Security Ripcord

Pages
Poll
What is your opinion on Virus Response for Small/Medium Sized Businesses
- Just run your virus scanner and spyware scanner, clean the malware, and drive on with business as usual.
- Backup the critical files, DBan the drive, virus scan the backups, and reinstall
- Investigate the root cause, counsel the individual who infected the system, and then proceed with number 1.
- Investigate the root cause, counsel the individual who infected the system, and then proceed with number 2
View Results
Associations
Recent Posts
Security Ripcord - Technorati Authority

Security Ripcord Authority
Archives
Categories
- Apple
- Assessment
- atlas
- BackTrack
- Blogging
- Bunny Ranch
- Business Continuity
- CCDC
- CISecurity
- Conferences
- consulting
- Core Impact
- Corpus Christi
- Data
- DefCon
- DHS
- Disassembly
- Disaster Recovery
- Education
- EHN
- Email
- Emotional
- Encryption
- Ethics
- Exploits
- Feeds
- Firefox
- Firewalls
- Hacking
- Helpful
- IDS
- Incident Response
- Intelguardians
- Interviews
- Kudos
- Leadership
- Levels of Awareness
- Linux
- Logging
- Login Warning Banner
- Malware
- Management
- McKeay
- Metrics
- Microsoft
- Network Diagrams
- Networking
- NIST
- NMap
- Obscurity
- Paros Proxy
- Passwords
- Patch Management
- PDC
- Penetration Testing
- Personnel Behavior
- Podcast
- police
- Policy
- Poll
- Presentations
- Professionalism
- Programming
- Risk
- ROSI
- SANS
- Security
- Security Catalysts
- Security Vendors
- Sensitive Information
- Snort
- Sourcefire
- Speaking
- SSH
- Texas
- Thin Clients
- Tools
- Uncategorized
- Unix
- Update
- USMC
- UTM
- Virtual Machines
- Vulnerability
- Web
- Wordpress
Meta
Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported

May 2008

M T W T F S S

« Apr

1 2 3 4

5 6 7 8 9 10 11

12 13 14 15 16 17 18

19 20 21 22 23 24 25

26 27 28 29 30 31
RSS Feed
State of the Internet
Training Support

Help support my training and travel to security conferences. Get your SANS Training and GIAC Certifications through the Security Ripcord.
Recent Comments
Tags
Amazon assembly atlas C&A CAPM CMMI debugging Disassembly Don C. Weber FISMA idle ISO 27001:2005 ITIL Leadership Learn Security Online LSO Management PgMP PMP process process management Professionalism program management Program Management Institute Programming python Security Ripcord segmentation fault USMC VDB VTrace
Blogroll
PodCasts
Security
- SANS/GIAC

May 2008
M	T	W	T	F	S	S
« Apr
	1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

Windows Incident Response Script

April 17th, 2008 cutaway Posted in Incident Response, Malware, Microsoft, Security, Tools 5 Comments »

I have taken some time to write an incident response script using only the resources provided by the Windows operating system. You can find out the why by reading the article I wrote titled Windows Incident Response With Only System Resources or the how by reviewing the code I wrote. UPDATE: I broke the link when I did a bug fix. So, this link may break in the future, please refer to the complete article for the most recent version.

I hope that some of you find this useful and that this centralizes a lot of the information necessary to understand the abilities inherent to the Windows operating system. It is nothing ground breaking. Just a few things that can be done if you do not have or are not allowed to obtain and use the number of very useful tools that are available online or through a vendor.

Go forth and do good things,

Don C. Weber

wmi, wmic, vbscript, Security Ripcord, incident response

Ransomware In The Wild

April 28th, 2006 cutaway Posted in Malware, SANS No Comments »

Darknet has pointed out that there is a new rash of malicious programs out there that are extorting money from computer end-users. I know that this is not necessarily new news but all the same it really ticks me off that there are people out there who are willing to resort to this type of behavior. I guess this is one of the reasons that I have chosen to become a security professional. I really wish that I could find a team that was actively targeting these individuals so that I could be of some type of assistance and we could get them arrested and put up on charges. Of course the far reaching tendrils of the Internet make these malicious programmers almost untouchable. Too bad.

For a really great resource that you can use to help educate your end users look to the SANS Stay Sharp program. There are courses for all levels of computer users and new courses are being added all of the time. Take some time and have a look at the course descriptions. Specifically, you may want to send some of your people to the Stay Sharp: Computer and Network Security Awareness. If you cannot get a SANS certified professional to teach this course for you then just contact SANS and I am sure they would be willing to help.

Good luck out there and stay aware,

Cutaway

Security Ripcord

Pages

Poll

Associations

Recent Posts

Security Ripcord - Technorati Authority

Archives

Categories

Meta

State of the Internet

Training Support

Recent Comments

Tags

Blogroll

PodCasts

Security

Windows Incident Response Script

Ransomware In The Wild