Audit

An auditing system consists of three components: the logger, the analyzer, and the notifier. These components collect data, analyze it, and report the results.

1. Logger
Logging mechanisms record information. The type and quantity of information are dictated by system or program configuration parameters. The mechanisms may record information in binary or human-readable form or transmit it directly to an analysis mechanism (see Section 21.2.2). A log-viewing tool is usually provided if the logs are recorded in binary form, so a user can examine the raw data or manipulate it using text-processing tools.

EXAMPLE: Microsoft's Windows NT has three different sets of logs. The system event log contains records of events that Microsoft has determined warrant recording, such as system crashes, component failures, and other events. The application event log contains records that applications have added. These records are under the control of the applications. The security event log contains records corresponding to security-critical events such as logging in and out, system resource overuses, and accesses to system files. Only administrators can access the security event log.

The original — and still the most popular — means for identifying and removing spyware is to run a spyware-scanning program that will search a workstation or server for spyware, list the spyware found, and remove it if the user so desires. But software that blocks spyware before it can be loaded is becoming more popular. A thorough spyware scanning and removal program must check for spyware in many places, including

1. Cookies: Although cookie-based spyware is the most benign of spyware, many people are concerned about the Web-tracking capability that such spyware facilitates.
2. ActiveX controls: As I mention earlier in this chapter, ActiveX is Microsoft’s proprietary technology whereby scripts (short computer programs) can be dynamically loaded from a Web site and executed on the user’s computer. ActiveX is a “client-side” scripting language similar to JavaScript.
3. Java and JavaScript: Java is a structured computer language introduced in the 1990s; JavaScript, a scripting language similar to Java, is often used as a “client side” scripting language used to execute instructions via a user’s Web browser.
4. Browser Helper Objects (BHOs):
   

Cryptography and computer security are two distinct subjects. Cryptography is the art of encoding information in a secret format such that only the intended recipient can access the information. Cryptography can also be applied to supply proofs of authenticity, integrity, and intent. The use of cryptography has progressed extensively over a long period of time, ranging from the ancient Caesar cipher to cipher machines widely used in World War II to modern cryptosystems implemented with computer hardware and software.

Computer security is the application of measures that ensure that information being processed, stored, or communicated is reliable and available to authorized entities. Computer security first became an issue only in the 1960s, when timesharing, multiuser computer operating systems, such as Cambridge's early computing system and MIT's Multics, were first built. After that, the field of computer security remained relatively obscure for years, apart from a brief active period in the mid-1970s. Security concerns then were based mostly on military requirements. Commercial security did not become fully mainstream until the Internet and electronic commerce (e-commerce)—and Java technology in particular—took center stage in the 1990s.

Download latest password application, Password Builder for Apple Mac Os. It can build strong random passwords up to 40 characters. It has four types of passwords to cover all flavors. After chosen you password, copy it to the clipboard or paste it in Mac OS X TextEdit for saving. The simple way to build your passwords.

Features
- Automatic: generates passwords up to 40 characters using low case, upper case, numbers and special characters. It’s possible to omit the special characters and ambiguous ones.
- Semi-Auto: This will generate a password based on a word chosen by the user, strengthened by the Password Builder to give it more security.
- Preset: For those who want a quick password without fiddling with things. The user has two choices: Low Security Password and High Security Password.
- Phonemic: A simple password is generated for an every day use. The word created will have no meaning, but it will be easy to remember.

Download latest free antivirus for Apple Mac Os. Free GUI front end to the ClamAV opensource virus checker. Update the virus definitions, point it to a file or folder and scan. Other features include logging results to a file, placing infected files into quarantine, monitoring folders for changes to their contents, and a Finder Contextual Menu Item.

What’s New in this Version
- Fixed issue with ClamAV engine 0.88.6 which prevented use on some OS X 10.3 systems.
- Fixed issue where context menu or drag/drop wouldn’t initiate a scan if ClamXav is not already running and is set to auto update virus definitions at launch.
- Added Chinese localisation.

Computer viruses are written by a variety of perpetrators. Historically they have been brilliant teenage kids or desperate people in search of attention. They are typically male and in their teens or early 20s. However, David L. Smith, author of the famous Melissa virus, was 30 when the FBI caught up with him.

Still, I like how Jack Sebbag, a vice president at the antivirus software company McAfee, characterizes virus writers: "They're 14-year-old kids who can't get a date, but have incredible talent and are looking for a challenge to bring (millions of) computers down just to get a little notoriety."

What would you do if Management has a big push coming up to do an asset and hardware/software audit and would like to automate it as much as possible. Below alternative desktop auditing tools you can used. Any more opinion?

1. Alloy Navigator
Alloy Navigator is a comprehensive IT infrastructure management suite offering two major areas of functionality: service support and asset management. Alloy Navigator can be used right out-of-the-box and customized to meet any organization's unique requirements. With Alloy Navigator, you can establish tight control over IT operations, meet increasing infrastructure standards, empower end-users, enhance service delivery, and unlock true value of your IT organization

Second Opinion:
We've been using Asset Navigator from Alloy Software. We can inventory machines via login scripts and the backside is a SQL database, so we can then customize reports w/ Acccess or Excel. It also has a help desk component which we've just implemented and so far so good. The real nice thing is that it provided basic asset management and helpdesk requestes w/o the large overhead of Zen or GPOs on AD.

2. Novell ZENworks
Novell ZENworks, a suite of software products developed and maintained by Novell, Inc. for computer systems management, aims to manage the entire life cycle of servers, of desktop PCs (both Windows-based and Linux-based), of laptops, and of handheld devices (such as PDAs). ZENworks supports multiple server platforms and multiple directory services. As of May, 2008, the current version of the ZENworks Suite, version 10.0.3, offered support for Windows Vista.

3. System Management Server
System Center Configuration Manager

Security work is a continuous and daily process. You can’t just install a firewall or an intrusion-detection system and say that you’re suddenly secure. In some cases, you’ll be lucky to enter an organization that already has a relatively mature security program. In these cases, most of the items discussed in the following sections will already be implemented and your job will be easier to manage. In other cases, you may find yourself hired into an organization that has not had a security program in the past. In this case, you’ll have the opportunity to build the program from the ground up. Although this might sound like more work, and a potentially bigger hassle, you may find it easier creating everything from scratch and ensuring that it’s all done correctly. But let’s look at some of the items you’ll need to understand.

1. Patches and Hot Fixes
Both operating systems and applications have a single huge flaw: They are written by human beings. Because of that, they have bugs and security issues. Vendors release patches or hot fixes on a periodic basis to address security concerns that may have arisen since the last patch came out. To keep an organization secure, you need to ensure that these software patches are applied in a timely manner. One important item to note here: Test your patches in a test environment before you implement them in production systems. In some cases, patches have caused more harm than good because of unexpected issues.

Why? because most system administrator forget to change their default password in the system. So basically during the first assessment or audit, just go through using this default password to enter the system. What you need is to search this following site to get default password update.

1. Password Generic System
This following resources provide information about detail password in many type of system

http://www.phenoelit-us.org/dpl/dpl.html
http://www.cirt.net/passwords
http://www.dopeman.org/default_passwords.html
http://www.redoracle.com/index.php?option=com_password&task=rlist
http://www.virus.org/default-password/

2. Network Devices Specific (Router, Firewall, IPS System)

Prepare for Disaster Recovery Plan for your company? here is some recommended list for free Disaster Recovery Plan template that would suitable for your need at no cost.

1. Disaster recovery Plan
Publisher: TechRepublic
TechRepublic provide free 23 pages template of DRP, this template could be replaced with your own scenario by replacing client1, client2 at the document. Complete enough for a small and medium company

2. Disaster Recovery Plan
Publisher: IBM
IBM provide free template for your Disaster Recovery Plan. Altough the design of DRP is based on IBM iseries but most of the template could be used in any type of application. The objective of a disaster recovery plan is to ensure that you can respond to a disaster or other emergency that affects information systems and minimize the effect on the operation of the business.

3. Business Resumption Plan
Publisher: Disaster Recovery Journal
DRJ provide a complete series of DRP document from
Development Guide, Recovery Team, Plan Development Checklist, to Business Recovery Plan DRJ also act as complete referrence for A-Z Disaster Recovery Matter

4. Contingency Planning Guide for Information Technology Systems
Publisher: National Institute of Standards and Technology
NIST also provide various document and template for information security matter