Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

CSAM 2013

2013-10-15Rob VandenBrinkCSAM: Microsoft Logs - NPS and IAS (RADIUS)
2013-10-10Mark HofmanCSAM Some more unusual scans
2013-10-09Johannes UllrichCSAM: SSL Request Logs
2013-10-02Johannes UllrichCSAM: Misc. DNS Logs

CSAM

2014-10-09/a>Johannes UllrichCSAM: My servers started speaking IRC, and that is when I started to listen!
2014-10-06/a>Johannes UllrichCSAM: Patch and get pw0ned (not OR).
2014-10-03/a>Johannes UllrichCSAM: The Power of Virustotal to Turn Harmless Binaries Malicious
2014-10-02/a>Johannes UllrichCSAM: My Storage Array SSHs Outbound!
2014-09-22/a>Johannes UllrichCyber Security Awareness Month: What's your favorite/most scary false positive
2013-10-18/a>Rob VandenBrinkCSAM - Why am I seeing DNS Requests to IANA.ORG in my Firewall Logs?
2013-10-15/a>Rob VandenBrinkCSAM: Microsoft Logs - NPS and IAS (RADIUS)
2013-10-10/a>Mark HofmanCSAM Some more unusual scans
2013-10-09/a>Johannes UllrichCSAM: SSL Request Logs
2013-10-08/a>Johannes UllrichCSAM: ANY queries used in reflective DoS attack
2013-10-02/a>Johannes UllrichCSAM: Misc. DNS Logs
2012-10-30/a>Mark HofmanCyber Security Awareness Month - Day 30 - DSD 35 mitigating controls
2012-10-23/a>Rob VandenBrinkCyber Security Awareness Month - Day 23: Character Encoding Standards - ASCII and Successors
2012-10-11/a>Rob VandenBrinkCyber Security Awareness Month - Day 11 - Vendor Agnostic Standards (Center for Internet Security)
2012-10-09/a>Johannes UllrichCyber Security Awreness Month - Day 9 - Request for Comment (RFC)
2012-10-06/a>Manuel Humberto Santander PelaezCyber Security Awareness Month - Day 6 - NERC: The standard that enforces security on power SCADA
2012-10-04/a>Johannes UllrichCyber Security Awareness Month - Day 4: Crypto Standards
2012-10-03/a>Kevin ShorttCyber Security Awareness Month - Day 3 - Standard Sudo - Part One
2011-10-26/a>Rick WannerCritical Control 17:Penetration Tests and Red Team Exercises
2010-10-31/a>Marcus SachsCyber Security Awareness Month - Day 31 - Tying it all together
2010-10-28/a>Rick WannerCyber Security Awareness Month - Day 27 - Social Media use in the office
2010-10-28/a>Tony CarothersCyber Security Awareness Month - Day 28 - Role of the employee
2010-10-26/a>Pedro BuenoCyber Security Awareness Month - Day 26 - Sharing Office Files
2010-10-24/a>Swa FrantzenCyber Security Awarenes Month - Day 24 - Using work computers at home
2010-10-23/a>Mark HofmanCyber Security Awareness Month - Day 23 - The Importance of compliance
2010-10-22/a>Daniel WesemannCyber Security Awareness Month - Day 22 - Security of removable media
2010-10-21/a>Chris CarboniCyber Security Awareness Month - Day 21 - Impossible Requests from the Boss
2010-10-20/a>Jim ClausingCyber Security Awareness Month - Day 20 - Securing Mobile Devices
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split?
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - VPN Architectures – SSL or IPSec?
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard?
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-10-18/a>Manuel Humberto Santander PelaezCyber Security Awareness Month - Day 18 - What you should tell your boss when there's a crisis
2010-10-17/a>Stephen HallCyber Security Awareness Month - Day 17 - What a boss should and should not have access to
2010-10-13/a>Deborah HaleCyber Security Awareness Month - Day 13 - Online Bullying
2010-10-12/a>Scott FendleyCyber Security Awareness Month - Day 12 - Protecting and Managing Your Digital Identity On Social Media Sites
2010-10-11/a>Rick WannerCyber Security Awareness Month - Day 11 - Safe Browsing for Teens
2010-10-09/a>Kevin ShorttCyber Security Awareness Month - Day 9 - Disposal of an Old Computer
2010-10-08/a>Rick WannerCyber Security Awareness Month - Day 8 - Patch Management and System Updates
2010-10-06/a>Rob VandenBrinkCyber Security Awareness Month - Day 7 - Remote Access and Monitoring Tools
2010-10-06/a>Marcus SachsCyber Security Awareness Month - Day 6 - Computer Monitoring Tools
2010-10-05/a>Rick WannerCyber Security Awareness Month - Day 5 - Sites you should stay away from
2010-10-04/a>Daniel WesemannCyber Security Awareness Month - Day 4 - Managing EMail
2010-10-03/a>Adrien de Beaupre Cyber Security Awareness Month - Day 3 - Recognizing phishing and online scams
2010-10-02/a>Mark HofmanCyber Security Awareness Month - Day 2 - Securing the Family Network
2010-10-01/a>Marcus SachsCyber Security Awareness Month - Day 1 - Securing the Family PC
2009-10-31/a>Rick WannerCyber Security Awareness Month - Day 31, ident
2009-10-30/a>Rob VandenBrinkCyber Security Awareness Month - Day 30 - The "Common" IPSEC VPN Protocols - IKE / ISAKMP (500/udp), ESP (IP Protocol 50), NAT-T-IKE (500/udp, 4500/udp), PPTP (tcp/1723), GRE (IP Protocol 47)
2009-10-28/a>Johannes UllrichCyber Security Awareness Month - Day 28 - ntp (123/udp)
2009-10-25/a>Lorna HutchesonCyber Security Awareness Month - Day 25 - Port 80 and 443
2009-10-22/a>Adrien de BeaupreCyber Security Awareness Month - Day 22 port 502 TCP - Modbus
2009-10-17/a>Rick WannerCyber Security Awareness Month - Day 17 - Port 22/SSH

2013

2013-10-15/a>Rob VandenBrinkCSAM: Microsoft Logs - NPS and IAS (RADIUS)
2013-10-10/a>Mark HofmanCSAM Some more unusual scans
2013-10-09/a>Johannes UllrichCSAM: SSL Request Logs
2013-10-02/a>Johannes UllrichCSAM: Misc. DNS Logs
2013-10-01/a>Adrien de BeaupreCSAM! Send us your logs!
2013-10-01/a>John Bambenek*Metaspoit Releases Module to Exploit Unpatched IE Vuln CVE-2013-3893
2013-09-20/a>Russ McReeThreat Level Yellow: Protection recommendations regarding Internet Explorer exploits in the wild
2013-09-18/a>Rob VandenBrinkCisco DCNM Update Released
2013-08-16/a>Kevin ListonCVE-2013-2251 Apache Struts 2.X OGNL Vulnerability
2013-07-06/a>Guy BruneauMicrosoft July Patch Pre-Announcement
2013-05-09/a>Johannes UllrichMicrosoft released a Fix-it for the Internet Explorer 8 Vulnerability http://support.microsoft.com/kb/2847140
2013-04-25/a>Adam SwangerSANS 2013 Forensics Survey - https://www.surveymonkey.com/s/2013SANSForensicsSurvey
2013-02-11/a>John BambenekOpenSSL 1.0.1e Released with Corrected fix for CVE-2013-1069, more here: http://www.openssl.org/
2013-01-19/a>Guy BruneauJava 7 Update 11 Still has a Flaw
2013-01-07/a>Adam SwangerPlease consider participating in our 2013 ISC StormCast survey at http://www.surveymonkey.com/s/stormcast