Feed on
Posts
Comments

Monthly Archive for February, 2007

IT-Architecture is all about having a common language to describe an IT-environment. WSSRA SA defines a few words that are commonly used throughout the document: Assets, People, Process. Assets are divided into two groups: Data asset and Tier Asset. Data assets are the information stored within your databases, your spreadsheets and your worddocuments. That is […]

Read Full Post »

I frequently follow a blog at ITToolBox named “A day in the life of a security investigator”. His latest blog entry discussed the top ten errors that investigators often do. If you ever think of starting out in this business you should know these by heart. You could find them here: http://blogs.ittoolbox.com/security/investigator/archives/top-ten-investigative-booboos-14576

Read Full Post »

Last few weeks I have found quite a lot of companies hiring consultants with knowledge about WSSRA, Windows Server System Referency Architecture. Even if I like the concept of architecture it could be qute hard to grasp sometimes for an inexperienced person. During the following weeks I will write short notes about key concepts regarding […]

Read Full Post »

Link aboout PCI DSS

Here is a nice link for PCI DSS information. It is quite useful as a startingpoint for your PCI DSS certification. http://pcianswers.com/2007/02/17/pci-awareness-month

Read Full Post »

PCI DSS

Are you using credit cards at your website or in some other parts of your business? PCI DSS stands for Payment Card Industry Data Security Standard and is a rather technical approach how you should protect your information. The fees and fines if you loose the credit cards are really high. How should you proceed […]

Read Full Post »

Vacation photos

When doing Computer Forensics it is uninvitable that you sooner or later will come across a computer where a person full life is stored in pictures, letters and so forth. That is the time you realise what is tough in this line of business. It is not finding a way around an encrypted file or […]

Read Full Post »

Even if encryption is a very good tool for protecting data it do tend to come in the way when doing Computer Forensics. Pointsec gladly has a way to login in so that you could read the harddrive decrypted without booting the operatingsystem. By pressing CTRL+F9 when you see the logon to Pointsec and then […]

Read Full Post »

Security Architecture is a wonderful tool to use. There are so many marvelous words to use to really make everything totaly hopeless to understand. I recently attended a discussion regarding Security Architecture and was served a lot of terminology that I did not understand. When I asked him it turned out that he did not either. So […]

Read Full Post »

When I do Computer Forensics one of the largest problems is to find all the needed information. Most of the time we have to recreate this from different sources if it is at all possible to do. With this little casestudy I will try to give the basic setup for what is needed to have a good […]

Read Full Post »

Importance of logging

When I look inside a computer I find a lot of stuff that could prove as evidence in several cases but sometime the evidence in it self is not enough. In some cases we want to find where the information came from, what connections existed on the computer when it was active or how an […]

Read Full Post »

Next »