csi fbi computer crime and security survey

csi fbi computer crime and security survey

Look who has access to your email

In large part, the justification for comprehensive security systems is attributable to the largely unknown number of internal security breaches that are increasingly plaguing companies. Documenting these abuses is difficult because so many of them ...

Local csi fbi computer crime and security survey Listings
Your Source for csi fbi computer crime and security survey. Find csi fbi computer crime and security survey Listings Here!
www.FindLinks.com

csi fbi computer crime and security survey Listings
Find and Compare Top Local csi fbi computer crime and security survey Listings Here.
www.WYP.net

csi fbi computer crime and security survey
Find Local Security Information. View Top Results.
www.AreaConnect.com

From: Jeremy Winder
Date: Tue, 24 Jun 2008 19:33:52 +0100

Shreyas,

I believe the attribute that Michael is referring to is the
execute-only. See
http://support.novell.com/techcenter/articles/ana20000603.html search
for execute-only for more details. However, this will also stop you from
being able to read the file into some other process.

Jeremy


On Tue, 2008-06-24 at 21:58 +0530, Shreyas Zare wrote:
> Hi,
> 
> I still beg to differ. Can you please provide some reference to Novel
> COPY permission. Thanking you in advance.
> 
> Regards,
> 
> On Tue, Jun 24, 2008 at 9:54 PM, Michael P. Carter
> <mcarter@electracash.com> wrote:
> >
> > Hi Shreyas,
> >
> >
> >
> > Novell has been using the COPY permissions successfully for more than a decade. I don't pretend to understand Novell's mechanics, but clearly it can be done.
> >
> >
> >
> > Michael P. Carter
> >
> > Network Manager
> >
> > mcarter@electracash.com
> >
> > 562-498-6888
> >
> >
> >
> > From: Shreyas Zare [mailto:shreyas@technitium.com]
> > Sent: Monday, June 23, 2008 8:41 PM
> > To: Michael P. Carter; security-basics@securityfocus.com
> > Subject: Re: Deny access to copy files
> >
> >
> >
> > Hi,
> >
> > But once the file data is in a program's buffer then there are no permissions inherited from the file for that memory. Even if you design such an system, its trivial to write 2 separate process, first process will read file data and pass it to other process by using COM/DCOM or just TCP/IP sockets and the second process will write the data in a new file. This situation is quite similar to the Audio Hole in DRM systems that prevent use of media on players/machines other that the user bought for. DRM cannot prevent user to just record the audio in software and then convert it back to mp3 which is almost equivalent to copy the music (with very small loss).
> >
> > Regards,
> >
> > On Mon, Jun 23, 2008 at 11:41 PM, Michael P. Carter <mcarter@electracash.com> wrote:
> >
> > When any file is accessed the security parameters for that file are also
> > read & loaded.
> >
> > Michael P. Carter
> > Network Manager
> > mcarter@electracash.com
> > 562-498-6888
> >
> >
> > -----Original Message-----
> > From: Shreyas Zare [mailto:shreyas@technitium.com]
> > Sent: Monday, June 23, 2008 9:54 AM
> > To: Michael P. Carter; security-basics@securityfocus.com
> > Subject: Re: Deny access to copy files
> >
> > Hi,
> >
> > It would be great if you point to some reference for this. Thanks in
> > advance.
> >
> > Regards
> >
> > On Mon, Jun 23, 2008 at 10:21 PM, Michael P. Carter
> > <mcarter@electracash.com> wrote:
> > > Do your research more deeply.
> > >
> > > Michael P. Carter
> > > Network Manager
> > > mcarter@electracash.com
> > > 562-498-6888
> > >
> > >
> > > -----Original Message-----
> > > From: Shreyas Zare [mailto:shreyas@technitium.com]
> > > Sent: Monday, June 23, 2008 9:50 AM
> > > To: Michael P. Carter; security-basics@securityfocus.com
> > > Subject: Re: Deny access to copy files
> > >
> > > Hi,
> > >
> > > I dont think software use copy method to do Save As. Once a program
> > > opens a file and reads data into a buffer its free to write that
> > > buffer anywhere it has access to. No need to use system copy
> > > functions.
> > >
> > > Regards,
> > >
> > > On Mon, Jun 23, 2008 at 9:58 PM, Michael P. Carter
> > > <mcarter@electracash.com> wrote:
> > >>
> > >> Not so - any user denied permission to COPY will inherently be denied
> > >> permission to Save As (that's a simple copy operation to a new
> > >> location).
> > >>
> > >> Michael P. Carter
> > >> Network Manager
> > >> mcarter@electracash.com
> > >> 562-498-6888
> > >>
> > >>
> > >> -----Original Message-----
> > >> From: Shreyas Zare [mailto:shreyas@technitium.com]
> > >> Sent: Friday, June 20, 2008 2:31 AM
> > >> To: Michael P. Carter
> > >> Cc: Atif Azim; GSO GSO; James Finnican; Kevin Ortloff; Ahmed Khalid;
> > >> focus-ms@securityfocus.com; security-basics@lists.securityfocus.com
> > >> Subject: Re: Deny access to copy files
> > >>
> > >> Hi,
> > >>
> > >> Even if you have special COPY permission in NTFS, any user with READ
> > >> access will open the file and just use Save As to save it anywhere,
> > or
> > >> just write a small code, possible in any programming language, to
> > read
> > >> file and write a new file. So COPY thing is useless, MS is
> > intelligent
> > >> enough.
> > >>
> > >> Regards,
> > >>
> > >> On Fri, Jun 20, 2008 at 12:39 AM, Michael P. Carter
> > >> <mcarter@electracash.com> wrote:
> > >> >
> > >> > Also, the NTFS permission READ will allow anyone with that
> > > permission
> > >> to
> > >> > also copy (the EXECUTE part allows them to launch the appropriate
> > >> > program to open the file), so the Windows permissions don't meet
> > > your
> > >> > security needs (it's something that we've been harassing Microsoft
> > >> about
> > >> > for more than a decade - separate permissions for READ and COPY)).
> > >> >
> > >> > Michael P. Carter
> > >> > Network Manager
> > >> > mcarter@electracash.com
> > >> > 562-498-6888
> > >> >
> > >> > -----Original Message-----
> > >> > From: listbounce@securityfocus.com
> > >> [mailto:listbounce@securityfocus.com]
> > >> > On Behalf Of Atif Azim
> > >> > Sent: Wednesday, June 18, 2008 11:44 PM
> > >> > To: GSO GSO
> > >> > Cc: James Finnican; Kevin Ortloff; Ahmed Khalid;
> > >> > focus-ms@securityfocus.com; security-basics@lists.securityfocus.com
> > >> > Subject: Re: Deny access to copy files
> > >> >
> > >> > Indeed a technical control is not the only thing you should be
> > > looking
> > >> > forward to in such a scenario.First, you need to set your policies
> > >> > straight and results for non-compliance leading to consequences for
> > >> > leaking intellectual property. When looking forward to technical
> > >> > controls, checkout McAfee Data loss Prevention (DLP).It addresses
> > >> > issues related to source code leakage as well. Go to
> > >> >
> > >> >
> > >>
> > >
> > http://www.mcafee.com/us/enterprise/products/data_loss_prevention/data_l
> > >> > oss_prevention.html
> > >> >
> > >> > and also see the flash demo at
> > >> >
> > >> >
> > >>
> > >
> > http://www.mcafee.com/us/local_content/demos/dlp_technical_demo/dlp_flas
> > >> > h_demo.html
> > >> >
> > >> > Regards,
> > >> > Atif Azim
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >
> > >> > On Wed, Jun 18, 2008 at 1:16 AM, GSO GSO <gso.gsecur@gmail.com>
> > > wrote:
> > >> > > DeviceLock is a great program.  Besides the very granular
> > > permission
> > >> > > levels, I have also like the fact I can create temporary access
> > >> codes.
> > >> > >  So if an individual needs access to a USB device for an hour or
> > >> even
> > >> > > a month, I can give it to them.
> > >> > >
> > >> > > B
> > >> > >
> > >> > > http://GovernmentSecurity.org
> > >> > >
> > >> > > On Tue, Jun 17, 2008 at 2:43 PM, James Finnican
> > > <jfinnica@bebe.com>
> > >> > wrote:
> > >> > >> DeviceLock and, disable access to the internet with exception to
> > >> > accepted resources, Wiki's subscribed sites. You can do this from
> > IE
> > >> > directly or, configure it at the firewall if it allows.
> > >> > >>
> > >> > >> -----Original Message-----
> > >> > >> From: listbounce@securityfocus.com
> > >> > [mailto:listbounce@securityfocus.com] On Behalf Of Kevin Ortloff
> > >> > >> Sent: Friday, June 13, 2008 9:31 AM
> > >> > >> To: Ahmed Khalid; focus-ms@securityfocus.com
> > >> > >> Cc: security-basics@lists.securityfocus.com
> > >> > >> Subject: RE: Deny access to copy files
> > >> > >>
> > >> > >> If you don't mind spending a 2-3 thousand, there is a good
> > > product
> > >> > called ' DeviceLock '. This is a global policy enforcer that will
> > >> > restrict activates on USB, External Storage, etc, etc.. You can be
> > >> very
> > >> > specific too like only a certain kind of thumb drive can be used by
> > > a
> > >> > particular individual ( this allows you to control who has the
> > > ability
> > >> > to even use an approved drive ). Or, maybe you only want read, but
> > > no
> > >> > write. You can do that too.
> > >> > >>
> > >> > >> Anyway, hope that helps. I'm sure there are other apps that can
> > > do
> > >> > this. I liked DeviceLock when I did my evals.
> > >> > >>
> > >> > >>
> > >> > >>
> > >> > >> -----Original Message-----
> > >> > >> From: listbounce@securityfocus.com
> > >> > [mailto:listbounce@securityfocus.com] On Behalf Of Ahmed Khalid
> > >> > >> Sent: Sunday, June 01, 2008 11:20 AM
> > >> > >> To: focus-ms@securityfocus.com
> > >> > >> Cc: security-basics@lists.securityfocus.com
> > >> > >> Subject: Deny access to copy files
> > >> > >>
> > >> > >> I am working for a software house, they are developing a
> > software
> > >> > product and their requirement is to restrict programmers to take
> > the
> > >> > code out of office premises due to company policy. I am trying to
> > >> > configure a windows based machine which denies access to copy files
> > > to
> > >> > external storage devices connected to USB. There is an NTFS
> > > permission
> > >> > "Read + Execute" I guess this could do the work but is there any
> > > other
> > >> > way to do it?
> > >> > >>
> > >> > >> They also don't need programmers to take the code with them in
> > >> their
> > >> > email.
> > >> > >> I can restrict SMTP and POP ports but when it comes to web based
> > >> > emails I am clueless,  How can I restrict web based emails like
> > >> hotmail,
> > >> > gmail, yahoo there are so many of these and if I somehow manage to
> > >> block
> > >> > all web based email sites someone can write a script to send
> > emails,
> > >> if
> > >> > not a script HTTP tunneling would bypass any checks and bounds
> > > defined
> > >> > by my proxy/gateway machine. How can I block such thing?
> > >> > >>
> > >> > >> Any help would be highly appreciated.
> > >> > >>
> > >> > >> Regards,
> > >> > >> Ahmed Khalid
> > >> > >>
> > >> > >>
> > >> > >>
> > >> > >>
> > >> > >> This email, its contents and attachments contain information
> > from
> > >> j2
> > >> > Global Communications, Inc. and/or its affiliates which may be
> > >> > privileged, confidential or otherwise protected from disclosure.
> > The
> > >> > information is intended to be for the addressee(s) only.  If you
> > are
> > >> not
> > >> > an addressee, any disclosure, copy, distribution, or use of the
> > >> contents
> > >> > of this message is prohibited.  If you have received this email in
> > >> error
> > >> > please notify the sender by reply e-mail and delete the original
> > >> message
> > >> > and any copies. j2 Global Communications. 6922 Hollywood Blvd.,
> > >> > Hollywood, CA 90028.
> > >> > >>
> > >> > >
> > >> > >
> > >> > >
> > >> > > --
> > >> > > Security/Hacking Paper Contest Win $100
> > >> > > http://GovernmentSecurity.org
> > >> > >
> > >>
> > >>
> > >>
> > >> --
> > >> ("There are only 10 kinds of people in this world: those who know
> > >> binary and those who don't.")
> > >>
> > >> Shreyas Zare
> > >> Co-Founder, Technitium
> > >> eMail: shreyas@technitium.com
> > >>
> > >> ..::< The Technitium Team >::..
> > >> Visit us at www.technitium.com
> > >> Contact us at theteam@technitium.com
> > >>
> > >> Technitium Personal Computers
> > >> We believe in quality.
> > >> Visit http://pc.technitium.com for details.
> > >
> > >
> > >
> > > --
> > > ("There are only 10 kinds of people in this world: those who know
> > > binary and those who don't.")
> > >
> > > Shreyas Zare
> > > Co-Founder, Technitium
> > > eMail: shreyas@technitium.com
> > >
> > > ..::< The Technitium Team >::..
> > > Visit us at www.technitium.com
> > > Contact us at theteam@technitium.com
> > >
> > > Technitium Personal Computers
> > > We believe in quality.
> > > Visit http://pc.technitium.com for details.
> > >
> >
> >
> >
> > --
> > ("There are only 10 kinds of people in this world: those who know
> > binary and those who don't.")
> >
> > Shreyas Zare
> > Co-Founder, Technitium
> > eMail: shreyas@technitium.com
> >
> > ..::< The Technitium Team >::..
> > Visit us at www.technitium.com
> > Contact us at theteam@technitium.com
> >
> > Technitium Personal Computers
> > We believe in quality.
> > Visit http://pc.technitium.com for details.
> >
> >
> > --
> > ("There are only 10 kinds of people in this world: those who know binary and those who don't.")
> >
> > Shreyas Zare
> > Co-Founder, Technitium
> > eMail: shreyas@technitium.com
> >
> > ..::< The Technitium Team >::..
> > Visit us at www.technitium.com
> > Contact us at theteam@technitium.com
> >
> > Technitium Personal Computers
> > We believe in quality.
> > Visit http://pc.technitium.com for details.
> 
> 
> --
> ("There are only 10 kinds of people in this world: those who know
> binary and those who don't.")
> 
> Shreyas Zare
> Co-Founder, Technitium
> eMail: shreyas@technitium.com
> 
> ..::< The Technitium Team >::..
> Visit us at www.technitium.com
> Contact us at theteam@technitium.com
> 
> Technitium Personal Computers
> We believe in quality.
> Visit http://pc.technitium.com for details.

From: Shreyas Zare
Date: Tue, 24 Jun 2008 17:28:59 +0100

Hi,

I still beg to differ. Can you please provide some reference to Novel
COPY permission. Thanking you in advance.

Regards,

On Tue, Jun 24, 2008 at 9:54 PM, Michael P. Carter
<mcarter@electracash.com> wrote:
>
> Hi Shreyas,
>
>
>
> Novell has been using the COPY permissions successfully for more than a decade. I don't pretend to understand Novell's mechanics, but clearly it can be done.
>
>
>
> Michael P. Carter
>
> Network Manager
>
> mcarter@electracash.com
>
> 562-498-6888
>
>
>
> From: Shreyas Zare [mailto:shreyas@technitium.com]
> Sent: Monday, June 23, 2008 8:41 PM
> To: Michael P. Carter; security-basics@securityfocus.com
> Subject: Re: Deny access to copy files
>
>
>
> Hi,
>
> But once the file data is in a program's buffer then there are no permissions inherited from the file for that memory. Even if you design such an system, its trivial to write 2 separate process, first process will read file data and pass it to other process by using COM/DCOM or just TCP/IP sockets and the second process will write the data in a new file. This situation is quite similar to the Audio Hole in DRM systems that prevent use of media on players/machines other that the user bought for. DRM cannot prevent user to just record the audio in software and then convert it back to mp3 which is almost equivalent to copy the music (with very small loss).
>
> Regards,
>
> On Mon, Jun 23, 2008 at 11:41 PM, Michael P. Carter <mcarter@electracash.com> wrote:
>
> When any file is accessed the security parameters for that file are also
> read & loaded.
>
> Michael P. Carter
> Network Manager
> mcarter@electracash.com
> 562-498-6888
>
>
> -----Original Message-----
> From: Shreyas Zare [mailto:shreyas@technitium.com]
> Sent: Monday, June 23, 2008 9:54 AM
> To: Michael P. Carter; security-basics@securityfocus.com
> Subject: Re: Deny access to copy files
>
> Hi,
>
> It would be great if you point to some reference for this. Thanks in
> advance.
>
> Regards
>
> On Mon, Jun 23, 2008 at 10:21 PM, Michael P. Carter
> <mcarter@electracash.com> wrote:
> > Do your research more deeply.
> >
> > Michael P. Carter
> > Network Manager
> > mcarter@electracash.com
> > 562-498-6888
> >
> >
> > -----Original Message-----
> > From: Shreyas Zare [mailto:shreyas@technitium.com]
> > Sent: Monday, June 23, 2008 9:50 AM
> > To: Michael P. Carter; security-basics@securityfocus.com
> > Subject: Re: Deny access to copy files
> >
> > Hi,
> >
> > I dont think software use copy method to do Save As. Once a program
> > opens a file and reads data into a buffer its free to write that
> > buffer anywhere it has access to. No need to use system copy
> > functions.
> >
> > Regards,
> >
> > On Mon, Jun 23, 2008 at 9:58 PM, Michael P. Carter
> > <mcarter@electracash.com> wrote:
> >>
> >> Not so - any user denied permission to COPY will inherently be denied
> >> permission to Save As (that's a simple copy operation to a new
> >> location).
> >>
> >> Michael P. Carter
> >> Network Manager
> >> mcarter@electracash.com
> >> 562-498-6888
> >>
> >>
> >> -----Original Message-----
> >> From: Shreyas Zare [mailto:shreyas@technitium.com]
> >> Sent: Friday, June 20, 2008 2:31 AM
> >> To: Michael P. Carter
> >> Cc: Atif Azim; GSO GSO; James Finnican; Kevin Ortloff; Ahmed Khalid;
> >> focus-ms@securityfocus.com; security-basics@lists.securityfocus.com
> >> Subject: Re: Deny access to copy files
> >>
> >> Hi,
> >>
> >> Even if you have special COPY permission in NTFS, any user with READ
> >> access will open the file and just use Save As to save it anywhere,
> or
> >> just write a small code, possible in any programming language, to
> read
> >> file and write a new file. So COPY thing is useless, MS is
> intelligent
> >> enough.
> >>
> >> Regards,
> >>
> >> On Fri, Jun 20, 2008 at 12:39 AM, Michael P. Carter
> >> <mcarter@electracash.com> wrote:
> >> >
> >> > Also, the NTFS permission READ will allow anyone with that
> > permission
> >> to
> >> > also copy (the EXECUTE part allows them to launch the appropriate
> >> > program to open the file), so the Windows permissions don't meet
> > your
> >> > security needs (it's something that we've been harassing Microsoft
> >> about
> >> > for more than a decade - separate permissions for READ and COPY)).
> >> >
> >> > Michael P. Carter
> >> > Network Manager
> >> > mcarter@electracash.com
> >> > 562-498-6888
> >> >
> >> > -----Original Message-----
> >> > From: listbounce@securityfocus.com
> >> [mailto:listbounce@securityfocus.com]
> >> > On Behalf Of Atif Azim
> >> > Sent: Wednesday, June 18, 2008 11:44 PM
> >> > To: GSO GSO
> >> > Cc: James Finnican; Kevin Ortloff; Ahmed Khalid;
> >> > focus-ms@securityfocus.com; security-basics@lists.securityfocus.com
> >> > Subject: Re: Deny access to copy files
> >> >
> >> > Indeed a technical control is not the only thing you should be
> > looking
> >> > forward to in such a scenario.First, you need to set your policies
> >> > straight and results for non-compliance leading to consequences for
> >> > leaking intellectual property. When looking forward to technical
> >> > controls, checkout McAfee Data loss Prevention (DLP).It addresses
> >> > issues related to source code leakage as well. Go to
> >> >
> >> >
> >>
> >
> http://www.mcafee.com/us/enterprise/products/data_loss_prevention/data_l
> >> > oss_prevention.html
> >> >
> >> > and also see the flash demo at
> >> >
> >> >
> >>
> >
> http://www.mcafee.com/us/local_content/demos/dlp_technical_demo/dlp_flas
> >> > h_demo.html
> >> >
> >> > Regards,
> >> > Atif Azim
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > On Wed, Jun 18, 2008 at 1:16 AM, GSO GSO <gso.gsecur@gmail.com>
> > wrote:
> >> > > DeviceLock is a great program.  Besides the very granular
> > permission
> >> > > levels, I have also like the fact I can create temporary access
> >> codes.
> >> > >  So if an individual needs access to a USB device for an hour or
> >> even
> >> > > a month, I can give it to them.
> >> > >
> >> > > B
> >> > >
> >> > > http://GovernmentSecurity.org
> >> > >
> >> > > On Tue, Jun 17, 2008 at 2:43 PM, James Finnican
> > <jfinnica@bebe.com>
> >> > wrote:
> >> > >> DeviceLock and, disable access to the internet with exception to
> >> > accepted resources, Wiki's subscribed sites. You can do this from
> IE
> >> > directly or, configure it at the firewall if it allows.
> >> > >>
> >> > >> -----Original Message-----
> >> > >> From: listbounce@securityfocus.com
> >> > [mailto:listbounce@securityfocus.com] On Behalf Of Kevin Ortloff
> >> > >> Sent: Friday, June 13, 2008 9:31 AM
> >> > >> To: Ahmed Khalid; focus-ms@securityfocus.com
> >> > >> Cc: security-basics@lists.securityfocus.com
> >> > >> Subject: RE: Deny access to copy files
> >> > >>
> >> > >> If you don't mind spending a 2-3 thousand, there is a good
> > product
> >> > called ' DeviceLock '. This is a global policy enforcer that will
> >> > restrict activates on USB, External Storage, etc, etc.. You can be
> >> very
> >> > specific too like only a certain kind of thumb drive can be used by
> > a
> >> > particular individual ( this allows you to control who has the
> > ability
> >> > to even use an approved drive ). Or, maybe you only want read, but
> > no
> >> > write. You can do that too.
> >> > >>
> >> > >> Anyway, hope that helps. I'm sure there are other apps that can
> > do
> >> > this. I liked DeviceLock when I did my evals.
> >> > >>
> >> > >>
> >> > >>
> >> > >> -----Original Message-----
> >> > >> From: listbounce@securityfocus.com
> >> > [mailto:listbounce@securityfocus.com] On Behalf Of Ahmed Khalid
> >> > >> Sent: Sunday, June 01, 2008 11:20 AM
> >> > >> To: focus-ms@securityfocus.com
> >> > >> Cc: security-basics@lists.securityfocus.com
> >> > >> Subject: Deny access to copy files
> >> > >>
> >> > >> I am working for a software house, they are developing a
> software
> >> > product and their requirement is to restrict programmers to take
> the
> >> > code out of office premises due to company policy. I am trying to
> >> > configure a windows based machine which denies access to copy files
> > to
> >> > external storage devices connected to USB. There is an NTFS
> > permission
> >> > "Read + Execute" I guess this could do the work but is there any
> > other
> >> > way to do it?
> >> > >>
> >> > >> They also don't need programmers to take the code with them in
> >> their
> >> > email.
> >> > >> I can restrict SMTP and POP ports but when it comes to web based
> >> > emails I am clueless,  How can I restrict web based emails like
> >> hotmail,
> >> > gmail, yahoo there are so many of these and if I somehow manage to
> >> block
> >> > all web based email sites someone can write a script to send
> emails,
> >> if
> >> > not a script HTTP tunneling would bypass any checks and bounds
> > defined
> >> > by my proxy/gateway machine. How can I block such thing?
> >> > >>
> >> > >> Any help would be highly appreciated.
> >> > >>
> >> > >> Regards,
> >> > >> Ahmed Khalid
> >> > >>
> >> > >>
> >> > >>
> >> > >>
> >> > >> This email, its contents and attachments contain information
> from
> >> j2
> >> > Global Communications, Inc. and/or its affiliates which may be
> >> > privileged, confidential or otherwise protected from disclosure.
> The
> >> > information is intended to be for the addressee(s) only.  If you
> are
> >> not
> >> > an addressee, any disclosure, copy, distribution, or use of the
> >> contents
> >> > of this message is prohibited.  If you have received this email in
> >> error
> >> > please notify the sender by reply e-mail and delete the original
> >> message
> >> > and any copies. j2 Global Communications. 6922 Hollywood Blvd.,
> >> > Hollywood, CA 90028.
> >> > >>
> >> > >
> >> > >
> >> > >
> >> > > --
> >> > > Security/Hacking Paper Contest Win $100
> >> > > http://GovernmentSecurity.org
> >> > >
> >>
> >>
> >>
> >> --
> >> ("There are only 10 kinds of people in this world: those who know
> >> binary and those who don't.")
> >>
> >> Shreyas Zare
> >> Co-Founder, Technitium
> >> eMail: shreyas@technitium.com
> >>
> >> ..::< The Technitium Team >::..
> >> Visit us at www.technitium.com
> >> Contact us at theteam@technitium.com
> >>
> >> Technitium Personal Computers
> >> We believe in quality.
> >> Visit http://pc.technitium.com for details.
> >
> >
> >
> > --
> > ("There are only 10 kinds of people in this world: those who know
> > binary and those who don't.")
> >
> > Shreyas Zare
> > Co-Founder, Technitium
> > eMail: shreyas@technitium.com
> >
> > ..::< The Technitium Team >::..
> > Visit us at www.technitium.com
> > Contact us at theteam@technitium.com
> >
> > Technitium Personal Computers
> > We believe in quality.
> > Visit http://pc.technitium.com for details.
> >
>
>
>
> --
> ("There are only 10 kinds of people in this world: those who know
> binary and those who don't.")
>
> Shreyas Zare
> Co-Founder, Technitium
> eMail: shreyas@technitium.com
>
> ..::< The Technitium Team >::..
> Visit us at www.technitium.com
> Contact us at theteam@technitium.com
>
> Technitium Personal Computers
> We believe in quality.
> Visit http://pc.technitium.com for details.
>
>
> --
> ("There are only 10 kinds of people in this world: those who know binary and those who don't.")
>
> Shreyas Zare
> Co-Founder, Technitium
> eMail: shreyas@technitium.com
>
> ..::< The Technitium Team >::..
> Visit us at www.technitium.com
> Contact us at theteam@technitium.com
>
> Technitium Personal Computers
> We believe in quality.
> Visit http://pc.technitium.com for details.


--
("There are only 10 kinds of people in this world: those who know
binary and those who don't.")

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas@technitium.com

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam@technitium.com

Technitium Personal Computers
We believe in quality.
Visit http://pc.technitium.com for details.

From: Adriel Desautels
Date: Tue, 24 Jun 2008 14:59:16 +0100

--------------050907060801020006060906
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

Murda,
	It means that the king didn't have the proper controls in place.

Regards,
	Adriel T. Desautels
	Chief Technology Officer
	Netragard, LLC.
	Office : 617-934-0269
	Mobile : 617-633-3821
	http://www.linkedin.com/pub/1/118/a45

	Join the Netragard, LLC. Linked In Group:
	http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Murda Mcloud wrote:
> Now the calculations done by Robin Harris@CNET may be up for conjecture
> here;
>=20
> http://blogs.zdnet.com/storage/?p=3D162
>=20
> However, I found it to be thought provoking.=20
>=20
> I know that this thread has become two threads in one but I'm glad I as=
ked
> the question and I'm glad I asked in the way I did because the ensuing
> debate has been welcome on my part. Stimulates the little grey cells...
> Thanks everyone.
>=20
>=20
>=20
>=20
>>> -----Original Message-----
>>> From: Rivest, Philippe [mailto:PRivest@transforce.ca]
>>> Sent: Saturday, June 21, 2008 4:11 AM
>>> To: Adriel Desautels
>>> Cc: Murda Mcloud; security-basics@securityfocus.com
>>> Subject: RE: RAID 5 drive replacement schedule
>>>
>>> I do think we are saying just about the same thing. But I may of not =
be
>>> clear
>>> so let me restate.
>>>
>>> Raid 5 is an IT field & technologie, and adds to the security by maki=
ng 1
>>> failed drive NOT impact availability. That's all I meant. No decision=
 or
>>> security implication should be done before or after that (unless ther=
es
>>> an
>>> incident). No security team should be implicated in the drive replace=
ment
>>> as
>>> this is normal IT operation.
>>>
>>> Raid 5 helps security in keeping the data accessible in the event of =
a
>>> failed
>>> drive.
>>>
>>> Side note:
>>> For my CAI is always security related and justified. Make it high or =
low
>>> availability it is security and has to be justified.
>>>
>>>
>>> Merci / Thanks
>>> Philippe Rivest, CEH
>>> V=E9rificateur interne en s=E9curit=E9 de l'information
>>> Courriel: Privest@transforce.ca
>>> T=E9l=E9phone: (514) 331-4417
>>> www.transforce.ca
>>>
>>>
>>> -----Message d'origine-----
>>> De : Adriel Desautels [mailto:adriel@netragard.com]
>>> Envoy=E9 : 20 juin 2008 14:00
>>> =C0 : Rivest, Philippe
>>> Cc : Murda Mcloud; security-basics@securityfocus.com
>>> Objet : Re: RAID 5 drive replacement schedule
>>>
>>> Philippe,
>>> 	I disagree with you and I think that the definition of security
>>> that
>>> you provided is partial, but thats just my opinion. Availability is a
>>> vague term that can, but does not always have a role in security.
>>> Determining what the proper schedule is for a drive replacement polic=
y
>>> is something that can be done by IT without the security team. Decidi=
ng
>>> how to dispose of the drives on the other hand is security.
>>>
>>>
>>> Regards,
>>> 	Adriel T. Desautels
>>> 	Chief Technology Officer
>>> 	Netragard, LLC.
>>> 	Office : 617-934-0269
>>> 	Mobile : 617-633-3821
>>> 	http://www.linkedin.com/pub/1/118/a45
>>>
>>> 	Join the Netragard, LLC. Linked In Group:
>>> 	http://www.linkedin.com/e/gis/48683/0B98E1705142
>>>
>>> ---------------------------------------------------------------
>>> Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
>>> Penetration Testing, Vulnerability Assessments, Website Security
>>>
>>> Netragard Whitepaper Downloads:
>>> -------------------------------
>>> Choosing the right provider : http://tinyurl.com/2ahk3j
>>> Three Things you must know  : http://tinyurl.com/26pjsn
>>>
>>>
>>> Rivest, Philippe wrote:
>>>> Adriel & Murda
>>>>
>>>> It is a security issue the way you store your data. In regards to th=
e
>>> raid
>>>> technologies, raid 5 improves the availability of the data by making
>>> sure
>>>> that a single drive failed will not impact the availability of the
>>> data.
>>>> Remember that security is
>>>> 1- Confidentiality
>>>> 2- Availability
>>>> 3- Integrity
>>>>
>>>> The main goal of a Raid 5 is to help #2. You are referring to the
>>> disposal
>>> of
>>>> the HD which is the issue of confidentiality and that is not what Mu=
rda
>>> was
>>>> aiming at. If it is, go for encryption, degaussing, destruction and
>>> just
>>>> plain format (if the data is not confidential).
>>>>
>>>> As I explained to him offline, the MTTF and MTBF is about the same f=
or
>>> 2 HD
>>>> bought/constructed at about the same time. How ever, those are not
>>> absolute
>>>> numbers that state that, if one drive fails the other one is about t=
o
>>> go
>>> too.
>>>> It's more an estimated value against which you should have some
>>>> confidence/hope, your drive should not fail before X hours (it could=
 go
>>>> before but the average is X).
>>>>
>>>> In a raid 5, Drive A, B and C are online and working (they are the s=
ame
>>> drive
>>>> bought at the same time). Drive A fails, you should NOT change drive=
 B
>>> & C
>>>> unless they are failing also. If you do, the cost of your raid 5 wil=
l
>>> be
>>>> greater then what it should be (the replacing of the parts are going=
 to
>>> cost
>>>> a lot). Change drive A and hope drives B & C will last longer.
>>>>
>>>>
>>>> The only issue is that 2 drives fail at the same time, which is very
>>>> improbable. And if it does, you should be going for your back ups.
>>>>
>>>>
>>>> I do hope this clarified the questions and that I wasn't to unclear
>>> with my
>>>> details!
>>>>
>>>> Merci / Thanks
>>>> Philippe Rivest, CEH
>>>> V=E9rificateur interne en s=E9curit=E9 de l'information
>>>> Courriel: Privest@transforce.ca
>>>> T=E9l=E9phone: (514) 331-4417
>>>> www.transforce.ca
>>>>
>>>>
>>>> -----Message d'origine-----
>>>> De : listbounce@securityfocus.com [mailto:listbounce@securityfocus.c=
om]
>>> De
>>> la
>>>> part de Adriel Desautels
>>>> Envoy=E9 : 20 juin 2008 11:27
>>>> =C0 : Murda Mcloud
>>>> Cc : security-basics@securityfocus.com
>>>> Objet : Re: RAID 5 drive replacement schedule
>>>>
>>>> Murda,
>>>> 	The real answer to your question is that it is very, very
>>> improbable
>>>> that all of the drives in the array will fail at the same time. Most
>>>> drives are good for a certain period of years, after which point you
>>> are
>>>> getting "extra time".
>>>>
>>>> 	That is not a security issue though. That is an IT related issue.
>>> The
>>>> security issue comes into play when you dispose of your drives. Do y=
ou
>>>> shred them, just throw them in the dumpster, how do you dispose of
>>> them?
>>>>
>>>> Regards,
>>>> 	Adriel T. Desautels
>>>> 	Chief Technology Officer
>>>> 	Netragard, LLC.
>>>> 	Office : 617-934-0269
>>>> 	Mobile : 617-633-3821
>>>> 	http://www.linkedin.com/pub/1/118/a45
>>>>
>>>> 	Join the Netragard, LLC. Linked In Group:
>>>> 	http://www.linkedin.com/e/gis/48683/0B98E1705142
>>>>
>>>> ---------------------------------------------------------------
>>>> Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
>>>> Penetration Testing, Vulner

                
Though venerable, the annual CSI/FBI  Crime &   is no exception --  some of the claims it makes would, or should, stop a reasonable security pro in his tracks.The 2002 CSI/FBI  Crime  Security  can be downloaded at no charge here.The   Institute has released their "Issues  Trends: 2000 CSI/FBI Computer Crime   Survey." It's worth reading;For the past six years, the   Institute has conducted an annual   survey.The "2000 CSI/FBI  Crime and Security Survey" documented that 90% of the 643 respondents (primarily large U.S. corporations  government agencies) detected  security breaches within CSI/FBI 2000      CSI/FBI 1999    Security  Source: Computer  InstituteComputer  Institute and Federal Bureau of Investigation. 1999 CSI/FBI     Survey.  Security Institute publication, March 1999.Computer Security Institute. Eigth annual CSI/FBI   and  survey, 2003.The CSI/FBI Survey is the longest running continuous survey in the information security field  commonly known as a leading source of statistics related to  crime  security.This 2006 survey is the second annual survey. It is based on the US CSI/FBI     Survey, the longest running continuous survey in the information  field and commonly Home eBook Categories Computers & Internet CSI/FBI  Crime   Survey, 2005The reference section provides a link to the 2005 CSI/FBI     Survey, the 2006 survey results can be found at http://i.cmpnet.com/gocsi/db_area/pdfs/fbi/FBI2006 .pdf Next message: From: Fred Cohen To: "[secedu] [iwar] "Issues  Trends:2000 CSI/FBI    Security Survey," (fwd) "[Networking] A 2003 Computer Security Institute and Federal Bureau of Investigation survey has found that awareness of network management  security is growing, says NamITrust.Home » Reports  Papers » 1997 CSI/FBI Computer Crime   SurveyHome » Reports  Papers »   Issues & Trends: 1997 CSI/FBI   and  Survey   Issues & Trends: 1997 CSI/FBI Computer Crime and   Subject: [iwar] "Issues  Trends:2000 CSI/FBI   and  Survey,"The  Crime  Security Survey is conducted by the   Institute (CSI) with the participation of the San Francisco Federal Bureau of Investigation's (FBI)  Intrusion Squad.
Home » New Media News » 2006 CSI/FBI  Crime   Survey Home » Latest Studies » 2006 CSI/FBI  Crime and  Survey Home » Hot Topics & Issues » Annually, the   Institute (CSI) and the FBI release the results of a survey they perform on the prevalence  character of computer crime.Power, Richard, "1999 CSI/FBI Computer  and  Survey,"   Journal, Volume XV, Number 2, 1999, pp. 32.Study: 2004 Australian     Survey - 2004   Institute '(CSI) is the world's leading membership organization specifically dedicated to serving  training the information,  and network  professional.Information-security managers must grasp the economics of security to protect their companies.Good summary of the 2006 FBI computer  survey.The 2005 CSI/FBI  Crime  Security Survey, produced by the   Institute (CSI) and San Francisco FBI's  Intrusion Squad, said the average dollar loss per survey According to the 2003 CSI/FBI Computer    Survey, the risk of cyber attacks continues to be high Highlights of the 2006 CSI/FBI Computer    Survey LinuxSecurity.com delivers the latest breaking news  information on security, linux, open source, firewalls, networks, privacy, encryption, cryptography, hacks, attacks, vulnerabilities, advisories, 2005 FBI study on computer crime - Conclusion howpublished = {\url{http://www.gocsi.com/forms/fbi/csi\_fbi\_sur vey.jhtml}},Home News Latest News New 9th CSI & FBI     Survey 2006 FBI study on  crime including  training needs of organizations  the level of organizational spending on  investments.Have you read the 2005  Crime    conducted by the   Institute  the FBI? CSI is a worldwide associationLinuxSecurity.com delivers the latest breaking news and information on security, linux, open source, firewalls, networks, privacy, encryption, cryptography, hacks, attacks, vulnerabilities, advisories, Highlights of the 2006 CSI/FBI  Crime    (security-guru The reference section provides a link to the 2005 CSI/FBI Computer Crime   Survey, the 2006 survey results can be found at http://i.cmpnet.com/gocsi/db_area/pdfs/fbi/FBI2006 .pdf The CSI/FBI Computer Crime and  Survey provides some interesting statistics about our businesses.– Small Business–Canada–Statistics Source: Industry Canada New, Key Small Business Statistics — July 2005 –  Security–United States–Surveys Source: Computer Security Virus Attacks Named Leading Culprit of Financial Loss by U.S. Companies in 2006 CSI/FBI Computer   Security  2005 CSI/FBI  Crime  Security Survey - statistics and information about   And on Mar. 12, the   Institute (CSI) released its annual survey, which showed that 64% of the 538 companies and large institutions it polled acknowledged suffering financial losses A high-grade encryption program is almost impossible to crack, said Robert Richardson, editorial director of the   Institute, where he compiles the CSI/FBI Computer Crime  Security Survey. An FBI  of more than 2,000 public  private organizations on the subject of cyber-crime found that almost 90 percent had experienced computer security incidents in 2005.Virus Attacks Named Leading Culprit of Financial Loss by U.S. Companies in 2006 CSI/FBI  Crime and  Survey July 13, 2006 (1:00 PM EST) PRNewswirePower, Richard, "1999 CSI/FBI   and  Survey," Computer Security Journal, Volume XV, Number 2, 1999, pp.
32.Incidents of unauthorized use of computer systems declined in the past year, continuing a trend that began in 2001, according to a survey just released by the   Institute and FBI.According to the 2003 CSI/FBI Computer    Surveys (http://gocsi.com), theft of proprietary information is reported as being responsible for the most financial loss for the last 4 Exclusive Webcast: How to Test for Software Vulnerabilities Posted by boss on Thursday, April 03 @ 10:19:49 EDT (309 reads) Anonymous writes " A Codenomicon event, presented by Computer Security In a joint survey of Fortune 500 corporations conducted by the FBI  the U.S.-based   Institute (CSI), 42 per cent of respondents said they had experienced unauthorized use of their . .