I started using a passive network sniffer on the network backbone to show the frequency if any of remote access attempts and probes, I quickly realize that “Software Company” it’s at risk.

Why “Software Company” would want to perform this type of risk assessment?

Computer crime will cost a company thousands of dollars, this price not includes loss of business when public finds out “Software Company” information was compromise. Yet companies still drag their feet on proactive physical and network security. I can stress enough how important security is, not only that business reputation, revenue and profits will be impact, especially if there’s a widespread report that your information has been compromised.

After my initial check with a network sniffer, I generated a risk report by using a high-profile tool to attack your network from the outside and found plenty of the recommended security layers of protection in place.

Firewalls, email filtering, IDS, and IDP systems protect the perimeter and critical network segments.  Hardened servers, anti-malware and carefully managed access controls protect individual devices as deperimeterization increases.

But these controls are ineffective for the most part, activity, of successful or unsuccessful, that indicates that one or more controls might have failed was visible. This kind of information was easily access in large part by security log management. Security logs contain information relevant to security management are generated by many sources, including:

• Firewalls
• Intrusion detection and prevention systems
• Anti-malware systems, especially centrally managed solutions with aggregated reporting
• Operating systems
• Switches
• Routers
• Workstations
• Applications

We recommend that administrators read looks on a daily basis and not wait until there’s a security incident and have them check for:

• Password hacking
• Large numbers of login failures
• Malware attacks
• Port scans
• Denial of service attacks
• Excessive errors on network devices

• Policy violations
• Fraudulent activities
• Operational problems
• Regulatory compliance issues
• Ensure all antivirus software at all points of entry is updated regularly.
• Require all desktops have antivirus detection
• Scan all files on command or access
• A provision against downloading files from the Internet
• Assign each staff member a virus or form of attack to research and monitor.
• Require that at least one member of your staff attend a security conference.
• Make sure you’re familiar with what sort of support and help your antivirus vendor offers. Most offer some advice and support for top-tier customers.
• Create an outbreak checklist that delineates how your staff will recover after an outbreak, The checklist should outlines each step needed to mobilize your staff during an outbreak and how to update servers within 90 minutes.

The challenges to log review can be overwhelming to many businesses.  Logs are continuously growing, are located in many silos, and the staffing and skills necessary to make sense from all the information collected is unavailable.  Security Log Management helps with the process of aggregating, correlating, and reacting to information captured in logs across an enterprise.

Recommendations are as follow,

Implementing the right log management solution, whether in-house or from a managed security services provider, is the best way to ensure log analysis provides the best picture of network activity. Log management is an essential part of any security program.  Without the visibility it provides, a security manager lacks the ability to proactively address potential weaknesses in security controls—while reacting blindly to security incidents.

Implement an offsite backup solution, and test it on the regular basis. You want to test how long it takes for a full backup and incremental backups to be perform, you want to test a full data recovery time and check after the restore if the data is intact or no loss of data is found.

Physical security is very important, only authorize, trained personnel need to have access to the machines and or data. Make them sign a network user agreement.

The product is free and can be downloaded by anyone using a genuine copy of Windows from the Security Essentials website. Versions are available for Windows XP, Vista, and 7. No registration is required and the software can be installed on any number of PCs without restrictions.

Security Essentials takes over from Windows Live OneCare, a commercial offering that was phased out in June. Although Security Essentials is free, it will not be installed with Windows or provided as an automatic update. That’s probably a wise move: automatic installations could clash with existing anti-virus software. It would also attract unwanted attention from anti-trust regulators, especially in the EU.

The big question: is Security Essentials any good? I’m testing it now and will report back soon.

Links: Microsoft Security Essentials website

Have you tried Security Essentials? What did you think? What’s the best anti-virus software you’ve found? Or are they all awful?!

If you need to break into a password protected computer, one without a lock out timer or a security subsystem that looks for attacks. You simply need a program that performs a dictionary attack against the password, trying every possible combination.

If the dictionary attack fails, the next step is to try words with numbers, and eventually it will work. It might take hours or even days but it will work.

You will be surprise how many people use big word as passwords and think that it can’t be hacked.

If you have the money, you need to try The Crowbar, I found it to be a powerful and subtle device. You can use it to crack security on a handheld device without alerting the owner that the device’s security has been compromise.

If you need to hack an MMC/SC card, this is the perfect tool.

Performances and use I give it a A, price is a bit high at $2,300

For more information

Cybersolutions.mantech.com

• Check for and remove viruses
• Get rid of junk on your hard disk
• Improve your PC’s performance

Windows Vista users, try the Windows Vista edition of the scanner.

Firefox users: see the special instructions for running the scanner using Firefox.

Fix specific PC issues

Use the full service scan to check everything. To help fix particular problems on your PC, turn to the individual scanners below.