Found a cople of links which give lots of useful information on windows processes like the detail of what each does. links here and here .
Of course you should always be cautious about assuming that just 'cause a process has a given name that it will do what is contained in lists like this, as it isn't too hard to create a binary with any given name, however useful info. all the same.
Here's an interesting questionnaire published by the world bank as an assessment methodology for organisational security.
I've not had a chance to go all the way through it in detail, but it looks like it's got some interesting ideas in it. However one thing that I'm not too keen on in it so far is the section structure. they seem to have sections at very different levels of detail. For example one section for authentication/access control, quite a large area to cover and then one specifically for active content control for Internet access, which is a very specific area to cover!
An interesting blog entry on Locking Down The Obvious: USB
I think it's a point well made. Essentially companies need to look at USB ports in the same way they look at CD-ROM's and floppy drives. If CD's and floppies are locked down then USB ports should be as well... although it is more challenging technologically as USB ports have wider range of functionality than CD-Drives, which makes it more likely that they will need to be enabled.
It also looks like software products are coming into the market to manage this kind of functionality where required. For example Reflex disknet pro looks like an interesting way of controlling access to removable media, including USB keys....
I found an interesting product called GroundWork.
However what was more interesting to me was the advert's they're using to attract customer, which are actively promoting the products open source background
"no proprietary hassles" and "open source flexibility" are 2 of the phrases from the ads.
I'd be interested to know how that approach works out for them, 'cause it's fairly opposed to what a lot of the research firms seem to say about open source, which is that big business finds the open source nature of the software a turn off...
The Great Debates: Pass Phrases vs. Passwords. Part 1 of 3: Security Management - October 2004
Another interesting article on passwords v passphrases
Password vs. Passphrase redux
Interesting article covering passwords and passphrases. I must say that personally I'm not too fond of trying to remember passphrases (I tend to forget how I punctuated them when I originally set them)...
One of the more interesting ways I've heard of for setting passwords was a friend of mine who uses the second letter each word of song lyrics which he's written himself ;op
the story over at Wired covers the news that american passports are going to get RFID chips...
As is mentioned in the story I don't really understand why they don't just use chips that require contact, thus reducing the risks that the chips is read by unauthorised persons considerably...
Also I can see the sales of passport holders that block RFID signals going through the roof!! (hmm wonder if I could patent that sharpish ;op)
Theres's a story over at Slashdot, covering the idea of a bootable USB based operating environment based on Damn Small Linux
I could see this kind of thing as quite handy if you wanted to use cybercafe's or other untrusted computers, without the risk of, software, spyware. Of course whether the cybercafe owners would be too happy with you booting one of their PC's of a USB memory stick is another matter.....
There's an interesting post over at Schneier on Security: Security Information Management Systems (SIMS).
This post touches on 2 current security issues, firstly managing the ever growing amounts of security-related log information and secondly the outsourcing of security related tasks.
On the subject of the use of outsoucers for security monitoring, I must say that I'm not wholly convinced that passing the information to a 3rd party is the best way to handle it. My reservations centre around the fact that someone who doesn't work for an organisation has a lot less information on which to base decisions relating to the information being analysed.
For example an internal log monitoring team will likely have more information about projects occuring within the company, and the location and roles of IT and other departments, which would help them decide whether a pattern of information in a log is an attack or just the result of a new service that's being tested.
In the large organisations I've seen it can be enough of a challenge for someone working for the company to know what's going on, on the network, for an outsider it can be next to impossible.....
An interesting advisory from Secunia - Multiple Browsers Dialog Box Spoofing Test, and another one here .
Goes to show that there are still vulnerabilities to be found, and also it's not just IE that has security issues...
