|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: The SANS Institute (NewsBites
sans.org)
Date: Fri Jun 13 2008 - 13:10:52 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*************************************************************************
SANS NewsBites June 13, 2008 Vol. 10, Num. 47
*************************************************************************
TOP OF THE NEWS
Lawmakers Say Attacks on Their Computer Systems Came From China
Second SCADA Vulnerability Disclosed
House Passes Intellectual Property Bill
Web Application Vulnerabilities on the Rise; Journalist Goes To Pen
Testing School
THE REST OF THE WEEK'S NEWS
LEGAL MATTERS
Three-and-a-Half Year Sentence in Newell Rubbermaid Botnet Conviction
Guilty Plea in Botnet DDoS Case
Man Draws 63-Month Sentence for Deleting Health Clinic Patient Data
HOMELAND SECURITY & GOVERNMENT SYSTEMS SECURITY
US Intelligence Community Warms Up to Intellipedia
POLICY & LEGISLATION
Experts Tell Senate Committee FTC Act Addresses Spyware Prosecution
Concerns
COPYRIGHT, PIRACY & DIGITAL RIGHTS MANAGEMENT
Virgin Media Teams Up With BPI to Warn Users on Illegal Downloading
WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
Video Viewing Software Changing Settings To Route Traffic Through
Attackers' Servers
Fix Available for OpenOffice Integer Overflow Vulnerability
Microsoft Issues Three Critical Bulletins; Apple Fixes QuickTime
Flaws
ATTACKS, INTRUSIONS, DATA THEFT & LOSS
Users Protest Download Speed Limits by Exposing ISP Customer
Account Info
Data Breach Exposed Cotton Traders' Customer Data
LIST OF UPCOMING FREE SANS WEBCASTS
*************************************************************************
TRAINING UPDATE
- - Wash. DC (7/22-7/31) (SANSFire 2008) http://www.sans.org/sansfire08
- - Singapore (6/30-7/5) http://www.sans.org/singapore08/
- - Boston (8/9-8/16) http://www.sans.org/boston08/
- - and in 100 other cites and on line any time: www.sans.org
*************************************************************************
TOP OF THE NEWS
--Lawmakers Say Attacks on Their Computer Systems Came From China
(June 12, 2008)
US Representative Frank R. Wolf (R-Va.) says that attacks starting in
August 2006 on several computers in his office have been traced to a
computer in China. Computers in other offices were attacked as well.
Rep. Wolf works extensively on behalf of human rights worldwide. The
attackers apparently gained access to information that includes the
locations and identities of Chinese dissidents and refugees Rep. Wolf
has worked with. Rep. Wolf and Representative Christopher H. Smith
(R.-NJ), who is also vocal about China's human rights violations, were
likely targeted because of their work. Attackers also targeted
computers at the House Foreign Affairs Committee. Rep. Wolf has called
for stronger cyber protection for government computers and cell phones.
A Chinese embassy spokesperson has denied responsibility for the
attacks.
http://www.washingtonpost.com/wp-dyn/content/article/2008/06/11/AR2008061102790_pf.html
http://www.nytimes.com/idg/IDG_852573C40069388048257466000851ED.html?partner=rssnyt&emc=rss&pagewanted=print
http://www.latimes.com/news/nationworld/politics/la-na-hackers12-2008jun12,0,6620466.story
http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=208403581
[Editor's Note (Pescatore): many of the recent claims of outages being
caused by Chinese attacks have been debunked. The reality is that if you
protect yourself, it doesn't matter who the attacker is. The federal
government has allocated millions for laptop encryption and other forms
of security protection - Rep. Wolf should be looking into why his
computers are not sufficiently protected before he starts worrying about
where attacks came from. Would it have been any different if the attack
came from a 14 year old in Perth Amboy, NJ?
(Northcutt): One of the keynotes at SANSFIRE (www.sans.org/sansfire08/)
is a detailed description by Maarten Van Horenbeck, an Internet Storm
Center handler. He has been analyzing these attacks for years and gained
unique insights into the origins of these attacks. If you are going to
SANSFIRE, this is a "must see" presentation.]
--Second SCADA Vulnerability Disclosed
(June 11 & 12, 2008)
A security flaw in CitectSCADA software could be exploited to take
remote control of systems using the vulnerable product. The software
is used in SCADA (Supervisory Control and Data Acquisition) systems in
a variety of industries that are part of national critical
infrastructures around the world. The flaw was discovered five months
ago, although a fix only recently became available. Theoretically,
SCADA systems should not be exposed to the Internet and so should pose
only a minor threat; however, in practice, corporate networks need to
connect to SCADA systems to collect data, leaving an avenue of attack
open. Another SCADA flaw, this one in InTouch SuiteLink monitoring
software, was disclosed in May.
http://www.technewsworld.com/story/Critical-Flaw-Left-Utilities-Vulnerable-to-Attack-for-5-Months-63364.html?welcome=1213304103
http://www.theregister.co.uk/2008/06/12/scada_vuln_discovered/print.html
http://www.kb.cert.org/vuls/id/476345
[Editor's Note (Skoudis): I think the recent SCADA vulnerabilities are
just the tip of the iceberg. We spent 15+ years scrubbing bugs out of
our TCP/IP stacks on Windows, Unix, and Linux. The Land vulnerability
and Ping of Death were discovered 11 and 12 years ago, respectively, and
periodically return due to vendor coding errors. In the SCADA realm,
I'm expecting to see a lot of flaws like those, but with much more
serious consequences given the nature of what SCADA systems are
controlling.
(Weatherford): Theoretically a bumblebee can't fly because its body is
too big for such small wings. Practically however, bumblebees do fly.
Practically, all kinds of SCADA systems are connected to the Internet
via the corporate network because managing these systems has evolved
from stand-alone environments. Discovering these vulnerabilities help
advance the notion that conducting vulnerability assessments against
SCADA systems is an absolute requirement...to the consternation of many
Luddites.
(Cole): SCADA systems were built under the premise of being protected
by complete separation. If you run SCADA systems, either you must
redesign your entire system or not let them be connected to any networks
that have outside connectivity. Even indirect connections to the
Internet pose a high risk to these systems.]
--House Passes Intellectual Property Bill
(June 11, 2008)
The US House of Representatives recently passed HR 4279, the
Prioritizing Resources and Organization for Intellectual Property Act
of 2008 (PRO- IP). The bill establishes a Property Enforcement Division
within the DOJ; amends federal copyright law to increase civil damages;
amends federal criminal code related to copyright infringement and
counterfeit packaging, and; creates ten new intellectual property
attaches to work with foreign governments to reduce counterfeiting and
piracy. The bill is not without controversy as it strongly favors large
content owners (RIAA, MPAA), levies increased domestic penalties, and
directs state and local law enforcement agencies to combat intellectual
property theft and infringement crimes.
http://www.washingtonwatch.com/bills/show/110_HR_4279.html
http://www.govtrack.us/congress/bill.xpd?bill=h110-4279
[Editor's Note (Schultz): This is a frightening development. If signed
into law, it will lead to an incredible number of "witch hunts"
resulting in seizure of equipment for marginal reasons.
(Northcutt): as an author I certainly appreciate protecting intellectual
property, however this could get out of hand. Looks like it will become
law though, 410 Ayes, 11 Nays:
http://www.govtrack.us/congress/bill.xpd?bill=h110-4279 ]
--Web Application Vulnerabilities on the Rise; Journalist Goes To Pen Testing School
(June 9, 2008)
More than half of the vulnerabilities that appear in the SANS Security
Alert email newsletter are web application vulnerabilities. Earlier
this year, GCN Senior editor Joab Jackson attended a SANS class in which
Kevin Johnson detailed some of the techniques he employs as a
penetration tester and along the way, explained why web applications
vulnerabilities are so plentiful. Operating systems have become more
secure over recent years, so cyber criminals had to find another vector
of attack. Most web applications are written by developers who lack
essential training in secure programming. Johnson also stressed the
importance of thinking like a hacker, particularly when it comes to
gathering information prior to an attack.
http://www.gcn.com/cgi-bin/udt/im.display.printable?client.id=gcn&story.id=46418
http://www.gcn.com/cgi-bin/udt/im.display.printable?client.id=gcn&story.id=46420
[Editor's Note (Siles and Paller): The situation is much worse than the
public statistics show. All the millions of custom web applications are
even more likely to be flawed than commercial applications.
(Paller): Application Pen Testing is one of the three fastest growing
career opportunities in security.
(Pescatore): Operating system vulnerabilities aren't really slowing down
all that much, but patching and the use of intrusion prevention
technologies have made those vulnerabilities harder to exploit. The real
reason web vulnerabilities seem to be on the rise is that phishing and
malware attacks have found that by compromising legitimate websites and
getting users to visit those compromised links is a way to get around
URL blocking that has been keeping people away from popup malicious web
sites. The web security gateway companies are seeing on the order of
half of all web malware downloads coming from compromised but legitimate
sites these days. It means web security gateways have to improve their
ability to block inbound malware - and not just simple signature based
AV, either. ]
********************** SPONSORED LINK *********************************
1) Upcoming SANS webcast on June 17 at 1pm EDT. Tool Talk Webcast: A
Million Little Pieces: Detecting Fraudulent Transactions, Register Today.
http://www.sans.org/info/29699
*************************************************************************
THE REST OF THE WEEK'S NEWS
LEGAL MATTERS
--Three-and-a-Half Year Sentence in Newell Rubbermaid Botnet Conviction
(June 11, 2008)
Robert Matthew Bentley has been sentenced to 41 months in prison for
surreptitiously recruiting corporate computers in Europe into a botnet.
Bentley will also serve three years of supervised release following
completion of his sentence and will pay US $65,000 in restitution. The
attack cost one of the victims, Newell Rubbermaid, more than US
$150,000. The amount of traffic generated by the malicious software
caused the network to stop functioning. Bentley and Gregory King (see
following story) were both caught in the FBI's Operation Bot Roast,
aimed at stopping the proliferation of botnets.
http://www.theregister.co.uk/2008/06/11/rubbermaid_botmaster_sentenced/print.html
--Guilty Plea in Botnet DDoS Case
(June 11, 2008)
Gregory C. King has pleaded guilty to two counts of transmitting code
to cause damage to protected computers. King admitted to using a botnet
to launch distributed denial-of-service (DDoS) attacks on the CastleCops
and KillaNet Technologies websites, causing as much as US $70,000 worth
of damage. He faces up to 20 years in prison and a fine of half a
million dollars, although his plea agreement could have him spend two
years in prison and pay restitution.
http://www.theregister.co.uk/2008/06/11/botherder_admits_to_ddos_assault/print.html
[Editor's Note (Northcutt): I remember the blog post when he was
arrested, scratched my head, you want a long happy life as a botmeister
and you attacked CastleCops? What is wrong with this picture:
http://www.castlecops.com/a6833-Botmasters_Take_Heed_%E2%80%93_You_Are_Being_Put_On_Notice.html ]
--Man Draws 63-Month Sentence for Deleting Health Clinic Patient Data
(June 9, 2008)
Jon Paul Oson has been sentenced to 63 months in federal prison for
intentionally damaging protected computers. Oson was also ordered to
pay more than US $400,000 in restitution to the organizations whose
computer networks he breached. Oson resigned from his position as a
network engineer and technical services manager for the Council of
Community Health Clinics (CCC) following a performance review he
believed reflected negatively on his work. Oson gained unauthorized
access to the CCC network several months after he resigned and performed
a number of malicious acts, including deleting patient data for the
North County Health Services Clinic.
http://sandiego.fbi.gov/dojpressrel/pressrel08/sd060908.htm
[Editor's Note (Northcutt): a recent blog post makes the point this could
serve as a lightning rod to trigger a HIPAA audit:
http://blogs.ittoolbox.com/security/connection/archives/more-hipaa-heat-to-come-19388 ]
HOMELAND SECURITY & GOVERNMENT SYSTEMS SECURITY
--US Intelligence Community Warms Up to Intellipedia
(June 10, 2008)
Although initially averse to the notion of using wikis and blogs, the
CIA eventually warmed to the idea. It became evident that the
technologies would allow for collaboration and discussion and
information sharing in an unprecedented way. Intellipedia uses wiki
technology, but was developed specifically for the intelligence
community. The technology allows members of the community to debate
ideas, and each entry is dated and attributable to whoever added the
information, so a clear record can be kept. It also eliminates the
concern when sending a file requiring a media player that the recipient
has the correct version of the correct player to view the content.
http://www.washingtontechnology.com/cgi-bin/udt/im.display.printable?client.id=washingtontechnology_daily&story.id=32940
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyId=17&articleId=9095638&intsrc=hm_topic
[Editor's Note (Pescatore): The intelligence community has been through
this before. Intelink was an early example of using Intranet web
technology to foster information sharing and collaboration outside of
the rigid lines of command and control in the Intelligence community.
It proved that unless you change the processes, just adding the
technology doesn't change much.]
POLICY & LEGISLATION
--Experts Tell Senate Committee FTC Act Addresses Spyware
Prosecution Concerns
(June 12, 2008)
Experts speaking before the Senate Commerce, Science and Transportation
Committee warned legislators working on anti-spyware laws not to define
the technology too narrowly because criminals would simply devise new
methods that fall outside of the legal definition's purview. The
members of the panel were in agreement that the Federal Trade Commission
Act's broad definition of unfair and deceptive practices has been
effectively used in court to prosecute spyware cases.
http://www.gcn.com/cgi-bin/udt/im.display.printable?client.id=gcn_daily&story.id=46447
COPYRIGHT, PIRACY & DIGITAL RIGHTS MANAGEMENT
--Virgin Media teams Up With BPI to Warn Users on Illegal Downloading
(June 7 & 10, 2008)
Virgin Media plans to send letters to households where those using its
broadband services are believed to be downloading music illegally or
making pirated versions of music files available for sharing. The
customers will also receive a more strongly worded missive from BPI, but
the customers' personal information will not be given to BPI. The move
comes as part of a joint effort between Virgin Media and the British
Phonographic Industry (BPI). BPI would like to see a three-strike
policy implemented. Users would get three warnings for illegal
downloading and then have their Internet service cut off. Virgin Media
prefers to take a more measured approach, first assuring that its
customers are aware of the music piracy problem.
http://www.independent.co.uk/life-style/gadgets-and-tech/news/virgin-warns-illegal-downloaders-stop-or-face-prosecution-842086.html?service=Print
http://www.heise-online.co.uk/security/Virgin-Media-partners-with-BPI-to-control-piracy--/news/110893
WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
--Video Viewing Software Changing Settings To Route Traffic Through
Attackers' Servers
A new Trojan horse masquerading as a video "codec" required to view
content on certain Web sites tries to change key settings on the
victim's Internet router so that all of the victim's Web traffic is
routed through servers controlled by the attackers. Recent versions of
the ubiquitous "Zlob" Trojan will check to see if the victim uses a
wireless or wired hardware router. If so, it tries to guess the password
needed to administer the router by consulting a built-in list of default
router username/password combinations. If successful, the malware alters
the victim's domain name system (DNS) records so that all future traffic
passes through the attacker's network first.
http://blog.washingtonpost.com/securityfix/2008/06/malware_silently_alters_wirele_1.html
--Fix Available for OpenOffice Integer Overflow Vulnerability
(June 11, 2008)
A fix is available for an integer overflow flaw in a memory allocation
function of OpenOffice that could be exploited to inject malicious code.
The vulnerability affects versions 2.0 to 2.4 of OpenOffice; users are
urged to upgrade to version 2.4.1. There is no workaround available,
and there is no evidence that the flaw is being actively exploited.
http://www.theregister.co.uk/2008/06/11/openoffice_update/print.html
http://www.openoffice.org/security/cves/CVE-2008-2152.html
[Editor's Note (Cole): Behavioral based HIPS and SIEM solutions will not
prevent attacks but will help limit exposure and give insight into
potential problem areas across a corporate network. ]
--Microsoft Issues Three Critical Bulletins; Apple Fixes QuickTime Flaws
(June 10, 2008)
On Tuesday, June 10, Microsoft issued seven security bulletins,
including three with maximum severity ratings of critical. The first
critical bulletin addresses cross-domain and memory corruption flaws in
Internet Explorer. Applying this patch is especially important because
details of the cross-domain flaw have been available for several months.
The second bulletin addresses a flaw in the Windows Bluetooth
implementation that could be exploited to execute malicious code. The
third of the critical bulletins addresses flaws in DirectX components.
Apple also issued a fix this week to address five flaws in QuickTime;
fixes are available for Windows and Mac OS X. Neither company released
a fix for a recently publicized blended threat that affects Windows
users running Apple's Safari web browser.
http://www.theregister.co.uk/2008/06/10/microsoft_and_apple_security_patches/print.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9095958&source=rss_topic17
http://www.gcn.com/online/vol1_no1/46444-1.html?topic=security&CMP=OTC-RSS
http://www.eweek.com/c/a/Security/QuickTime-Update-Plugs-More-Holes/
http://www.microsoft.com/technet/security/Bulletin/MS08-jun.mspx
[Editor's Note (Skoudis): I remember reading last month that Apple had
completely restructured Quicktime's internal architecture to make it
more secure. Looks like they still have a lot of implementation flaws
to clean up despite the new architecture. And, the finger pointing
between Apple and Microsoft in the Safari on Windows issue is very
disheartening. Either side could fix the flaw, but instead chooses to
blame the other. Nice.
(Grefer): Users of Mozilla Firefox in combination with the NoScript add-
on are not subject to cross-domain scripting, unless they instruct the
software to permit it.
http://www.mozilla.com/firefox/
https://addons.mozilla.org/en-US/firefox/addon/722
http://noscript.net/]
ATTACKS, INTRUSIONS, DATA THEFT & LOSS
--Users Protest Download Speed Limits by Exposing ISP Customer
Account Info
(June 11, 2008)
Belgian Internet customers frustrated with the limit Belgacom placed on
download speeds posted account details on about 2,000 of the Belgian
ISP's customers to the Internet. Belgacom did not publicize the breach,
but says it sent letters to affected customers, recommending that they
change their passwords.
http://www.theregister.co.uk/2008/06/11/security_breach_at_belgacom/print.html
--Data Breach Exposed Cotton Traders' Customer Data
(June 10, 2008)
UK clothing company Cotton Traders has acknowledged that an attack on
its website in January exposed customer information. The compromised
data include addresses and encrypted credit card information. The
institutions that issued the cards were notified of the breach and the
majority of the cards were blocked and replaced with new ones. Police
are investigating the incident. The breach is believed to affect as
many as 38,000 people.
http://news.bbc.co.uk/2/hi/technology/7446871.stm
UPCOMING SANS WEBCAST SCHEDULE
Tool Talk Webcast: A Million Little Pieces: Detecting Fraudulent Transactions
WHEN: Tuesday, June 17, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Brian Contos
http://www.sans.org/info/28729
Sponsored By: ArcSight http://www.arcsight.com/
Today's business is digital across the board, relying on digital
processes, communications, assets, and commerce. This has spawned a
massive increase in fraud. We read about it nearly every week, and in
almost every case, the problem seems obvious in hindsight. Societe
Generale, with $7 billion in trading fraud, is the current poster child.
Too often, fraud could have been detected and stopped if only someone
noticed the connection between several activities, each of which was
fine in isolation. Taken together, however, they paint a picture of
fraud.
SANS Special Webcast Series: Security Insights with Dr. Eric Cole
This month's topic: Information Security Priorities for the SMB
WHEN: Wednesday, June 18, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Dr. Eric Cole
http://www.sans.org/info/28734
SMBs need IT security solutions that are easy to adopt and maintain.
How are small and medium-size businesses (SMBs) adopting, using, and
managing IT security technologies, including security information
management (SIM), network security, intrusion prevention, application
security, content filtering, and network access control (NAC)? Leading
areas of focus for SMB security programs are data security and business
continuity, followed by application security and access control to
support partners and channels as their business grows. While these
issues are not unlike those facing larger enterprises, SMBs must
prioritize their security program most carefully to avoid costly
pitfalls. Undiscovered security threats that slow down the large
enterprise can cause the SMB to close its doors if they are not prepared
for risk avoidance.
SANS Special Webcast: Endpoint Security: Point- Solution or Protection
Platform
WHEN: Tuesday, June 24, 2008 at 3:00 PM EDT (1900 UTC/GMT)
FEATURING: Stephen Northcutt and Dan Teal
https://www.sans.org/webcasts/show.php?webcastid=91963
Sponsored By: CoreTrace http://www.coretrace.com/
Join SANS President Stephen Northcutt as he reviews the key features in
endpoint security that really matter, how to shop for the best products,
and why implementing defense in depth on your organization's endpoint
is a best practice.
SANS Special Webcast: Top 10 Oracle Security Risks
WHEN: Wednesday, June 25, 2008 at 3:00 PM EDT (1800 UTC/GMT)
FEATURING: Tanya Baccam
https://www.sans.org/webcasts/show.php?webcastid=91968
This keynote is an introduction to some of the Oracle Database risks
that exist, and highlights the "Top 10" critical areas that should be
checking when conducting an Oracle database audit.
Ask the Expert: Lessons from the Frontline: Avoiding Costly Breach
Investigation Mistakes and Downtime
WHEN: Thursday, June 26, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Ed Skoudis
http://www.sans.org/info/28754
Sponsored By: Mu Security http://www.mudynamics.com/
This webcast will discuss some of the most egregious mistakes made by
enterprises and network operators who have suffered costly and/or
embarrassing security breaches.
The Editorial Board of SANS NewsBites
Eugene Schultz, Ph.D., CISM, CISSP is CTO of High Tower Software and the
author/co-author of books on Unix security, Internet security, Windows
NT/2000 security, incident response, and intrusion detection and
prevention. He was also the co-founder and original project manager of
the Department of Energy's Computer Incident Advisory Capability (CIAC).
John Pescatore is Vice President at Gartner Inc.; he has worked in
computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and currently serves
as President of the SANS Technology Institute, a post graduate level IT
Security College, www.sans.edu.
Johannes Ullrich is Chief Technology Officer of the Internet Storm
Center.
Howard A. Schmidt served as CSO for Microsoft and eBay and as Vice-Chair
of the President's Critical Infrastructure Protection Board.
Ed Skoudis is co-founder of Intelguardians, a security research and
consulting firm, and author and lead instructor of the SANS Hacker
Exploits and Incident Handling course.
Tom Liston is a Senior Security Consultant and Malware Analyst for
Intelguardians, a handler for the SANS Institute's Internet Storm
Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS
Institute. He has written five books, including Insider Threat and he
is a senior Lockheed Martin Fellow.
Bruce Schneier has authored eight books -- including BEYOND FEAR and
SECRETS AND LIES -- and dozens of articles and academic papers. Schneier
has regularly appeared on television and radio, has testified before
Congress, and is a frequent writer and lecturer on issues surrounding
security and privacy.
Mason Brown is one of a very small number of people in the information
security field who have held a top management position in a Fortune 50
company (Alcoa). He is leading SANS' global initiative to improve
application security.
Marcus J. Ranum built the first firewall for the White House and is
widely recognized as a security products designer and industry
innovator.
Mark Weatherford, CISSP, CISM, is Executive Officer of the California
Office of Information Security and Privacy Protection.
Alan Paller is director of research at the SANS Institute
Clint Kreitner is the founding President and CEO of The Center for
Internet Security.
Rohit Dhamankar is the Lead Security Architect at TippingPoint, a
division of 3Com, and authors the critical vulnerabilities section of
the weekly SANS Institute's RISK newsletter and is the project manager
for the SANS Top20 2005 and the Top 20 Quarterly updates.
Koon Yaw Tan is Assistant Director at Monetary Authority of Singapore
(MAS) and a handler for the SANS Institute's Internet Storm Center.
Gal Shpantzer is a trusted advisor to several successful IT outsourcing
companies and was involved in multiple SANS projects, such as the E-
Warfare course and the Business Continuity Step-by-Step Guide.
Brian Honan is an independent security consultant based in Dublin,
Ireland.
Roland Grefer is an independent consultant based in Clearwater, Florida.
Please feel free to share this with interested parties via email, but
no posting is allowed on web sites. For a free subscription, (and for
free posters) or to update a current subscription, visit
http://portal.sans.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
iEYEARECAAYFAkhSqSwACgkQ+LUG5KFpTkZEfQCeNZGNNo3ZvD0ic1qKWZo5xAF6
89MAoI+8eGz7J40EMFQKz4SgQrjfsJum
=sAhS
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]