NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY 09/16/04 Today's focus: Digital forensics, Part 2
Dear [EMAIL PROTECTED], In this issue: * Today's computer criminals, and ways to defend yourself * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Cisco IP Communications represents a major opportunity for businesses large and small. By eliminating the need to maintain separate telephone and data infrastructures, extraordinary benefits are often achieved. For information on the union of telephony and data on a single physical network and the security issues involved see the Special Report IP Telephony Security: http://www.fattail.com/redir/redirect.asp?CID=81188 _______________________________________________________________ A New Network World Technology Tour Event - VoIP : The New Age Begins VoIP: It's here. No longer the future of telephony, it's the new business reality. And the key question now is "how." The answers are at this new Technology Tour Event coming to Houston 9/21, Chicago 9/21, Palo Alto 9/23 and Philadelphia on 9/29. Click, qualify and attend FREE! http://www.fattail.com/redir/redirect.asp?CID=81176 _______________________________________________________________ Today's focus: Digital forensics, Part 2 By M. E. Kabay A journalist from South Africa recently wrote to me with a series of interesting questions about forensics and I had such fun answering that I got his permission to post his questions and my answers in the last column and this one. The journalist wrote, "Who's doing the computer crimes?" No one is very sure about that. There is no centralized reporting system where everyone is required to register attacks on their computers. All published research suffers from difficulties of ascertainment because of self-selection of those who respond to questions. In addition, we know from historical records that some crimes are not noticed until much later, if at all. Up until recent years, it has been a dogma in the information security field that most computer crimes (i.e., crimes against computers as targets and crimes using computers as tools) were perpetrated by employees authorized to use the systems they attacked or damaged. However, the enormous growth of the Internet has changed the views of some experts, myself included, so that we guess that we have probably crossed the boundary now and have more crimes committed by outsiders than by insiders. In general, motivations for computer crimes fall into three major categories: * Vandalism * Voyeurism * Greed What little research there is suggests that there is no one personality type or demographic absolutely tied to any of these categories. For example, vandals who launch denial-of-service attacks do include children with no ulterior motive, but they may also include adults attempting to extort money in a kind of modern protection racket. Similarly, there are teenagers who break into systems for fun; others are beginning to do so for-profit. Some people spreading lies on the Internet have done so simply out of free-floating ill will; however, quite a number have been involved in pump-and-dump schemes designed to drive the prices of selected stocks up or down so they could make illicit profits. "How can ordinary users protect themselves from being used as stooges for online scams?" First - and I hope you will stress this - don't give out confidential or private information to strangers. Don't give people who call you on the phone your bank information or your credit card numbers - no matter how convincing they sound. Don't reveal passwords to anyone: no official will ever need to know your password - they can get their work done in other ways or they can reset your password to a temporary value that will then force you to assign a new secret password that nobody else knows. Second, install an effective anti-virus program and configure it to update itself automatically every day. Third, install a personal firewall on your computer; a simple but effective free firewall is available from Zone Labs. When the firewall asks you if a program can access the Internet, answer "no" unless you know exactly which program it is and why it wants to reach outside your computer. Similarly, if the firewall asks you if someone can access your computer from the Internet, answer "no" unless there is a very good reason for saying yes and you are absolutely sure you know what you are doing. RELATED EDITORIAL LINKS Relocation services firm digs out worms Network World, 09/13/04 http://www.nwfusion.com/news/2004/091304sirva.html Vendors unveil new security lines of defense Network World, 09/13/04 http://www.nwfusion.com/news/2004/091304security.html _______________________________________________________________ To contact: M. E. Kabay M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Division of Business and Management at Norwich University in Northfield, Vt. Mich can be reached by e-mail <mailto:[EMAIL PROTECTED]> and his Web site <http://www2.norwich.edu/mkabay/index.htm>. A Master's degree in the management of information assurance in 18 months of study online from a real university - see <http://www3.norwich.edu/msia> _______________________________________________________________ This newsletter is sponsored by SBC Gimme Shelter! Converged Services Spell Relief For Beleaguered Network Managers Switched IP networks are rapidly becoming the corporate communications architecture of choice. By converging voice, data and video onto IP telephony platforms and Virtual Private Networks, enterprises can supply bandwidth when and where end users need it, while significantly lowering administrative and equipment costs. Click here to download this Whitepaper now http://www.fattail.com/redir/redirect.asp?CID=81132 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE ACCESS NW'S IN-DEPTH REPORT ON: BLADE SERVERS Available now is Network World's Technology Insider on: Blade Servers. Find out why early adopters of blade server technology say the benefits aren't science fiction, how blade servers differ by vendor, why blade servers are perfectly suited for today's data centers, review our extensive blade server buyer's guide and more. Click here: <http://www.nwfusion.com/nlsec592> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED] ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> <a href=http://English-12948197573.SpamPoison.com>Fight Spam! Click Here!</a> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
