Library items tagged: security

Unusual traffic

Anonymous
Wednesday, February 15, 2012 - 20:31
factsheet
security
unusual traffic
PB/INFO/028 (10/05) On most network access links the traffic flowing in and out shows a similar pattern. Most communications consist of a request going in one direction and a response coming back in the other. The size of the request and response may be different but the pattern of traffic in time should be roughly similar. However, sometimes the inbound and outbound patterns are completely different. This often indicates that there is a security problem somewhere on the network that needs urgent attention.
Read more

Securing networked computers

Anonymous
Wednesday, February 15, 2012 - 20:24
security
network
networked computers
factsheet
PB/INFO/022 (05/07) The role of a computer network should, in its simplest terms, be to carry commands and information from client software running on one computer to server software running on another computer, and to return information in response to those commands. Servers can be divided into two types: those that are freely available to any client and those where access is restricted by some test such as a password, a certificate or an IP address. In an ideal world this would be all the security that was needed: however, this ideal fails in reality for two reasons.
Read more

Computer viruses - don't click here

Anonymous
Wednesday, February 15, 2012 - 20:19
factsheet
malware
security
viruses
PB/INFO/012 (10/06) Every few months a computer virus outbreak is publicised in the national press. One in every thirty e-mail messages contains a virus. Every computer user should therefore be aware of the danger and take simple steps to protect themselves against it.
Read more

Digital signatures 3: frequently asked questions (FAQs)

Anonymous
Wednesday, February 15, 2012 - 19:49
server certificates
digital signatures
authentication
security
factsheet
FAQ
PB/INFO/004 (10/06) What is a digital certificate? It is a collection of electronic information, usually containing a statement of the identity of the owner and some additional data. This is generated using cryptography, not to conceal the statement, but to make it hard for anyone other than the owner to forge it. Digital certificates are usually stored as files, either on a computer disk or a smartcard.
Read more

Digital signatures 2: signing electronic mail

Anonymous
Wednesday, February 15, 2012 - 19:49
factsheet
digital signatures
certificates
server certificates
authentication
security
PB/INFO/003 (06/06) It is relatively easy to create an electronic mail message that appears, superficially at least, to come from someone else. It is therefore useful to be able to ‘sign’ e-mails, as we use ink signatures on paper documents and letters, to give stronger proof of their origin. There are systems that allow such signatures to be created using certificates and certification agencies, however the most commonly used system, Pretty Good Privacy (PGP), uses a different approach and terminology.
Read more

Digital signatures 1: certificates and certification authorities

Anonymous
Wednesday, February 15, 2012 - 19:48
certificates
certification authorities
digital signatures
factsheet
security
server certificates
PB/INFO/002 (06/06)
Read more

Detecting Conficker on your network

Anonymous
Monday, February 13, 2012 - 20:15
CSIRT
conficker
detecting
incident response
malware
security
From time to time Janet CSIRT may report activity to you that is related to the Conficker worm. Typically this is a record of traffic from an infected host, to a Conficker sinkhole server. These sinkhole servers pretend to be part of the worm’s command and control infrastructure. The worm then attempts to load a web page on the sinkhole server, that were the server real, would contain instructions for the worm. Our reports typically look like this
Read more

Protecting yourself from Conficker

Anonymous
Monday, February 13, 2012 - 20:14
CSIRT
conficker
incident response
malware
protection
security
The Conficker worm (also known as Downup, Downadup and Kido) is probably the most prevalent computer worm on Janet and the Internet at this time. It’s success can be attributed to it’s use of a number of different vectors it uses to infect machines:
Read more

Zeus/Zbot

Anonymous
Monday, February 13, 2012 - 20:12
security
incident response
CSIRT
advice
malware
Zeus
Zbot
Zeus is the name for a family, or perhaps ecosystem of malware that is created and customised using a single toolkit. Not only does the toolkit generate the executable that infects systems, but it also produces server files that act as the command and control infrastructure for the operator’s botnet. Primarily Zeus is used to steal banking details through the use of keystroke logging and screen captures that are sent from the infected system to the command and control sever.
Read more

The Carberp Information Stealing Trojan

Anonymous
Monday, February 13, 2012 - 20:12
security
incident response
CSIRT
malware
Carberp
Carberp is the name of the latest in an increasing line-up of information stealing malware that have evolved in the last few years. As in the case of it’s forerunners (Torpig/Mebroot,Clampi, ZeuS and SpyEye) the most recognised role of Carberp is to steal users e-commerce payment transaction data (e-banking, Paypal, debit/credit card etc.), although any sensitive data is at risk (personal identity or research data for example).
Read more