Google – China – Aurora attacks dissected.

http://www.theregister.co.uk/2010/03/01/aurora_resistence_futile/

Full paper here . iSecPartner’s recommendations are good. However, while comprehensive and technically accurate, I think it would be beneficial to have an accompanying set of “triage” recommendations (Use GPOs to disable LANMAN hashes; perform egress filtering and alerting; never EVER EVER login with admin credentials – use sudo or runas; migrate to token based authentication).

~ by stevegoldsby on March 2, 2010.

Posted in Uncategorized

About Steve Goldsby

Steve has nearly two decades of experience in the information technology and security industry as a subject matter expert and consultant to Federal, State and commercial organizations spanning all major verticals. He is a popular featured speaker at national and state conferences as an Information Security subject matter expert. His Information Security articles and papers have been featured in national trade magazines and journals. Steve works for Integrated Computer Solutions Inc.

Twitter

RSS: Symantec HackIsWack site still open to rickrolling: Shared by Steve Symantec HackIsWack site still open to... http://bit.ly/95TxRp.....14 hours ago
RSS: Security Briefing: September 8th: Shared by Steve September 8th Threatpost Back at the helm after a grea... http://bit.ly/c6DdLs.....20 hours ago
RSS: Data Security Compliance Worldwide in a One Picture: Shared by Steve Data security compliance worldwide as... http://bit.ly/8YDH9r.....20 hours ago
RSS: Why I Don’t Like Time & Materials Gigs (T&M).: Shared by Steve Evil of T&M -- I agree to some extent, but ... http://bit.ly/9jA42e.....2 days ago
RSS: A little bit of fuzz: Shared by Steve A little bit of fuzz - good fuzz input files Original by Boon Lee Fa... http://bit.ly/9cyATN.....2 days ago

Steve on Security