Information Security News
Cybersecurity should be seen as an occupation, not a profession, report says
For direct examples of such a quandary, InfoSec needs only to look at the existing certification programs, and the criticisms directed that certifications such as the CISSP and C|EH. Once a certification is issued, the previously mentioned barriers ...
Survey: Analytics And Intelligence Being Used But Not Effectively
SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security ...
Personally, my "DNS Monitoring System" is a bunch of croned shell scripts and nagios, in desperate need of an overhaul. While working on a nice (maybe soon published) script to do this, I was wondering: What is everybody else using?
The script is supposed to detect DNS outages and unauthorized changes to my domains. Here are some of the parameters I am monitoring now:
- changes to the zone's serial number
- changes to the NS records (using the TLD's name servers, not mine)
- changes to MX records
- monitoring a couple critical A and AAAA records (like 'www').
In addition, for zones with DNSSEC enabled:
- does the signature expire soon?
- do all key signing keys have valid DS records with the parent zone?
- did the DS record change?
What else are you monitoring? What scripts / tools do you use to accomplish this?
Posted by InfoSec News on Sep 26http://www.nextgov.com/cio-briefing/wired-workplace/2013/09/cyber-pros-see-fisma-fallout/70790/
Posted by InfoSec News on Sep 26http://www.csoonline.com/article/740393/espionage-campaign-targeting-asian-supply-chains-uncovered
Posted by InfoSec News on Sep 26http://news.cnet.com/8301-33620_3-57604604-278/how-google-could-have-made-the-web-secure-and-failed-again/
Posted by InfoSec News on Sep 26http://www.theregister.co.uk/2013/09/26/icefog_hit_and_run_apt_japan_south_korea/
Posted by InfoSec News on Sep 26http://www.darkreading.com/attacks-breaches/destructive-attacks-on-oil-and-gas-indus/240161700