Dear All,
I ma back to Chennai. Great trip and nice KT from UK counter parts. We are now geared up fully for the work in Forensics....
See you soon ..
Tuesday, December 11, 2007
Some Photos of London Trip
Dear All,
I ma back to Chennai. Great trip and nice KT from UK counter parts. We are now geared up fully for the work in Forensics....
See you soon ..
Friday, November 30, 2007
Visited Odeon --- Red Carpet
Itz great training out here. Yesterday been to Odeon in Leicester Square for meeting my brother-in-law. Saw Odeon theatre .. wow its awesome ...will post u with some photos soon .. going again now there to meet my friend of mine during my Eng college along with colleagues.
Wednesday, November 28, 2007
Namaste London !
Dear Friends,
In SANS training for SEC 508, GCFA.....wow cracking my brain deeply with FIle system essentials mainly linux file systems .. close shave ...
Will come again soon ...
Best Regards,
Bala
In SANS training for SEC 508, GCFA.....wow cracking my brain deeply with FIle system essentials mainly linux file systems .. close shave ...
Will come again soon ...
Best Regards,
Bala
Wednesday, November 7, 2007
I am back after a month's time with my Laptop ready to fire !
Dear Friends,
Iam back with a bang.
Waiting for Dhoni’s play now after a hibernation of correctly a month.
Let me start with a beautiful cut, copy and paste of somebody’s article. Hats off to that great guy.
Iam really impressed by this one so sharing.
-------------------------------------------------------------------------------------
There was an article in Harvard Business Review some time back in which there was an interesting comment - “Average managers play checkers, but great managers play chess.”
Considering that both checkers and chess are similar Abstract Strategy board games (as the wikipedia calls them) you may begin to wonder what is the difference worth speaking about (or rather, blogging about?)
Ha, but there is.
You see, in checkers, all the pieces are uniform, they all move in the same way. In other words, they are interchangeable. Of course, one needs to plan and coordinate their movements, but they all move in the same pace on parallel paths.
Enter chess. Each type of piece moves in a different way. One cannot play chess if one doesn’t know how each of the piece moves. That is why it takes a great manager to play chess with their teams. They have to know the unique abilities of every member in the team. They even have to know the eccentricities of the members. They understand how best to integrate them into a coordinated plan to achieve a stated goal.
There is an interesting Thirukkural that comes to my mind while typing this:
இதனை இவன்முடிக்கும் என்றாய்ந்து
அதனை அவன்கண் விடல்.
(Roughly translatable as : It is the leader’s job to understand who can do one task better than others and allocate that responsibility to him.)
When I become a manager, I hope to play chess with my team, not checkers. Long live the “king”.
---------------------------------------------------------------------------------
I am back as if normal and will start writing my tech articles again.
May be I am going to be bit busy soon with my ethical hacking course and SANS System Forensics Training for GCFA in London this month.
Still I will catch up you all.
Happy Diwali wishes to all.
Best Regards,
Bala
Iam back with a bang.
Waiting for Dhoni’s play now after a hibernation of correctly a month.
Let me start with a beautiful cut, copy and paste of somebody’s article. Hats off to that great guy.
Iam really impressed by this one so sharing.
-------------------------------------------------------------------------------------
There was an article in Harvard Business Review some time back in which there was an interesting comment - “Average managers play checkers, but great managers play chess.”
Considering that both checkers and chess are similar Abstract Strategy board games (as the wikipedia calls them) you may begin to wonder what is the difference worth speaking about (or rather, blogging about?)
Ha, but there is.
You see, in checkers, all the pieces are uniform, they all move in the same way. In other words, they are interchangeable. Of course, one needs to plan and coordinate their movements, but they all move in the same pace on parallel paths.
Enter chess. Each type of piece moves in a different way. One cannot play chess if one doesn’t know how each of the piece moves. That is why it takes a great manager to play chess with their teams. They have to know the unique abilities of every member in the team. They even have to know the eccentricities of the members. They understand how best to integrate them into a coordinated plan to achieve a stated goal.
There is an interesting Thirukkural that comes to my mind while typing this:
இதனை இவன்முடிக்கும் என்றாய்ந்து
அதனை அவன்கண் விடல்.
(Roughly translatable as : It is the leader’s job to understand who can do one task better than others and allocate that responsibility to him.)
When I become a manager, I hope to play chess with my team, not checkers. Long live the “king”.
---------------------------------------------------------------------------------
I am back as if normal and will start writing my tech articles again.
May be I am going to be bit busy soon with my ethical hacking course and SANS System Forensics Training for GCFA in London this month.
Still I will catch up you all.
Happy Diwali wishes to all.
Best Regards,
Bala
Monday, October 8, 2007
Laptop in Data Recovery Mode !
oops! Itz after a long time ! Sorry .... Cordially !
Atlast I received the CDs from my brother. No use. Approached ABM Infotech Chennai for Laptop Recovery. They are trying for the past 4 days ?....Letz see whether they will make it or not !?
Apart which my home @ chennai becoming slowly beautiful by continuous efforts of mine, my father & my mother. Will attach some snaps very soon.
Will also write my analysis of already committed articles too soon..
I will be leaving to Singapore next month for SANS Forensic Training GCFA ...
Quite busy in preparations for the same....
Will catch once the Laptop is back to my hand ......
Best Regards,
Bala
Atlast I received the CDs from my brother. No use. Approached ABM Infotech Chennai for Laptop Recovery. They are trying for the past 4 days ?....Letz see whether they will make it or not !?
Apart which my home @ chennai becoming slowly beautiful by continuous efforts of mine, my father & my mother. Will attach some snaps very soon.
Will also write my analysis of already committed articles too soon..
I will be leaving to Singapore next month for SANS Forensic Training GCFA ...
Quite busy in preparations for the same....
Will catch once the Laptop is back to my hand ......
Best Regards,
Bala
Monday, September 17, 2007
I am free from Spectacles
Dear All,
Atlast I got freedom ...on 14th Sep 2007 ...after almost 18 years from class sixth...
yes...I got operated Lasik for my eyes...I am free bird now wo spec. hassles..
Hey,... My CD is on the way from US. By this week end, I will be back in form with my original style.....till then ...keep kool......
Best Regards,
Bala
Atlast I got freedom ...on 14th Sep 2007 ...after almost 18 years from class sixth...
yes...I got operated Lasik for my eyes...I am free bird now wo spec. hassles..
Hey,... My CD is on the way from US. By this week end, I will be back in form with my original style.....till then ...keep kool......
Best Regards,
Bala
Sunday, September 9, 2007
Waiting Period continues ......(Sigh)
Dear Friends,
Still my Laptop is down,my hands are tied...But I am enjoying my time in different manner. Itz more about socializing with known and unknown people...Life keeps moving meeting different people ...listening different views....Hmmmm. Much philosophical right...Ya..Itz....
Yesterday I was with my uncle Dr.V.Balasubramaniyan from Nashik in spree to meet his school and college friends. He is already 74 Years young.....We met first Mr.Lakshmi Narayanan in Besant Nagar who is also 75 retired AD from Intelligence Bureau. The conversation between them is full of recalling their college and school friends name and whereabouts...Then we three went on to meet their teacher in Besant Nagar who is 87 Years old... That gentle man is too energetic than these people...He too shared so many friends detail .....Then we met Brigadier.Subramanian My uncle's close friend...They are really too good and nice....
So the lesson I learnt is, "Always cherish your good friendship over time and strive to go extra mile for keeping them in touch...Life is not about only taking care of ownself and our own family...but also do lots of good social activities and help others...."
I also visited Parthasarthy and Nanganallur Temples...along with Prasanna..
We both decided to visit more temple visit as often as we can in and around chennai...
Best Regards,
Bala
Still my Laptop is down,my hands are tied...But I am enjoying my time in different manner. Itz more about socializing with known and unknown people...Life keeps moving meeting different people ...listening different views....Hmmmm. Much philosophical right...Ya..Itz....
Yesterday I was with my uncle Dr.V.Balasubramaniyan from Nashik in spree to meet his school and college friends. He is already 74 Years young.....We met first Mr.Lakshmi Narayanan in Besant Nagar who is also 75 retired AD from Intelligence Bureau. The conversation between them is full of recalling their college and school friends name and whereabouts...Then we three went on to meet their teacher in Besant Nagar who is 87 Years old... That gentle man is too energetic than these people...He too shared so many friends detail .....Then we met Brigadier.Subramanian My uncle's close friend...They are really too good and nice....
So the lesson I learnt is, "Always cherish your good friendship over time and strive to go extra mile for keeping them in touch...Life is not about only taking care of ownself and our own family...but also do lots of good social activities and help others...."
I also visited Parthasarthy and Nanganallur Temples...along with Prasanna..
We both decided to visit more temple visit as often as we can in and around chennai...
Best Regards,
Bala
Friday, August 31, 2007
In Naganallur .... Small Thanjavur !
Dear Friends,
Itz after a long time I visited Naganallur.
I thank prasanna from NSE to accompany me to all temples here. Visits to Bhakta Ajaneya (the one same like in Nerul in Mumbai), Hayavadhana Perumal & Varasiddhi Vinayak are really delighting. The lunch served by Prasanna's family is great with a mixture of love and affection.
Thanks for that prasanna.
Plannning for more today in learning areas....Letz see...
Waiting for the CD from my brother....Laptop is still in down state...
Best Regards,
Bala
Itz after a long time I visited Naganallur.
I thank prasanna from NSE to accompany me to all temples here. Visits to Bhakta Ajaneya (the one same like in Nerul in Mumbai), Hayavadhana Perumal & Varasiddhi Vinayak are really delighting. The lunch served by Prasanna's family is great with a mixture of love and affection.
Thanks for that prasanna.
Plannning for more today in learning areas....Letz see...
Waiting for the CD from my brother....Laptop is still in down state...
Best Regards,
Bala
My Laptop gone down.......I am getting locked!
Dear friends,
Last Friday, my Dell Laptop gone down saying NTLDR missing. Since I bought it in US and itz peculiar XP Media Center Edition which is not launched in India, I am totally inaccessible from Home. Moreover, a week long training keeps me busy and I just finished the same.
I requested my brother to log a call at Dell and send me the same. Hez doing it... Pl bear with me for sometime.
This week I mainly spent on understanding Software Development Cycle called SDM(Solution Delivery Methodology)which is this giant's propriety way of handling IT Application Development and Support.
There are many good things I learnt this week in-terms of SDC(Software Development Cycle)which will be useful for me in my IT Security & Controls Path.
Today is the most memorable day in my life as I am going to get locked ....!
Guessed right? Hmmmm.....itz a great feeling....!
See you soon friends,
Best Regards,
Bala
Last Friday, my Dell Laptop gone down saying NTLDR missing. Since I bought it in US and itz peculiar XP Media Center Edition which is not launched in India, I am totally inaccessible from Home. Moreover, a week long training keeps me busy and I just finished the same.
I requested my brother to log a call at Dell and send me the same. Hez doing it... Pl bear with me for sometime.
This week I mainly spent on understanding Software Development Cycle called SDM(Solution Delivery Methodology)which is this giant's propriety way of handling IT Application Development and Support.
There are many good things I learnt this week in-terms of SDC(Software Development Cycle)which will be useful for me in my IT Security & Controls Path.
Today is the most memorable day in my life as I am going to get locked ....!
Guessed right? Hmmmm.....itz a great feeling....!
See you soon friends,
Best Regards,
Bala
Thursday, August 23, 2007
Personal Information Update
Lots and Lots of action are going on in my personal life......
Will come out with great news soon......
My Brother/Mentor Baskar Natarajan took responsibility in Minneapolis day before yesterday.He joined ArcherGrey as Matrixone PLM Consultant. He is currently handling a for Possis medical Systems under ArcherGrey. I really don't know much in detail as he never reveals any info to me as his works are highly confidential. Anyway my best wishes to him.......He went along with his wife and kid for long term. I miss him a lot....
Wishes,
Bala
Will come out with great news soon......
My Brother/Mentor Baskar Natarajan took responsibility in Minneapolis day before yesterday.He joined ArcherGrey as Matrixone PLM Consultant. He is currently handling a for Possis medical Systems under ArcherGrey. I really don't know much in detail as he never reveals any info to me as his works are highly confidential. Anyway my best wishes to him.......He went along with his wife and kid for long term. I miss him a lot....
Wishes,
Bala
Manage Engine - SIEM Tool from AdventNet Inc
I received a mail yesterday from AdventNet Inc, asking for viewing their ManageEngine SIEM Tools. I am going to study that product in detail soon. I have a good glance and I'm quite interested in studying about the product. Letz see.....
Wishes,
Bala
Wishes,
Bala
Tuesday, August 21, 2007
Infrastructure Specialist - Path for Progress
This role is in great demand currently in the IT industry.
Reason:-
Increase in the Mergers & Acquisitions Rate(Magical word in the world of business making a zero or Average to HERO in very less time and vice-versa)
The world of IT business is all about 3 Cs
1)Conceptualization of viable business model by integrating different applications in single platform.
2)Converging multiple facets of business in a common platform.(Operation)
3)Collaboration with strong small identities to make the strong one, stronger.
IS Specialist (This is how they normally refer in the industry) is the one who know the Infrastructure part completely in various fields ranging from Networks, Network Security, Telecommunications, Sysadmin, Server/Desktop Hardware Support and Backup Operations with an experience of around 8-10 years.
All top consulting firms requires a large pool of these experts. Those who are in Infrastructure Services can cash-in the opportunity provided their skill-sets are matching.
This is more closely associated with Business Development and also acts as an entry card in Top Management Lobby.
In my next article, I am planning to take some case studies in my prespective like
i)How Oracle effectively integrated Metasol in to their business model
ii)How Netsol & ISS converged in to IBM like those…..
These will be quite interesting in the business dynamics perspective.Further this will make you to understand the process mapping with business model co-efficients and way forward thinking for enhanced customer satisfaction matrices and net profit.
Love,
Bala
Reason:-
Increase in the Mergers & Acquisitions Rate(Magical word in the world of business making a zero or Average to HERO in very less time and vice-versa)
The world of IT business is all about 3 Cs
1)Conceptualization of viable business model by integrating different applications in single platform.
2)Converging multiple facets of business in a common platform.(Operation)
3)Collaboration with strong small identities to make the strong one, stronger.
IS Specialist (This is how they normally refer in the industry) is the one who know the Infrastructure part completely in various fields ranging from Networks, Network Security, Telecommunications, Sysadmin, Server/Desktop Hardware Support and Backup Operations with an experience of around 8-10 years.
All top consulting firms requires a large pool of these experts. Those who are in Infrastructure Services can cash-in the opportunity provided their skill-sets are matching.
This is more closely associated with Business Development and also acts as an entry card in Top Management Lobby.
In my next article, I am planning to take some case studies in my prespective like
i)How Oracle effectively integrated Metasol in to their business model
ii)How Netsol & ISS converged in to IBM like those…..
These will be quite interesting in the business dynamics perspective.Further this will make you to understand the process mapping with business model co-efficients and way forward thinking for enhanced customer satisfaction matrices and net profit.
Love,
Bala
SIEM - A Closer Look
As committed, here is my article on SIEM (Security Information and Event Management).
SIEM is a software/firmware based solution for managing the finite set of multiple vendor network and network security devices with a common platform to analyze/store data in real-time/historical.
Based on the necessities and product availabilities, we can sort the SIEM in to following cases.
1)Collect and analyze all log data and basic event management.
2)Collect and analyze all log data with full-function event management.
3)Simple deployment and support.
4)Full-featured SIEM products designed to deliver a broad set of capabilities, including security operations center console functions for large, complex environments.
5)SIEM integrated with network behavior analysis.
6)User and access oriented-analysis.
7)SIEM products that are integrated with an incumbent vendor’s vulnerability management and systems management products.
I have listed few main vendors of SIEM Solutions.
1)EMC
2)Symantec
3)Arcsight
4)Netforensics
5)Cisco Systems
6)IBM
7)CA
8)Intellitactics
9)Q1 Labs
10)TriGeo
11)Loglogic
12)LogRhythm
13)NetIQ
Letz talk about businez…..
SIEM Market is undergoing a rapid transformation due to following four reasons;
1)The emergence of user and access monitoring as the primary customer problem to be solved.
2)Demand for the technology from a broader set of customers.
3)The availability of the technology from large vendors that also sell related products or services.
4)Regulatory implication for compliance and logs analysis.
Based on the above four demands, the SIEM vendors launch their software/firmware solutions which will fall-on any of the seven cases listed at the top.
Who are the market leaders and why ….?
1)Arc sight – Function-rich Enterprise Security Management paves way for large-scale deployments.
2)EMC (RSA) – Unique combination of SIM, SEM & log management function that is easy to deploy.
3)Symantec – For large-scale real-time management and compliance reporting with various data sources.
4)Log logic – Provides greater deal in Log Management solution with data-analysis and real-time alerting.
Dear Friends,
This article is just an introduction and basics. If you have any specific queries, pl feel free to send an email @ bala18679@gmail.com/+919940674141
Love,
Bala
SIEM is a software/firmware based solution for managing the finite set of multiple vendor network and network security devices with a common platform to analyze/store data in real-time/historical.
Based on the necessities and product availabilities, we can sort the SIEM in to following cases.
1)Collect and analyze all log data and basic event management.
2)Collect and analyze all log data with full-function event management.
3)Simple deployment and support.
4)Full-featured SIEM products designed to deliver a broad set of capabilities, including security operations center console functions for large, complex environments.
5)SIEM integrated with network behavior analysis.
6)User and access oriented-analysis.
7)SIEM products that are integrated with an incumbent vendor’s vulnerability management and systems management products.
I have listed few main vendors of SIEM Solutions.
1)EMC
2)Symantec
3)Arcsight
4)Netforensics
5)Cisco Systems
6)IBM
7)CA
8)Intellitactics
9)Q1 Labs
10)TriGeo
11)Loglogic
12)LogRhythm
13)NetIQ
Letz talk about businez…..
SIEM Market is undergoing a rapid transformation due to following four reasons;
1)The emergence of user and access monitoring as the primary customer problem to be solved.
2)Demand for the technology from a broader set of customers.
3)The availability of the technology from large vendors that also sell related products or services.
4)Regulatory implication for compliance and logs analysis.
Based on the above four demands, the SIEM vendors launch their software/firmware solutions which will fall-on any of the seven cases listed at the top.
Who are the market leaders and why ….?
1)Arc sight – Function-rich Enterprise Security Management paves way for large-scale deployments.
2)EMC (RSA) – Unique combination of SIM, SEM & log management function that is easy to deploy.
3)Symantec – For large-scale real-time management and compliance reporting with various data sources.
4)Log logic – Provides greater deal in Log Management solution with data-analysis and real-time alerting.
Dear Friends,
This article is just an introduction and basics. If you have any specific queries, pl feel free to send an email @ bala18679@gmail.com/+919940674141
Love,
Bala
Friday, August 10, 2007
Great Change in Life !
Dear friends,
Itz really a great change in my life.
What sort of controls these guys are having ?
Itz stupendeous. No other words.
hey, the cat is out of the bag. I will be in CIRT Team functioning as a Network forensic Analyst reporting to CIRT Manager in US.
Coolest Training with US Team in Detriot on Sep End and November in Singapore by SANS Forensic Center.
Great Learning plus value being first member of CIRT Team - Asia pacific...
CIRT Team holds a lot of Value here.
People look at me different if you say CIRT Team.
Mother's Grace....
hey ,
Yesterday night I took Reliance Netconnect for my Laptop. It will be activated from Monday and I opted for Post Paid.
So I will keep filling posts..... Stay tuned...
Love,
Bala
Itz really a great change in my life.
What sort of controls these guys are having ?
Itz stupendeous. No other words.
hey, the cat is out of the bag. I will be in CIRT Team functioning as a Network forensic Analyst reporting to CIRT Manager in US.
Coolest Training with US Team in Detriot on Sep End and November in Singapore by SANS Forensic Center.
Great Learning plus value being first member of CIRT Team - Asia pacific...
CIRT Team holds a lot of Value here.
People look at me different if you say CIRT Team.
Mother's Grace....
hey ,
Yesterday night I took Reliance Netconnect for my Laptop. It will be activated from Monday and I opted for Post Paid.
So I will keep filling posts..... Stay tuned...
Love,
Bala
Tuesday, August 7, 2007
My Last Day in Exchange !
Dear Friends,
First of all, I apologize for not coming out with my article in SIEM as committed. Its really hectic work schedule since last month with week ends tripping to Bangalore since my brother is leaving to US on longer term.
Sure with in a week, I will come with 2 articles as i thought already.
1> SIEM Basic analysis.
2> Skill-sets required for an Infrastructure Specialist.
In my second article, I wish to visualize what are the skill sets required to be an a Infrastructure Specialist for large companies like Gartner, NetApp, Matrix one, Dell, IBM etc; I personally feel the demand for quality ideas is going to be the key for these role which is what IT Senior Management People ask for. In nutshell, Infrastructure Specialist will be a person who will understand both Software lifecycle and its dependencies and map with respect to best infrastructure technology feasible for achieving the objective. These specialists are much more in demand as IT companies are in more towards mergers & acquisitions. These specialists will synergize the both parties’ infrastructure towards common objectives accomplishment.
Coming Back, It's really the most useful period i have spent in this firm which had given me exposure for horning my technical skills.
For a meanwhile, itz good bye from me.
Keep visiting me often and I will sincerely strive my best to make use of your time worthwhile.
Thanks.
Best Regards,
First of all, I apologize for not coming out with my article in SIEM as committed. Its really hectic work schedule since last month with week ends tripping to Bangalore since my brother is leaving to US on longer term.
Sure with in a week, I will come with 2 articles as i thought already.
1> SIEM Basic analysis.
2> Skill-sets required for an Infrastructure Specialist.
In my second article, I wish to visualize what are the skill sets required to be an a Infrastructure Specialist for large companies like Gartner, NetApp, Matrix one, Dell, IBM etc; I personally feel the demand for quality ideas is going to be the key for these role which is what IT Senior Management People ask for. In nutshell, Infrastructure Specialist will be a person who will understand both Software lifecycle and its dependencies and map with respect to best infrastructure technology feasible for achieving the objective. These specialists are much more in demand as IT companies are in more towards mergers & acquisitions. These specialists will synergize the both parties’ infrastructure towards common objectives accomplishment.
Coming Back, It's really the most useful period i have spent in this firm which had given me exposure for horning my technical skills.
For a meanwhile, itz good bye from me.
Keep visiting me often and I will sincerely strive my best to make use of your time worthwhile.
Thanks.
Best Regards,
Saturday, July 14, 2007
Major Changes in my life
Dear Friends,
Major events happened last week.
I got the best offer from MNC with a stuning work profile.
Incident Management, Information Security Audit & Forensic Analysis in CIRT Team responsible for forming Asia-Pacific Operations.
Moving from Financial Domain to Manufacturing Domain.
I will be moving to US for Forensic Training and also to Europe for interaction with European Team.
Probably I will be back in 2 months from Sep 2007.
You know, I am going to be relieved from current organisation on Aug 8, 2007 and will be joining New Firm on Aug 9,2007.
Meanwhile got an offer from TCS too for Network Security Admin.
Lets see ..... I just want now some clean peace of mind for my lifetime ambition of studying MBA in ISB, Hyderabad with specialization in Marketing and allied Finance or Corporate Law or International Business.
As promised, I will be back again tomorrow, with an introduction of SIM Tools and trends.
Till then,
Best Regards,
Bala
Major events happened last week.
I got the best offer from MNC with a stuning work profile.
Incident Management, Information Security Audit & Forensic Analysis in CIRT Team responsible for forming Asia-Pacific Operations.
Moving from Financial Domain to Manufacturing Domain.
I will be moving to US for Forensic Training and also to Europe for interaction with European Team.
Probably I will be back in 2 months from Sep 2007.
You know, I am going to be relieved from current organisation on Aug 8, 2007 and will be joining New Firm on Aug 9,2007.
Meanwhile got an offer from TCS too for Network Security Admin.
Lets see ..... I just want now some clean peace of mind for my lifetime ambition of studying MBA in ISB, Hyderabad with specialization in Marketing and allied Finance or Corporate Law or International Business.
As promised, I will be back again tomorrow, with an introduction of SIM Tools and trends.
Till then,
Best Regards,
Bala
Sunday, July 8, 2007
Network Forensics - An Introduction and Growth Prediction
Dear Friends,
As promised, Iam back with some intro details about Forensics.
Network forensics is the capture, recording and analysis of network events in order to discover the source of security attacks or other problem incidents.(The term, attributed to firewall expert Marcus Ranum, is borrowed from the legal and criminology fields where forensics pertains to the investigation of crimes.)
According to Simson Garfinkel, author of several books on security, network forensics systems can be one of two kinds:
"Catch-it-as-you-can" systems, in which all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage,usually involving a RAID system.
"Stop, look and listen" systems, in which each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires less storage but may require a faster processor to keep up with incoming traffic.
Both approaches require significant storage and the need for occasional erasing of old data to make room for new. The open source programs tcpdump and windump as well as a number of commercial programs can be used for data capture and analysis.
One concern with the "catch-it-as-you-can" approach is one of privacy since all packet information (including user data) is captured. Internet service providers (ISPs) are expressly forbidden by the Electronic Communications Privacy Act (ECPA) from eavesdropping or disclosing intercepted contents except with user permission, for limited operations monitoring, or under a court order. The U.S. FBI's Carnivore is a controversial example of a network forensics tool.
Network forensics products are sometimes known as Network Forensic Analysis Tools (NFATs).
Network forensics, a subdiscipline of digital forensics, deals with computer network data that has become evidence. Network forensics can be used to check an organization's networks for vulnerabilities and thus keep them secure, and it can be used in the context of traditional law enforcement and the court system.
We must anticipate that in the near future, network forensics will be a common component of trial cases. As a result, having credible standards for network forensics is vital to the continued speed and fairness of the judicial system.
In my next post, I am thinking of giving some details about Security Information and Event Management Tools.
Best Regards,
As promised, Iam back with some intro details about Forensics.
Network forensics is the capture, recording and analysis of network events in order to discover the source of security attacks or other problem incidents.(The term, attributed to firewall expert Marcus Ranum, is borrowed from the legal and criminology fields where forensics pertains to the investigation of crimes.)
According to Simson Garfinkel, author of several books on security, network forensics systems can be one of two kinds:
"Catch-it-as-you-can" systems, in which all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage,usually involving a RAID system.
"Stop, look and listen" systems, in which each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires less storage but may require a faster processor to keep up with incoming traffic.
Both approaches require significant storage and the need for occasional erasing of old data to make room for new. The open source programs tcpdump and windump as well as a number of commercial programs can be used for data capture and analysis.
One concern with the "catch-it-as-you-can" approach is one of privacy since all packet information (including user data) is captured. Internet service providers (ISPs) are expressly forbidden by the Electronic Communications Privacy Act (ECPA) from eavesdropping or disclosing intercepted contents except with user permission, for limited operations monitoring, or under a court order. The U.S. FBI's Carnivore is a controversial example of a network forensics tool.
Network forensics products are sometimes known as Network Forensic Analysis Tools (NFATs).
Network forensics, a subdiscipline of digital forensics, deals with computer network data that has become evidence. Network forensics can be used to check an organization's networks for vulnerabilities and thus keep them secure, and it can be used in the context of traditional law enforcement and the court system.
We must anticipate that in the near future, network forensics will be a common component of trial cases. As a result, having credible standards for network forensics is vital to the continued speed and fairness of the judicial system.
In my next post, I am thinking of giving some details about Security Information and Event Management Tools.
Best Regards,
Sunday, July 1, 2007
Security on Demand ...!
Dear Friends,
In the field of Internet and Network security, every moment is witnessing lots of changes, threats, attacks, viruses etc;
Many Organizations are deploying Defense in Depth Strategy where in which they secure their network not only at Perimeter but also take proper security measures in each and every tier till user desktops (End Point Security).
Precisely emphasis is given equally to address the internal threats from unhappy employees and malicious individuals.
Deployment of firewalls and IPS with proper configuration in the network plays a crucial role in blocking the unsolicited elements but analyzing the IPS and Firewall logs too plays the important role in understanding the threats it blocked and check any intentional attacks have been carried out in the network.
Security Analysts now predicting the new buzzword called Security on Demand –
What is really mean for us?
Just log a call for vulnerability Analysis and Penetration Testing.
You will be given a security analysis report of your network at your door step or thru mail. If you need to patch the vulnerabilities, experts will be available at your convenience and fix those same.
There are some major actions happened in the industry already proving this trend.
IBM acquired Noonan's ISS (Internet Security Systems) for $1.3 billion and storage giant EMC snapped up RSA Security for $2.1 billion.
Big Companies are started thinking of how costly it is to keep their security defenses up-to-date. There's a lot of benefit to the approach of automated software updates and not just installing fixes.
The whole industry is moving in this direction.
One more example ....
Vulnerability auction launches online
A group of security professionals launched this week what they hope will become the eBay of security research.
The Swiss-registered company, WSLabi, boasts that its online portal will allow researchers to sell vulnerabilities they have discovered to software companies and other interested parties through an open market. WSLabi plans to verify the identities and claims of both the buyer and seller. Already, four software flaws -- including a Linux memory leak and a flaw in Yahoo! Messenger 8.1 -- are listed on the site and more than 200 people have registered, according to the firm.
The security professionals launched the service to allow researchers to get a fair price for their discoveries and prevent exploits from being sold to cyber criminals, said CEO Herman Zampariolo.
More Details - http://www.securityfocus.com
Qualys has already started selling the vulnerability fixing on Demand.
I am very eagerly watching major changes in these areas.
My next writing will be in Forensics - Next Big fish to cash in.
Like 4 years ago, how security professionals cashed big amounts for configuring the firewall and IPS/IDS, now it will divert to Forensics ….
Big Organizations started feeling the importance of Forensics Analysts for handling various legal issues against their own employees, business partners etc; It is going to be the next big area play for Security Officials as now a days networking devices started integrating the firewall and IPS capability in one box itself.
Just be there after a break, I will be back with great ideas on this front.
Best Regards,
PN:- Pl feel free to post your comments so that we effectively discuss on various emerging areas in IT Security.
In the field of Internet and Network security, every moment is witnessing lots of changes, threats, attacks, viruses etc;
Many Organizations are deploying Defense in Depth Strategy where in which they secure their network not only at Perimeter but also take proper security measures in each and every tier till user desktops (End Point Security).
Precisely emphasis is given equally to address the internal threats from unhappy employees and malicious individuals.
Deployment of firewalls and IPS with proper configuration in the network plays a crucial role in blocking the unsolicited elements but analyzing the IPS and Firewall logs too plays the important role in understanding the threats it blocked and check any intentional attacks have been carried out in the network.
Security Analysts now predicting the new buzzword called Security on Demand –
What is really mean for us?
Just log a call for vulnerability Analysis and Penetration Testing.
You will be given a security analysis report of your network at your door step or thru mail. If you need to patch the vulnerabilities, experts will be available at your convenience and fix those same.
There are some major actions happened in the industry already proving this trend.
IBM acquired Noonan's ISS (Internet Security Systems) for $1.3 billion and storage giant EMC snapped up RSA Security for $2.1 billion.
Big Companies are started thinking of how costly it is to keep their security defenses up-to-date. There's a lot of benefit to the approach of automated software updates and not just installing fixes.
The whole industry is moving in this direction.
One more example ....
Vulnerability auction launches online
A group of security professionals launched this week what they hope will become the eBay of security research.
The Swiss-registered company, WSLabi, boasts that its online portal will allow researchers to sell vulnerabilities they have discovered to software companies and other interested parties through an open market. WSLabi plans to verify the identities and claims of both the buyer and seller. Already, four software flaws -- including a Linux memory leak and a flaw in Yahoo! Messenger 8.1 -- are listed on the site and more than 200 people have registered, according to the firm.
The security professionals launched the service to allow researchers to get a fair price for their discoveries and prevent exploits from being sold to cyber criminals, said CEO Herman Zampariolo.
More Details - http://www.securityfocus.com
Qualys has already started selling the vulnerability fixing on Demand.
I am very eagerly watching major changes in these areas.
My next writing will be in Forensics - Next Big fish to cash in.
Like 4 years ago, how security professionals cashed big amounts for configuring the firewall and IPS/IDS, now it will divert to Forensics ….
Big Organizations started feeling the importance of Forensics Analysts for handling various legal issues against their own employees, business partners etc; It is going to be the next big area play for Security Officials as now a days networking devices started integrating the firewall and IPS capability in one box itself.
Just be there after a break, I will be back with great ideas on this front.
Best Regards,
PN:- Pl feel free to post your comments so that we effectively discuss on various emerging areas in IT Security.
Thursday, June 28, 2007
Interesting trends in IT Security
Dear Friends,
Welcome Back. Lots of update in work.
New industry buzzword - Security on Demand ....?
Will Security be available like Bandwidth on Demand today?
Seems interesting ..... answer is Yes !
Meanwhile I will take a break now and come back with more details on this topic ....
Best Regards,
Welcome Back. Lots of update in work.
New industry buzzword - Security on Demand ....?
Will Security be available like Bandwidth on Demand today?
Seems interesting ..... answer is Yes !
Meanwhile I will take a break now and come back with more details on this topic ....
Best Regards,
Sunday, June 24, 2007
Monday I love the most !
Hai,
Wishes Again! Tomorrow is Monday.
You know, I like monday the most due to the challenges it gives !
More work which I love always !
Seems workholic right ..... Yes Iam ..
Tomorrow, I need to co-ordinate with my HO in Mumbai for Passive Cabling Details(Gigabit LAN Migration in Datacenter).
Have to sit with Israel Engineer for RFT Installation out here. Very Interesting..
This time I wish to share with you all one thing !
That is my life mentors whom I adore !
1) My Brother - Baskar Natarajan - (Stupendous Thinker and Great Achiever)
2) Narayan Neelakantan - My last Birth's Brother Probably - (Extra Ordinary Intelligence and at the sametime Down-to-Earth)
There are so many other great souls who helped in my all walks of my life but these 2 persons finetuned me like anything. I really thank God having these two in my life.
Nevertheless I remember everyone now....Thanks to all
Meet you soon friend !
Best Regards,
Wishes Again! Tomorrow is Monday.
You know, I like monday the most due to the challenges it gives !
More work which I love always !
Seems workholic right ..... Yes Iam ..
Tomorrow, I need to co-ordinate with my HO in Mumbai for Passive Cabling Details(Gigabit LAN Migration in Datacenter).
Have to sit with Israel Engineer for RFT Installation out here. Very Interesting..
This time I wish to share with you all one thing !
That is my life mentors whom I adore !
1) My Brother - Baskar Natarajan - (Stupendous Thinker and Great Achiever)
2) Narayan Neelakantan - My last Birth's Brother Probably - (Extra Ordinary Intelligence and at the sametime Down-to-Earth)
There are so many other great souls who helped in my all walks of my life but these 2 persons finetuned me like anything. I really thank God having these two in my life.
Nevertheless I remember everyone now....Thanks to all
Meet you soon friend !
Best Regards,
In Chennai
Hai,
Back in Chennai after almost 4 years. Started feeling the real charm of chennai air near mylapore kapaleshwar temple....
Staying in a small apartment with a blissful meals every time at Hotel Sangeetha.
Wow! What more a person need ?
No ! Yup ! Wait .... I am truly like this stereo typic Tamil Brahmin hails from Thanjavur District but wish to create a world class organization better than McKinsey, PWC, E & Y, CapGemini ...down the line 5 years from now.
Don't know whether I will succeed or not with in 5 years but Iam sure," Iam going to make it one day."
Working in semi-government organization currently, just got a transfer to chennai for upgrading the BCP-DR.
Folks .....Iam going to have a great time out here.
Do visit me regularly .... Iam sure I will give you something always interesting.
Best Regards,
Back in Chennai after almost 4 years. Started feeling the real charm of chennai air near mylapore kapaleshwar temple....
Staying in a small apartment with a blissful meals every time at Hotel Sangeetha.
Wow! What more a person need ?
No ! Yup ! Wait .... I am truly like this stereo typic Tamil Brahmin hails from Thanjavur District but wish to create a world class organization better than McKinsey, PWC, E & Y, CapGemini ...down the line 5 years from now.
Don't know whether I will succeed or not with in 5 years but Iam sure," Iam going to make it one day."
Working in semi-government organization currently, just got a transfer to chennai for upgrading the BCP-DR.
Folks .....Iam going to have a great time out here.
Do visit me regularly .... Iam sure I will give you something always interesting.
Best Regards,
Subscribe to:
Posts (Atom)