Use your Facebook login and see what your friends are reading and sharing.
Dr. Anton Chuvakin's Documents
Security Incident Log Review Checklist by Anton Chuvakin and Lenny Zeltser
The log cheat sheet presents a checklist for reviewing critical system, network and security logs when responding to a security incident. It can also be used for routine periodic log review. It was authored by Dr. Anton Chuvakin and Lenny Zeltser.
Category:Internet & TechnologyReads:698Uploaded:03 / 07 / 2010ShareAdd to collectionLog Management for PCI Compliance [OLD] by Dr. Anton Chuvakin
The importance of effective and efficient log data management in payment networks cannot be underemphasized.
Category:Internet & TechnologyReads:376Uploaded:12 / 18 / 2009ShareAdd to collectionWhat do I really need to do to STAY compliant with PCI DSS?
This paper focuses not on how to become compliant or get validated for PCI DSS, but about how to stay compliant.
Category:Internet & TechnologyReads:414Uploaded:12 / 18 / 2009ShareAdd to collectionTop5 Log Analysis Mistakes - Second Edition by Dr. Anton Chuvakin
Since I wrote my log mistakes paper a few years ago, the domain of log analysis changed a lot. Many factors affected it; among those are new regulatory compliance requirements, wider adoption of “best practice” and governance frameworks such as ISO, COBIT and ITIL as well as new technologies with their log files. New standards, such as NIST 800-92 Guide [PDF], have been created. Thus, I am updating the article with newly committed mistakes as well as new perspectives on the old ones. This article, just like its predecessor, again covers the typical mistakes organizations make while approaching management of computer logs and other records produced by IT infrastructure components.
Category:Internet & TechnologyReads:406Uploaded:12 / 18 / 2009ShareAdd to collectionLogging "BrainBox" Short Article by Dr. Anton Chuvakin
Logging: WTH? Dr. Anton Chuvakin WRITTEN: 2008 DISCLAIMER: Security is a rapidly changing field of human endeavor. Threats we face literally change every day; moreover, many security professionals consider the rate of change to be accelerating. On top of that, to be able to stay in touch with such ever-changing reality, one has to evolve with the space as well. Thus, even though I hope that this document will be useful for to my readers, please keep in mind that is was possibly written years ago
Category:Internet & TechnologyReads:308Uploaded:12 / 18 / 2009ShareAdd to collectionInsider Attacks: The Doom of Information Security Methods to thwart insider attacks: products, techniques and policies
Summary: this report introduces the internal threat for information security. We consider insider attacks within the overall framework of information security and their difference from perimeter attacks, look at the developed solutions (technical, legal and psychological) and their inadequacies and outline proposals for the most effective countermeasures. We also study current trends in insider attacks.
Category:Internet & TechnologyReads:1,905Uploaded:12 / 17 / 2009ShareAdd to collectionOld Paper on Rootkits
UNIX Rootkits Technology Overview Anton Chuvakin, Ph.D., GCIA http://www.info-secure.org WRITTEN: 2003 DISCLAIMER: Security is a rapidly changing field of human endeavor. Threats we face literally change every day; moreover, many security professionals consider the rate of change to be accelerating. On top of that, to be able to stay in touch with such ever-changing reality, one has to evolve with the space as well. Thus, even though I hope that this document will be useful for to my readers, pl
Category:Internet & TechnologyReads:545Uploaded:12 / 17 / 2009ShareAdd to collectionHoneypot Essentials by Anton Chuvakin
The paper covers honeypot (and honeynet) basics and definitions and then outlines important implementation and setup guidelines. It also describes some of the security lessons a company can derive from running a honeypot, based on the author experience running a research honeypot. The article also provides insights on techniques of the attackers and concludes with considerations useful for answering the question “Should your organization deploy a honeynet?”
Category:Internet & TechnologyReads:572Uploaded:11 / 04 / 2009ShareAdd to collectionFive Mistakes of Incident Response by Anton Chuvakin
This article presents five mistakes that companies make regarding security incident response.
Category:Internet & TechnologyReads:396Uploaded:11 / 04 / 2009ShareAdd to collectionFive Mistakes Security Policy by Anton Chuvakin
This story presents five mistakes that companies commonly make when writing and implementing security policies. As simplistic as some of these sound, they happen often enough and cause heavy damage to companies’ bottom lines.
Category:Internet & TechnologyReads:333Uploaded:11 / 04 / 2009ShareAdd to collection
