AuditNet^® Audit-library::Auditnet-information-security

Layer Seven Security -Layer Seven Security specialize in SAP security. The company serves customers across the globe to protect SAP systems against internal and external threats and comply with industry and statutory reporting requirements. We fuse technical expertise with business acumen to deliver unparalleled implementation, consulting & audit services targeted at managing risks in contemporary SAP systems.

NIST Security Guides

Guide to NIST Information Security Documents

Guide for Assessing the Security Controls in Federal Information Systems

Guidelines on Cell Phone Forensics  provides general principles and technical information to aid organizations in developing appropriate policies and procedures for preserving, acquiring, and examining digital evidence found on cell phones, and for reporting the results. Cell phones are an emerging but rapidly growing area of computer forensics. The publication also explains the relationship between key aspects of cell phone technology and the operation and use of available forensic tools.

Cell Phone Forensics Cell Phone Forensic Tools: An Overview and Analysis Update, provides an overview of current forensic software tools designed for the acquisition, examination, and reporting of data residing on cellular handheld devices. It is a follow-on publication to NISTIR 7250, which originally reported on the topic, and includes several additional tools. The publication reviews the capabilities and limitations of each tool in detail through a scenario-based methodology.

Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.1.3 describes XCCDF, which is a standardized XML format that can be used to hold structured collections of security configuration rules for a set of target systems. The XCCDF specification is designed to provide automated testing and scoring that can support FISMA compliance and other efforts. NIST IR 7275 specifies the data model and Extensible Markup Language (XML) representation for version 1.1.3 of XCCDF; the previous revision of NIST IR 7275 addressed version 1.1 of XCCDF

Draft SP 800-44 version 2, Guidelines on Securing Public Web Servers

Draft SP 800-46 version 2, User's Guide to Securing External Devices for Telework and Remote Access

Prioritizing IT Controls for Effective, Measurable Security

Information Security Handbook: A Guide for Managers , October 2006 from NIST - This Information Security Handbook provides a broad overview of information security program elements to assist managers in understanding how to establish and implement an information security program.

National Security Institute

N.I.S.T. Computer Security Institute

CSO Online - magazine for Chief Security Officers

Security Risk Management Guide from Microsoft

Articles on Security

From NII Consulting

MS Office Security SecurityFocus Infocus article, August 2006
This article discusses Microsoft Office's OLE Structured Storage and the nature of recent dropper programs and other exploit agents, in an effort to scrutinize the workings of some of the recent MS Office exploits. The second part of this article then collates some forensic investigation avenues through different MS Office features. Parts of the article sample different MS Office vulnerabilities to discuss their nature and the method of exploitation.

Dissecting NTFS Hidden Streams Forensic Focus article, July 2006
This article discusses Alternate Data Streams feature of the NTFS filesystem. It underlines the importance of this feature from a hacker's perspective and a forensic investigator's perspective.

Five Common Web Application Vulnerabilites SecurityFocus Infocus article, May 2006
This article looks at five common Web application attacks, primarily for PHP applications, and then presents a short case study of a vulnerable Website that was found using Google and was easily exploited.

Key Strategies for Implementing ISO 27001 The IIA's ITAudit article, February 2006
This article brings to light various strategies involved in implementing ISO 27001 - from identifying business objectives to preparing for the final audit.

Evading NIDS, revisited SecurityFocus Infocus article, December 2005
This article discusses IDS evasion techniques in addition to the frag3 preprocessor and fragment reassembly in a multihost environment.

SQL Server Security The IIA's ITAudit article, March 2005
This is the first part of a two-part article that discusses securing the SQL Server. It covers secured SQL Server installation from an IT Auditor's perspective.

Penetration Testing of IPSec VPNs SecurityFocus Infocus article, Feb 2005
This article discusses a methodology to assess the security posture of an organization's IPsec based VPN architecture. It discusses blackbox penetration testing of a VPN server, and then a full configuration and architecture review.

Metasploit Framework - 3 parts SecurityFocus Infocus article, 12th July 2004
This is a three part article that talks in-depth about the Metasploit Framework - installation, configuration, and development of custom exploits using the framework.

Common security vulnerabilities in e-commerce systems SecurityFocus Infocus article, 27th April 2004
This article discusses common attacks and vulnerabilities in e-commerce shopping cart systems, with reference to SecurityFocus vulnerability reports where relevant.

Auditing Oracle Security The IT Audit, Vol. 7, April 15, 2004
This article discusses various aspects of Oracle security that must be considered, including secured installation, initialization parameters, users and profiles, roles, object and system privileges, logging, listener security, etc.

Detection of SQL Injection and Cross-site Scripting Attacks SecurityFocus Infocus article, 18th March 2004
This article discusses techniques to detect SQL Injection and Cross Site Scripting (CSS) attacks against your web applications using regular expressions with the open-source IDS, Snort

Audit and Penetration testing links

• http://www.geschonneck.com/security/audit.html - A large collection of security and pen testing links
• http://theory.lcs.mit.edu/~rivest/crypto-security.html - Collection of links on the MIT site, very informative.
• http://nationalhomelandsecurityknowledgebase.com - The National Homeland Security Knowledge Base.

Lotus Notes Security

• A guide to developing secure Domino applications
• The Domino Defense: Security in Lotus Notes and Internet
• Lotus IT Central Security Zone
• Lotus Notes and Domino Reduce the Risks of Virus Attacks
• How to secure a Lotus Domino-Server connected to the Internet
• Check out the security of your Lotus Domino-Server
• undermining Lotus Notes
• Lotus Notes Vulnerabilities
• Falling Dominos FAQ 1.0
• Locking Down a Lotus Domino Server
• Lotus Notes and Domino Security: An Overview of Authentication and Access Control
• Lotus Notes Audit
• The Domino Defense: Security in Lotus Notes 4.5 and the Internet
• Lotus Notes and Domino R5.0 Security Infrastructure Revealed
• ID Password Recovery (IPR) is a tool for recovering passwords on Lotus Notes ID files. It does this by guessing passwords you supply in a dictionary file.
• AppDetective™ for Lotus Domino is a network-based, penetration testing/vulnerability assessment scanner that locates and assesses the security strength of database and groupware applications within your network.
• Lodowep is a tool for analyzing password strength of accounts on a Lotus Domino webserver system.

Wireless Security

• IEEE 802.11Wireless
• Wireless Networking Reference - Security
• Firewall Guide Wireless Routers
• GPRS Wireless Security: Not Ready For Prime Time
• Wireless networks a "hacker"s playground
• Dolphin is a FREE, fully operational, wireless security solution
• Papers about 802.11 Security Vulnerabilities
• Intercepting Mobile Communications: The Insecurity of 802.11
• The Unofficial 802.11 Security Web Page
• SANS - Wireless Access Security Issues
• Wireless LAN Security FAQ
• Wireless Firewall Gateway White Paper
• The Deployment of a Wireless Network in a Hostile Environment
• Wireless Security Blackpaper
• Security Considerations for Wireless Networks (WLAN, IEEE802.11) BSI (german)
• Default Wireless Configurations
• Bluetooth
  • Bluetooth Security
  • btscanner is a tool designed specifically to extract as much information as possible from a Bluetooth device without the requirement to pair.
  • BlueAlert for Windows will provide visual, pop-up notifications of Bluetooth devices in range from your PC.
  • Redfang v2.5 is an enhanced version of the original application that finds non-discoverable Bluetooth device
  • Bluesniff is proof of concept code for a bluetooth wardriving utility.
• Wardriving Tools
  • wtf is wardriving?
  • Wirelass Security Auditor (WSA) written for Linux on the iPAQ.
  • wlandump (linux-wlan™ Project) Wardriving tool
  • AIRsnort is a wireless LAN (WLAN) tool which cracks encryption keys on 802.11b WEP networks. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.
  • WEPcrack is a tool that cracks 802.11 WEP encryption keys using the latest discovered weakness of RC4 key scheduling.
  • Wireless Access Points and ARP Poisoning (Article on BugTrag) (Pdf)
  • Wardriving.com (Informations and Links)
  • APTools is a utility that queries ARP Tables and Content-Addressable Memory (CAM) for MAC Address ranges associated with 802.11b Access Points.
  • dstumbler from Dachb0den Labs is a wardriving/netstumbling/lanjacking utility for bsd
  • bsd-airtools is a package that provides a complete toolset for wireless 802.11b auditing.
  • NetStumbler is a Windows utility for 802.11b based wireless network auditing written by Marius Milner.
  • WaveStumbler WaveStumbler is console based 802.11 network mapper for Linux. It reports the basic AP stuff like channel, WEP, ESSID, MAC etc. It has support for Hermes based cards (Compaq, Lucent/Agere, ... )
  • Kismet a curses based Linux auditor and stumbler
  • ApSniff is a wireless (802.11) access point sniffer
  • wardriving tools
  • Warchalking Collaboratively creating a hobo-language for free wireless networking. ;)
  • Distributed Wireless Security Auditor from IBM Research
  • Wireless PCMCIA Card Database
  • The first Worldwide Wardrive took place between 31 August and 7 September 2002.
  • Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points.
  • AirTraf is a very cool Linux based AccessPoint scanner
  • List of WirelessSniffers
  • ssidsniff - A nifty tool to use when looking to discover access points and save captured traffic.
  • WifiScanner is a tool that has been designed to discover wireless node (i.e access point and wireless clients).