League of Professional System Administrators - Security

NMAP

dklein — Sun, 14 Jan 2007 09:50:04 -0800

Short Description:
Fast enumeration of network services

Release Date:
Sun, 2007-01-14 10:00

Status:
Active

Long Description:

Nmap is a powerful tool for discovering hosts on a network and enumerating what service they are offering. This can be used to find vulnerable systems, to locate rogue services on your network or simply for a first step in troubleshooting.

Phoenix SysAdmin Days 2006 - Complaince for System Administrators - A Presentation Summary

bent — Tue, 14 Nov 2006 02:00:00 -0800

Monday morning, November 7th, 2006, George Toft (CISSP) presented on the subject of Compliance For System Administrators at the Phoenix SysAdmins Days event. George's presentation expressed the need for sysadmins to have an understanding of the requirements, areas of influence, and jurisdiction that make up various regulations and standards in place today to protect company and customer data.

Maintaining a secure data center can mean protecting the company or organization from legal and civil penalties, in addition to protecting from loss of personal information on customers, clients, and employees, and of course the loss of direct and indirect revenue. George used real life examples to show how loss of data has had its affect on companies in the Phoenix Metropolitan area, using both negative and positive examples of cases.

rsyslog

doug — Sun, 27 Aug 2006 20:47:42 -0700

Short Description:
Rsyslog is an enhanced multi-threaded syslogd supporting, among others, MySQL, syslog/tcp, RFC 3195, permitted sender lists, fil

Home Page:
www.rsyslog.com

Release Date:
Fri, 2005-09-23 20:00

Status:
Active

Long Description:

Rsyslog is an enhanced multi-threaded syslogd supporting, among others, MySQL, syslog/tcp, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is quite compatible to stock sysklogd and can be used as a drop-in replacement. Its advanced features make it suitable for enterprise-class, encryption protected syslog relay chains while at the same time being very easy to setup for the novice user. An optional web interface - phpLogCon - can be used to visualize all data online.

Top 100 security tools grouped by category

doug — Sun, 27 Aug 2006 20:44:09 -0700

Short Description:
A large index of security tools of all kinds

Home Page:
sectools.org

Release Date:
Sat, 2005-08-27 20:00

Status:
Active

Long Description:

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006 survey. I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed me to expand the list to 100 tools, and even subdivide them into categories. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also point newbies to this site whenever they write me saying “I don't know where to start”.

Log Analysis

doug — Tue, 25 Jul 2006 09:29:44 -0700

Short Description:
Web page referencing log analysis tools

Home Page:
loganalysis.org

Release Date:
Fri, 2003-07-25 21:00

Long Description:

"Log Analysis is one of the great overlooked aspects of operational computer security. Many organizations spend hundreds of thousands of dollars on intrusion detection systems (IDS) deployments - but still ignore their firewall logs. Why? Because the tools and knowledge to make use of that data are often not there, or the tools that exist are too inconvenient. You should expect that to change. Right now, IDS vendors are up against the wall with the volumes of data they produce; the next wave in security is to try to usefully correlate and process the contents of multiple logs."