Logs of Our Fathers
September 22, 2009<p>At USENIX in Anaheim, back in 2005, George Dyson treated us to a fantastic keynote speech about the early history of computing. You can catch a videotaped reprise of it <a href="http://www.ted.com/talks/lang/eng/george_dyson_at_the_birth_of_the_computer.html" target="_blank">here, on the TED site</a>. I highly recommend it - there's lots of interesting and quirky stuff. I managed to talk him into giving me a copy of his powerpoint file, and subsequently tracked him down and am re-posting this material with his permission.</p> <h3>November, 1951 </h3> <p style="TEXT-ALIGN: center"><a href="http://www.ranum.com/security/computer_security/papers/ur-syslogs/first_syslog.jpg" target="_blank"><img border="0" height="375" src="http://www.ranum.com/security/computer_security/papers/ur-syslogs/t/first_syslog.jpg" width="500" /></a> <br /><strong>Machine Log #1</strong></p>
Event Analysis Training – “Could you look at some odd IRC Connections?”
July 29, 2009<p>At one of the research sites that we monitor, an analyst noted that a few servers were consistently making a large number of IRC connections. These connections occurred in a periodic manner and appeared to be automated. This blog entry describes the various steps taken in analyzing the connections and historical data. We used Tenable’s log analysis, network monitoring and passive profiling solutions to perform this analysis, but the principals could be applied to various SIMs, NBADs and analytical tools.</p><p> </p>
Auditing PHP Settings to OWASP Recommendations with Nessus
March 16, 2009<p>Tenable recently released an audit policy for Linux servers running PHP which tests for hardening recommendations from the Open Web Application Security Project (<a href="http://www.owasp.org/index.php/Main_Page">OWASP</a>). OWASP maintains a set of guidelines for hardening web servers, with specific attention given to <a href="http://www.owasp.org/index.php/Configuration#PHP_Configuration">PHP</a> and Cold Fusion technologies.</p><p> </p>
ShmooCon 2009 - Playing Poker for Charity
February 12, 2009Tenable sponsored a booth at this year's ShmooCon and ran a Texas Hold'em table to help raise money for the Hackers for Charity organization. We raised close to $400 from conference attendees ...
DOJOSEC - Compliance Presentation
January 5, 2009The next DOJOSEC is this week. I've been invited to speak about the latest compliance trends in PCI and FDCC. Also presenting will be Shaf Ramsey of TechGaurd Security and Dale Beauchamp of the Transp...
Marcus Ranum PaulDotCom Interview on Penetration Testing
December 14, 2008Tenable's CSO, Marcus Ranum, was recently interviewed on the PaulDotCom Security Weekly podcast. They discussed a wide range of topics regarding penetration testing, secure coding, Marcus's "6 Dumbest...
PCI Executive Roundtables in New York and Atlanta
November 4, 2008Tenable Network Security has partnered with IANS to sponsor two executive level PCI discussions in New York City and Atlanta. Both events are this week, and we have limited seating available for corpo...
Nessus turns 10 !
April 4, 2008Ten years ago today, I announced the initial public release of Nessus on the bugtraq mailing list. The initial version would run only on Linux and was bundled with 50 plugins (vulnerability checks) wr...
Being the Caveman - Tenable Style
October 10, 2007After reading Richard Bejtlich's "Be the Caveman" blog post about the convicted hacker Robert Moore, I felt it would be interesting to show how unifying vulnerability monitoring, configurati...
Using Nessus Configuration Audits To Test FDCC Compliance
September 25, 2007Tenable has recently announced FDCC audit policies for Nessus ProfessionalFeed and Security Center users. These policies help government organizations test Windows XP Pro and Vista desktops against OM...
Digital Bond OPC Hardening Guide
September 21, 2007If you are using Nessus to audit a control system network, Digital Bond has recently released a set of guidelines (part 1, 2 and 3) for securing OPC servers. These guidelines include three Nessus conf...
Finding Sensitive Data as a Consultant with Nessus
August 29, 2007There are many consultants that use Nessus to scan a customer network for vulnerabilities and report a laundry list of security issues which need to be fixed. Another valuable service that can be perf...