![]() ![]() Sentigy announcement for free CISSP training ▪ Register for Microsoft home security newsletters ▪įBI site on not being tricked by phishing ▪ Great article on new WEP cracking methods ▪ ▪ĭriftnet allows you to see image traffic that flows across networks. Read moreĭsniff is a packet sniffing tool that reassembles passwords and meaningful streams. Instead of attempting to reconstruct the sequence of events and document everything that happened in the process, we are focused on finding out enough about the incident to mitigate the situation (although, it may turn out that you need to escalate the incident handling to a full-fledged forensic analysis). Security incident handling is much like the forensics situation except that the goal is different. Hire a lawyer to help you and then make sure the client signs a permission form before you do any work. You don't want any employee of the client who gets fired as a consequence of your investigation (we have seen this happen!) to respond by suing you! It's important to do this right. This “get out of jail free card” should include provisions that require the client to defend you in any lawsuit that arises as a result of your findings. If you are an external security contractor doing this for a client, make sure that the client organization has given you explicit, legally binding permission, in writing, in order to conduct such an investigation. If you find yourself having to make this kind of packet sniffing and such deep packet analysis, make sure that you are not violating your organization's security and expectation of privacy policies by doing so.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |