If this newsletter is helpful to you, please consider stumbling it or subscribing to feeds from CyTRAP Labs. Cheers.CyTRAP Labs, Roentgenstrasse 49, 8005 Zurich, Switzerland --- +41 (0)44 272-1876
news that SAVE TIME AND MONEY CyTRAP Labs customized services To ensure you receive your copy of Information Security this Week from CyTRAP Labs, please add newsletter@cytrap.eu to your address book NOW.
TO RECEIVE FUTURE ISSUES OF THIS FREE NEWSLETTER: Please register OR CHANGE your subscription at
CyTRAP Labs subscription portal
If you cannot view this newsletter properly or want to get the online version of this newsletter? Go here:
http://cytrap.eu/radio_show/newsletter/newsletter93.htmlIf you missed an issue of the newsletter why not visit the
Information Security this Week archives - since 2000 onward
Information Security this Week from CyTRAP Labs
is a registered online serial publication
ISSN 1600-1869
==> Since 2000 - Clear and Precise, No Compromise
Compiled, published, edited and written by Urs E. Gattiker
January 20, 2008 Vol. 9 No. 3 Have a comment for us mail it to: EU-IST-Comments at CyTRAP.eu
Table of Contents:
- CyTRAP Lab’s Choice - free tool - WAZ helps you find the Zombies on your network
- Estonia - lessons learnt in terms of detection and response capabilities
1. CyTRAP Lab’s Choice - free tool - WAZ helps you find the Zombies on your network
| Ever wanted to find and get rid of the Zombies on your network?This tool helps you do the job faster and better -
check it out |
PROBLEMMore often than ever we find virus infected computers on our network. Unfortunately, these computers might even be part
of a botnet and the
herders might be in Rusia.
SOLUTIONWAZ v 1.0 can help it is an anti Zombie healer written specifically for the Windows platform.
FACT SHEET ABOUT Waz
| costs | free to use for non commercial use |
| software | WAZ v1.0 |
| release date | 2007-10 |
| platforms | Windows XP, Vista, Windows Server 2003, Unix, etc. |
| author | secniche |
| language(s) | English |
| size of the 2 files | over 2 1 MB in total |
| download from | download WAZ v1.0 |
| more information | FAQ and additional
insights |
So what did we experience using this piece of software.
EVALUATION SHEET FOR WAZ
Pros |
the tool is easy to install and provides you a quick overview of what is happening |
Cons |
It is version V1.0 and a few improvements might still make its use a bit easier.The tool
works very generically on windows platform. It provides
an easy implementation layout. |
WATCH OUTAs you probably guessed, this tool is for more technically inclined people
============>
If this post was helpful to you, please consider
stumbling
it or
subscribing to feeds from CyTRAP Labs.
Cheers.
==========>
Also of interest:
7 lessons learnt from the Estonian attacksCyber warfare - biggest threat is China overestimating its limited
capabilitiesCyTRAP Labs global security forecast 2008 - biggest
obstacles against a safer Internet are …Direct link: http://blog.cytrap.eu/?p=310
Related Posts:
Estonia - lessons learnt in terms of detection and
response capabilitiesWhat have Carla Bruni, Jeremy Clarkson,
Paris Hilton and Nicolas Sarkozy in common?CyTRAP Labs global security forecast 2008 - Steve Balmer replacing
Bill Gates will not improve reliability and usability of Microsoft productse-banking security in Denmark - transaction authentication would be
helpfulRussian cyber criminals give CyTRAP Labs’ news service ’stamp of approval’ resulting in
massive denial of service attack2. Estonia - lessons learnt in terms of detection and response capabilities
| threats against infrstructure may result in attacks that lead to a disruption of service - be ready by
using a holistic approach, which means |
| building robustness into your system, preparing an adequate response, profiling attacks, raising awareness and
educating users / network operators, etc. |
| We explain this in more detail below |
<
7 lessons learnt from the Estonian attacksIn the above posting we pointed out some of the issues that can be learned from the Estonian attacks that resulted
in a near breack down of some communication networks in that country.Below we list some of the lessons that people
involved with this crisis have put forward to some of their colleagues in other jurisdictions. And before we forget
when reading the list below:
Not every lesson is a conclusion
LESSONS LEARNED by insiders fighting the attacks on the ground
- Below we list a few lessons that one can learn out of the Estonia attacks.
- Incident response is the most important part of an online defense strategy
- Bad things of an endless variety will happen, how one responds is far more important
- CERT organizations are critical and necessary, but what's needed is what they do rather than the name
- A CERT without clients who share information and and speak about challenges openly is nothing but a
bureaucracy
- A CERT helps communicate locally and globally
- Since the Internet is global, your security can be dependent on a personal computer across the world
- It isn't practical to survive without outside help. This road goes both ways
- Response or counter measures must be communicated with and worked out in coordination with parties responsible for
business infrastructure
- Regulation may be unwarranted and not wanted, but when Estonia happens again businesses will look to the government
for help
- Have contingency plans to maintain the Internet within the country/survive without the outside Internet
- Estonia blocked connections to the local banks from the world. TIX helped make that happen
- Redefine critical infrastructure to include the private and business infrastructures – first
- Consider the personal computers around the world and their impact on your infrastructure. This infrastructure is
the same one as used by cyber-crime
- Facilitate law enforcement cooperation globally
- Global law enforcement cooperation currently is at a stand-still, slow to the point of in many cases being
unusable
- The technical and operational people are already sharing information, cooperating and mitigation global
incidents
- Those expert responded to the request for help put out by Estonia as DDoS brute force attacks hurt the
Internet
- Find your local Internet security operations community, and bridge the gap between technology and policy
==========>
Thanks to Gadi Evron and Hillar Aarelaid for pointing out some of this info, omissions and mistakes are my own.
xxxxxxxxxxxxxx
MORE INFOS THAT RELATE TO THIS MATTER
Early Warning System (EWS) - Categorizing the risks
Trend 2007 - regulation that matters - converging communication markets - are
regulators too late again? France - vive la difference
x
CyTRAP Lab’s Choice - free tool - WAZ helps you find the Zombies
on your network
============>
If this post was helpful to you, please consider stumbling it or subscribing to feeds from CyTRAP Labs. Cheers.
==========>
Some people claim that Estonia has been trying to convince Nato Member States to establish a center of excellence in
the country regarding cyber-defense. Unfortunately, Member States were not convinced that having Nato establish such a
center would be a great idea. Curious enough, shortly thereafter the attack happened.
Some have raised concerns that the two could possibly be related. This is especially the case, since the attack was
subsequently used to support the idea of starting a Nato center of excellence on cyber-defense in
Estonia. But the issue remains:
1 - What is the added value of such a center of excellence funded and operated by Nato?
2 - How will Nato Member States benefit from this effort, since Nato's critical operations run on seperate networks
- no connected to the Internet?
3 - If the center produces knowledge - how much access to such information will civil society and its
representatives get to determine what and how they might benefit for better protecting critical communication networks
(e.g., electricity and financial institutions)?
Until these questions are answered properly and specifically (meaning how exactly will civil society get what?),
such a center is unlikely to add value. Most important, the objective of such a center and its benefits to Member
States cannot be left until the center has operated for a period of time. That would be bad management by
objectives.
But you be the judge.
====>
Direct link: http://blog.cytrap.eu/?p=325
Related Posts:
CyTRAP Lab’s Choice - free tool - WAZ helps you
find the Zombies on your networkWhat have Carla Bruni,
Jeremy Clarkson, Paris Hilton and Nicolas Sarkozy in common?CyTRAP Labs global security forecast 2008 - Steve
Balmer replacing Bill Gates will not improve reliability and usability of Microsoft productsaha - who reads
use-banking security in Denmark - transaction authentication would
be helpfulEnjoy your weekend!
END of NEWS - Important Info BelowRead our privacy promise. This newsletter DOES NOT contain ANY cookies or other software enabled mechanisms to collect data about reader behavior WHATSOEVER.
==> We DO NOT send ATTACHMENTS with our newsletter.
NO WARRANTY
Any material furnished by CyTRAP Labs and WebUrb is furnished on an 'as is' basis.
CyTRAP Labs or CASEScontact.org, writers & sponsors make no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. WebUrb, writers & sponsors do not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Here you can read our full DISCLAIMER
SERVICE POWERED BY:
Flashcable - INNOVATION AND EXCELLENCE IN ISP Services