLAN is critical because the proliferation of mobile devices that have entered our industry invariably tout Wi-Fi as a key selling point. This is even more important as cellular carriers begin to cap their wireless data rate plans; unlimited cellular data plans are all but gone, whereas Wi-Fi is almost always unlimited (and faster). It's important to take stock of your current WLAN infrastructure if you have one, and to be aware of the latest standards if you're designing a new one—even if it consists of only a single Access Point (AP). The Band Played On Almost all discussions of Wi-Fi include at least a mention of spectrum bands—and our discussion is no different. Related: Wi-Fi: Tools to Detect Interference Channel Surfing Security, Not Obscurity 1. 2. 3. 4.
How to Prevent Users from Changing Permissions on File Servers • Helge Klein On file servers in corporate environments one typically does not want users to change permissions, even on their own files. It might seem that it would be sufficient to simply grant change permissions instead of full control, but unfortunately that is not the case. The problem is that whenever a new file gets created, the user creating the file will be its owner. And owners can always change permissions, regardless of the contents of the DACL. The Solution In order to prevent “orderly” users from “tidying” the permissions on their files and directories and thus messing things up, often removing administrators from the DACL, too, the following needs to be done: Only grant change (aka modify) permissions in the NTFS file system. The clever part is not granting “full control” in the share permissions to users. Authenticated users: change + readAdministrators: full control Automation
Journals Journals Academic and professional journals, both print and electronic, on the subject of digital forensics: Impact factors cited on 11/03/2013 from 2011 data provided by Impact Factor Search. H-Index cited on 11/03/2013 from SCImago Journal and Country Rank. H5-Index cited on 12/03/2013 from Google Scholar Metrics. Dead Journals These journals have ceased publication. Journal of Digital Forensic Practice Print journal from Taylor and Francis. International Journal of Digital Evidence (IJDE) Electronic journal that started in 2002 until 2007 Small Scale Digital Device Forensics Journal Online journal for academics and practitioners to publish articles regarding the theory, research, and practice in the rapidly changing field of Small Scale Digital Device Forensics. Conferences Websites
Malware Memory Foresnics Description: In this video you will learn how to how to perform memory forensics using Volatility tool.They are explained various commands and plugins of volatility that command can be used in memory forensics. This video is helpful for incident response and malware analysis tasks. Volatility : - The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. Tags: malware , memory , forensics , hacking , hack , Disclaimer: We are a infosec video aggregator and this video is linked from an external website. Comments: Book Review: Digital Forensics with Open Source Tools | Forensic Methods With more forensic books hitting the shelves, I find myself prioritizing those by authors I know and trust. I have worked with Cory Altheide and he is an extremely talented forensic professional with a passion for open source tools. Not surprisingly, I would not categorize this as a beginner book. Open source tools require a higher level of interaction than their commercial counterparts, but are a great way to take your forensic skills to the next level. While teaching, I often see students frustrated that there is no one tool that can do it all. The book begins with an excellent section on setting up your forensic workstation, using either Linux or Windows as a host. Of course the coverage of open source tools is why many will buy this book. Overall, I found DFWOST to be a tremendous asset in an area with few published resources.