the big picture model of our economy

... Loss of revenue/market share • Loss of intellectual property • Loss of privacy • Damage to reputation Information Security: The Big Picture - SANS GIAC © 2000 We will spend the rest of the course ... your awareness efforts to let users know how they can protect your information Let them know how important they are in the process, and let them know the consequences of failing to enforce your ... Security: The Big Picture - SANS GIAC © 2000 19 There are several ways of dealing with risk First, you can eliminate the risk You this by eliminating the cause of the risk or by decreasing your vulnerability...

Ngày tải lên: 18/10/2013, 18:15

... they would contact the operator at the central office and tell them the name of the person they wanted to talk to The operator would then connect the caller’s plug to the plug of the person being ... wire Like the can, the telephone picks up the voice of the person making the call It then transmits that voice over the copper wire medium to the receiving phone on the other end Just like the Cans ... see if your plan works Test if the right people are in the right place at the right time, and make sure they have all the resources they need to get the job done Testing the plan is the only...

Ngày tải lên: 22/10/2013, 16:15

... floor The third floor prepares the various courses by making the soup, tossing the salad, cooking the beef, and baking the pie Once all this is done they hand the food off to the fourth floor The ... gives the “Hello There” to the Application Layer of the protocol stack The Application Layer creates an empty packet and places the “Hello There” inside of it The Application Layer then sends the ... to it, then sends it to the next layer down the stack Once the packet reaches the bottom of the stack, it travels along the network wire to the remote host, then travels up the stack on the remote...

Ngày tải lên: 22/10/2013, 16:15

... and begin drafting a thesis from there Your thesis isn’t supported by your essay You have a thesis, but the body of your essay supports another (perhaps similar) idea This often happens when writers ... helps clarify your position Don’t stop reworking until your essay clearly and completely responds to the assignment 108 – REVISING: THE BIG PICTURE Rewording Your Thesis If your thesis isn’t clear, ... REVISING: THE BIG PICTURE Support That’s Directly Related to the Thesis As important as the amount of support is its relevance to the thesis What good are ten supporting paragraphs if they’re...

Ngày tải lên: 25/10/2013, 17:20

... the broadcast address of a local network In addition to doing this, the attacker also spoofs the source address of the request to be that of the victim The broadcast address then re-directs the ... the attacker spoofs the information in the echo request Instead of using the attacker’s machine as the source machine, the attacker uses the address of the target machine as the source address ... all the other hosts on that network, which then act as the agents for the attack Being good little agents, they want to reply to the request However the only information they have is the spoofed...

Ngày tải lên: 26/10/2013, 23:15

... users of the program This points to one of the classic tradeoffs in security: balancing the risks of an action against the benefits of that action We’ve all heard of the experiment where the mouse ... perspectives of both the merchant and the customer Some of these risks are unique to the on-line area while others are the same risks that we find in everyday life First, there is the risk of unauthorized ... that the risk of fraud is much higher on the Internet because of the nature of the relationship between the customer and the merchant Many Internet transactions are generally anonymous There...

Ngày tải lên: 26/10/2013, 23:15

... Detection - The Big Picture - SANS GIAC © 2000 32 When the Internet component of your business is earning several million dollars an hour, it’s easy to understand what the cost is of a few hours offline ... • There has to be a balance between the cost of improving protection and the value of what you are defending Intrusion Detection - The Big Picture - SANS GIAC © 2000 34 The threats are real The ... Picture - SANS GIAC © 2000 26 One of the threads we want to stay aware of during the course is whether or not the cost and effort of intrusion detection is “worth it” The staggering Acceptable Daily...

Ngày tải lên: 04/11/2013, 12:15

... too much into the glass? What happened? The foam and the beer spilled over the top of the glass, pouring down the side of the glass and spilling onto your table, your clothes, your keyboard and ... As they are discovered, the anti-virus vendors develop methods for detecting and removing them They then put these new methods into updates to their software and distribute them to users of their ... Security: The Big Picture - SANS GIAC © 2000 In response to the growing concern over privacy on the web, and the apparent lack of care that many organizations take to protect the privacy of their...

Ngày tải lên: 04/11/2013, 12:15

... • the amplitude is the height of the wave the distance from node to crest or node to trough the amplitude is a measure of how intense the light is – the larger the amplitude, the brighter the ... is proportional to the amplitude and frequency of the waves the larger the wave amplitude, the more force it has the more frequently the waves strike, the more total force there is Tro, Chemistry: ... brighter the light • the wavelength, (λ) is a measure of the distance covered by the wave the distance from one crest to the next or the distance from one trough to the next, or the distance between...

Ngày tải lên: 28/11/2013, 01:11

... Detection - The Big Picture - SANS GIAC © 2000 22 22 Deception Can Drive the Picture S S CIRT Meta CIRT S S CIRT S Intrusion Detection - The Big Picture - SANS GIAC © 2000 23 The point of this page ... to the raw data to verify or report the detect This is the more detailed log file, notice the rule that found the detect is displayed at the top Then summary information about the packet The ... - The Big Picture - SANS GIAC © 2000 15 You can get the full system as a time-limited evaluation version, and then simply upgrade the licence key to get the commercial version RealSecure’s biggest...

Ngày tải lên: 09/12/2013, 17:15

... users of the program This points to one of the classic tradeoffs in security: balancing the risks of an action against the benefits of that action We’ve all heard of the experiment where the mouse ... perspectives of both the merchant and the customer Some of these risks are unique to the on-line area while others are the same risks that we find in everyday life First, there is the risk of unauthorized ... that the risk of fraud is much higher on the Internet because of the nature of the relationship between the customer and the merchant Many Internet transactions are generally anonymous There...

Ngày tải lên: 09/12/2013, 17:15

... the broadcast address of a local network In addition to doing this, the attacker also spoofs the source address of the request to be that of the victim The broadcast address then re-directs the ... the attacker spoofs the information in the echo request Instead of using the attacker’s machine as the source machine, the attacker uses the address of the target machine as the source address ... all the other hosts on that network, which then act as the agents for the attack Being good little agents, they want to reply to the request However the only information they have is the spoofed...

Ngày tải lên: 10/12/2013, 14:16

... users of the program This points to one of the classic tradeoffs in security: balancing the risks of an action against the benefits of that action We’ve all heard of the experiment where the mouse ... perspectives of both the merchant and the customer Some of these risks are unique to the on-line area while others are the same risks that we find in everyday life First, there is the risk of unauthorized ... that the risk of fraud is much higher on the Internet because of the nature of the relationship between the customer and the merchant Many Internet transactions are generally anonymous There...

Ngày tải lên: 10/12/2013, 14:16

... too much into the glass? What happened? The foam and the beer spilled over the top of the glass, pouring down the side of the glass and spilling onto your table, your clothes, your keyboard and ... As they are discovered, the anti-virus vendors develop methods for detecting and removing them They then put these new methods into updates to their software and distribute them to users of their ... Security: The Big Picture - SANS GIAC © 2000 In response to the growing concern over privacy on the web, and the apparent lack of care that many organizations take to protect the privacy of their...

Ngày tải lên: 10/12/2013, 14:16

... attack other systems Of course, smap is not sendmail and just changing the banner from “smap” to “sendmail” will not fool the wise attacker The higher the fidelity of the honeypot, the greater the ... Detection - The Big Picture – SANS GIAC ©2000 11 The telnetd and the web demon are “real” They are compiled C code They simply simulate the services This could be important, since they might be ... • The end result could be to slow down the pace of attacks and increase arrests Intrusion Detection - The Big Picture – SANS GIAC ©2000 16 There are a number of reasons that you might want others...

Ngày tải lên: 10/12/2013, 14:16

... in the office by the phone • Fix the red “priority” problems first Intrusion Detection - The Big Picture – SANS GIAC ©2000, 2001 15 There is no point in configuring the scanner to hit all of your ... go get them another one! Take notes and label the notes of 1, of etc If possible, put all the evidence in a gallon size Ziplock bag Make a couple copies of a list of all the evidence, your notes, ... Most sectors of the country were affected The result of such a strategy is that nobody feels safe One of the most powerful capabilities of information warfare is to affect the will of the populace...

Ngày tải lên: 10/12/2013, 14:16

... There is more than just the initial outlay for the hardware and software There is maintenance, training, and the employees’ time Management knows the purchase is just the tip of the iceberg Their ... a big picture can we apply what we have learned to our real world environment? Intrusion Detection - The Big Picture – SANS GIAC ©2000, 2001 28 The real test of this course’s value is whether ... Intrusion Detection - The Big Picture – SANS GIAC ©2000, 2001 29 These are the primary situations that this section of the course has been tailored to meet Often, to satisfy these conditions you...

Ngày tải lên: 10/12/2013, 14:16

... they can log the attack, which allows the analyst to study the attributes of an attack In fact, personal firewalls and Small Office Home Office (SOHO) firewalls are becoming part of some of the ... As we move through the remainder of this section of the course, we will learn more about the tools and techniques used in network intrusion detection Most of these tools, whether for Unix or Windows, ... detailed log file Notice the rule that found the detect is displayed at the top Then summary information about the packet is given The trace begins with the content of the detect RPC (Remote Procedure...

Ngày tải lên: 10/12/2013, 14:16

... attack other systems Of course, smap is not sendmail and just changing the banner from “smap” to “sendmail” will not fool the wise attacker The higher the fidelity of the honeypot, the greater the ... the organization to discover the method and motives of the attacker Since the attacker believes that they are attacking a production system, they will open up their bag of tricks and reveal their ... open, or the SYN flag is set The system responds with “login” If the answer is either guest or root, the system moves to State In State it offers “Password” and if the password matches the list...

Ngày tải lên: 10/12/2013, 14:16

... once they compromise the box they have the ability to manipulate the addresses associated with the names of the network entities (such as computers) at your site These names and addresses are often ... consider the cost and the benefits before embarking on this journey You have spent the day learning about the big picture The real question is, can you explain it to your management? Can you show them ... Management: The Big Picture SANS ©2001 Information Risk Management - - SANS ©2001 25 These are the primary situations that this section of the course has been tailored to meet Often, to satisfy these...

Ngày tải lên: 10/12/2013, 14:16