The Case of the Unexplained FTP Connections
A key part of any cybersecurity plan is “continuous monitoring”, or enabling auditing and monitoring throughout a network environment and configuring automated analysis of the resulting logs to identify anomalous behaviors that merit investigation. This...(read more)
Two Papers on Current Issues
Trustworthy Computing just released two papers on current issues:
The Future of Crime
You should spend 15 minutes on this TED talk – really worth it!!
Security Lessons from Star Wars
Exactly the right article for a weekend: May the (En)Force(ment) Be With You – Security Lessons from Star Wars
Updates: Coreinfo v3.1, Desktops v2.0, Livekd v5.3, PsPasswd v1.23, Testlimit v5.22, Whois v1.11
Coreinfo v3.1: This update to Coreinfo, a command line utility that reports detailed information about a system’s processor topology, CPU features, and cache topology, fixes a bug affecting the calculation of NUMA node costs and adds support for several more processor features, including RDRAND, LAHF/SAHF, Prefetchw and Intel Speedstep.
Windows Internals 6th Edition Part 2 Published, and Mark Talks Sysinternals History on Defrag Tools
Windows Internals 6th Edition, Part 2 Published: Part 2 of Windows Internals 6th Edition, is now available. The 6th edition covers kernel and system changes in Windows 7 and Windows Server 2008 R2 and adds 250 pages of expanded feature coverage and hand-on experiments.
New: PsPing v1.0; Updates: DebugView v4.8, Process Explorer v15.23, Sigcheck v1.81
PsPing v1.0: PsPing is a new Sysinternals PsTools command-line utility for measuring network performance. In addition to standard ICMP ping functionality, it can report the latency of connecting to TCP ports, the latency of TCP round-trip communication between systems, and the TCP bandwidth available to a connection between systems. Besides obtaining min, max, and average values in 0.01ms resolution, you can also use PsPing to generate histograms of the results that are easy to import into spreadsheets.