Never Ending Security

It starts all here

Tag Archives: SANS

SANS Digital Forensics Webcasts

SANS Cyber Defense Summit Archives and Whitepapers

Cyber Defense Summit 2014

SANS Cyber Defense Whitepapers

White Papers are an excellent source for information gathering, problem-solving and learning. Below is a list of White Papers written by cyber defense practitioners seeking GSEC, GCED, and GISP Gold. SANS attempts to ensure the accuracy of information, but papers are published “as is”.

Errors or inconsistencies may exist or may be introduced over time. If you suspect a serious error, please contact

Featured Papers

Title Author Cert
Minimizing Damage From J.P. Morgan’s Data Breach Allen Jeng GSEC
The Role of Static Analysis in Heartbleed Jeff Sass GSEC
The Best Defenses Against Zero-day Exploits for Various-sized Organizations David Hammarberg GSEC
Denial of Service Deterrence Ryan Sepe GSEC
Case Study: Critical Controls that Could Have Prevented Target Breach Teri Radichel GSEC
Botnet Tracking Tools Pierce Gibbs GSEC
SAMHAIN: Host Based Intrusion Detection via File Integrity Monitoring Martinus Nel GSEC
Implementing Public Key Infrastructure (PKI) Using Microsoft Windows Server 2012 Certificate Services Michael Naish GSEC
Agile defensive perimiters: forming the security test regression pack Michael Hendrik Matthee GSEC
An Early Malware Detection, Correlation, and Incident Response System with Case Studies Yaser Mansour GCIA
Home Field Advantage – Using Indicators of Compromise to Hunt down the Advanced Persistent Threat Matthew Toussain GSEC
Implementation and use of DNS RPZ in malware and phishing defence Alex Lomas GSEC
Securing Static Vulnerable Devices Chris Farrell GSEC
HTTP header heuristics for malware detection Tobias Lewis GCIA
Straddling the Next Frontier Part 1: Quantum Computing Primer Eric Jodoin GCIA
SOHO Remote Access VPN. Easy as Pie, Raspberry Pi… Eric Jodoin GSEC
NetFlow Collection and Analysis Using NFCAPD, Python, and Splunk David Mashburn GCIA
Using Watermarks to Prevent Leaks Allison Nixon GCIA
Analyzing Network Traffic with Basic Linux Tools Travis Green GCIA
The Spy with a License to Kill Matthew Hosburgh GSEC
Leveraging the SCADA Cloud for Fun and Profit Matthew Hosburgh GCIA
Implementing Active Defense Systems on Private Networks Josh Johnson GCIA
Finding Evil in the Whitelist Josh Johnson GSEC
Password Security– Thirty-Five Years Later George Khalil GSEC
Open Source IDS High Performance Shootout George Khalil GCIA
Systems Engineering: Required for Cost-Effective Development of Secure Products Dan Lyon GSEC
Predicting Control Attributes With Bayesian Networks Dan Lyon GCIA
Predicting Control Attributes With Bayesian Networks Dan Lyon GCIA
Rootkit Detection with OSSEC Sally Vandeven GCIA
SSL/TLS: What’s under the Hood Sally Vandeven GSEC
Web Application Attack Analysis Using Bro IDS Ganesh Kumar Varadarajan GCIA
Analyzing Polycom Video Conference Traffic Chris Cain GCIA
Controlling Vendor Access for Small Businesses Chris Cain GSEC
Intrusion Analysis Using Windows PowerShell Mike Weeks GCIA
Application White-listing with Bit9 Parity Mike Weeks GSEC
A No-Budget Approach to Malware Containment Paul Ackerman GSEC
Using the Department of Defense Architecture Framework to Develop Security Requirements James Richards GSEC
A Complete Guide on IPv6 Attack and Defense Atik Pilihanto GSEC
Discovering Security Events of Interest Using Splunk Carrie Roberts GSEC
A Hands-on XML External Entity Vulnerability Training Module Carrie Roberts GCIA
Cloud Computing – Maze in the Haze Godha Iyengar GSEC
Inside Mac Security Ben Knowles GSEC
Security Implications of iOS Kiel Wadner GSEC
60 Seconds on the Wire: A Look at Malicious Traffic Kiel Wadner GCIA
Faster than a speeding bullet: Geolocation data and account misuse Tim Collyer GCIA
Airwatch MDM and Android: a policy and technical review Tim Collyer GSEC
Skype and Data Exfiltration Kenneth Hartman GSEC
What Every Tech Startup Should Know About Security, Privacy, and Compliance Kenneth Hartman GCCC
Using Decision Tree Analysis for Intrusion Detection: A How-To Guide Jeff Markey GCIA
Custom Full Packet Capture System Derek Banks GSEC
Reducing Organizational Risk Through Virtual Patching Joseph Faust GSEC
Validating Security Configurations and Detecting Backdoors in New Network Devices Christoph Eckstein GSEC
OS fingerprinting with IPv6 Christoph Eckstein GCIA
Endpoint Security Through Application Streaming Adam Walter GISP
Phishing Detection and Remediation Rich Graves GSEC
Using SSL to Secure LDAP Traffic to Microsoft Domain Controllers Andrew Reid GSEC
Log2Pcap Joaquin Moreno GCIA
Security Analytics: having fun with Splunk and a packet capture file pcap Alexandre Teixeira GCIA
Point of Sale (POS) Systems and Security Wesley Whitteker GSEC
Creating a Bastioned Centralized Audit Server with GroundWork Open Source Log Monitoring for Event Signatures Christopher Duffy GSEC
Beating the IPS Michael Dyrmose GCIA
Covert Channels Erik Couture GCIA
USB – Ubiquitous Security Backdoor Erik Couture GSEC
Implementing a PC Hardware Configuration (BIOS) Baseline David Fletcher GSEC
Comparative Risk Analysis Between GPON Optical LAN and Traditional LAN Technologies Jason Young GSEC
Beyond the cookie: Using network traffic characteristics to enhance confidence in user identity Courtney Imbert GCIA
Daisy Chain Authentication Courtney Imbert GSEC
Data Charging Bypass: How your IDS can help Hassan Mourad GCIA
Sleeping Your Way out of the Sandbox Hassan Mourad GSEC
Security Best Practices for IT Project Managers Michelle Pruitt GSEC
Security Best Practices for IT Project Managers Michelle Pruitt GSEC
An Analysis of the Snort Data Acquisition Modules Christopher Murphy GCIA
Mitigating Insider Sabotage Joseph Garcia GSEC
Building an Application Vulnerability Management Program Jason Pubal GSEC
Web Application Firewalls Jason Pubal GCIA
Snort 3.0 Beta 3 for Analysts Doug Burks GCIA
Testing Application Identification Features of Firewalls William McGlasson GCIA
Check Point Firewall Log Analysis In-Depth Mark Stingley GCIA
Using and Configuring Security Onion to detect and prevent Web Application Attacks Ashley Deuble GCIA
Enhancing Intrusion Analysis through Data Visualization Wylie Shanks GCIA
Building and Managing a PKI Solution for Small and Medium Size Business Wylie Shanks GSEC
The Security Onion Cloud Client Network Security Monitoring for the Cloud Joshua Brower GCIA
Securely Integrating iOS Devices into the Business Environment Joshua Brower GSEC
A Practical Big Data Kill Chain Framework Brian Nafziger GSEC
What’s Running on Your Network? Francois Begin GCIA
BYOB: Build Your Own Botnet Francois Begin GSEC
Remotely Accessing Sensitive Resources Jason Ragland GSEC
An Open Source Layer 2 Switch Jim Wilson GSEC
Online Backup: Worth the Risk? Stephen Strom GSEC
An Introduction To Securing a Cloud Environment Todd Steiner GSEC
Check Point firewalls – rulebase cleanup and performance tuning Barry Anderson GSEC
Social Engineering: Manipulating the Source Jared Kee GCIA
Logging and Monitoring to Detect Network Intrusions and Compliance Violations in the Environment Sunil Gupta GCIA
Profiling Hackers Larisa Long GSEC
Spoofing: An Overview of Some Current Spoofing Threats Neil Riser GSEC
Using Web Application Firewall to detect and block common web application attacks Issac Kim GCIA
Vulnerabilities In TCP And UDP Ports Robert Davis GSEC
The Importance of Security Awareness Training Cindy Brodie GSEC
Defense in Depth: An Impractical Strategy for a Cyber World Prescott Small GSEC
An Analysis of Gameover Zeus Network Traffic Daryl Ashley GCIA
Setting up Splunk for Event Correlation in Your Home Lab Aron Warren GCIA
Diskless Cluster Computing: Security Benefit of oneSIS and Git Aron Warren GSEC
Catching Phishers with Honey-Mail Dennis Dragos GSEC
Smart IDS — Hybrid LaBrea Tarpit Cristian Ruvalcaba GCIA
Incident Handler’s Handbook Patrick Kral GSEC
Business Continuity On A Stick Patrick Kral GSEC
Implementing IEEE 802.1x for Wired Networks Johan Loos GCWN
Protect Critical Infrastructure Systems With Whitelisting Dwight Anderson GSEC
Implementing a Vulnerability Management Process Tom Palmaers GSEC
VoIP Security Vulnerabilities David Persky GCIA
Documentation is to Incident Response as an Air Tank is to Scuba Diving Chet Langin GSEC
Designing and Implementing a Honeypot for a SCADA Network Charles Scott GCIA
Auditing and Securing Multifunction Devices Charles Scott GSEC
Wireshark: A Guide to Color My Packets Roy Cheok GCIA
Host-Based Detection and Data Loss Prevention Using Open Source Tools Chris Hoke GCIA
Detecting and Preventing Rogue Devices on the Network Ibrahim Halil Saruhan GCIA
Open Source Host Based Intrusion Detections System (OHIDS) Tom Webb GCIA
An Architecture for Implementing Enterprise Multifactor Authentication with Open Source Tools Tom Webb GSEC
VPNScan: Extending the Audit and Compliance Perimeter Robert Vandenbrink GSEC
IOSMap: TCP and UDP Port Scanning on Cisco IOS Platforms Robert Vandenbrink GCIA
Defense in Depth: Employing a Layered Approach for Protecting Federal Government Information Systems Stacy Jordan GSEC
Building Servers as Appliances for Improved Security Algis Kibirkstis GSEC
The Afterglow effect and Peer 2 Peer networks Jerome Radcliffe GCIA
Log Management SIMetry: A Step by Step Guide to Selecting the Correct Solution Jim Beechey GSEC
SIEM Based Intrusion Detection with Q1Labs Qradar Jim Beechey GCIA
A Practical Social Media Incident Runbook Trenton Bond GSEC
Visualizing Firewall Log Data to Detect Security Trenton Bond GCIA
Protecting Laptop Computers Greg Hill GSEC
Laptop Security: Windows® Vista vs. XP Greg Hill GSEC
Transparent (Layer 2) Firewalls: A look at 2 Vendor Offerings: Juniper and Cisco Matt Austin GPPA
Using rsync to centralize backups in small to medium-sized networks Jeff Lake GSEC
Applying Information Security and Privacy Principles to Governance, Risk Management & Compliance Scott Giordano GSEC
Intrusion Detection & Response Leveraging Next Generation Firewall Technology Ahmed Abdel-Aziz GCIA
Windows 2000 Monitoring from Windows NT in a Workgroup Frank Vianzon GCWN
Visual Baselines – Maximizing Economies of Scale Using Round Robin Databases Kirsten Hook GCIA
Preparing to face new vulnerabilities Jacelyn Faucher GSEC
A Practical Application of Background Investigations for Small Company Security Perimeters Timothy Cook GSEC
Successful SIEM and Log Management Strategies for Audit and Compliance David Swift GCIA
Monitoring Network Traffic for Android Devices Angel Alonso-Parrizas GCIA
Firewall Analysis and Operation Methods Kim Cary GPPA
Detecting DNS Tunneling Greg Farnham GCIA
Malware Analysis: An Introduction Dennis Distler GSEC
Performing Egress Filtering Dennis Distler GPPA
Wireless Attacks from an Intrusion Detection Perspective Gary Deckerd GCIA
A Virtually Secure Browser Seth Misenar GSEC
Corporate Identity Fraud: Life-Cycle Management of Corporate Identity Assets Bryan Fite GSEC
Simulating Cyber Operations: A Cyber Security Training Framework Bryan Fite GSEC
Integrating Wired and Wireless IDS Data Michael Stanton GCIA
Passive Application Mapping Benjamin Small GCIA
Corporate vs. Product Security Philip Watson GSEC
The User Agent Field: Analyzing and Detecting the Abnormal or Malicious in your Organization Darren Manners GCIA
A Framework to Collect Security Events for Intrusion Analysis Jim Chrisos GCIA
Trends in Bot Net Command and Control Will Longman GSEC
Risks and Rewards of Instant Messaging in the Banking Sector Nicholas Rose GSEC
Requirements For Record Keeping and Document Destruction in a Digital World Craig Wright GSEC
A comparative study of attacks against Corporate IIS and Apache Web Servers Craig Wright GPPA
Implementing a Secure Wireless Network for a Windows Environment Dan Thompson GCWN
A Small Business No Budget Implementation of the SANS 20 Security Controls Russell Eubanks GCIA
Application Firewalls: Don’t Forget About Layer 7 Russell Eubanks GSEC
Something Phishy: How to Avoid Being Caught in the Net of Specialized Spam Karen Friend GSEC
GIAC GCFW Assignment – Pass Arthur Lee GPPA
Visa’s 3-D Secure™:Secure Online Payment Authentication Dominique Singer GSEC
Securing the GPRS Network Infrastructure – a Network Operator&#039s Perspective Jonathan Sau GSEC
How to Avoid Inofrmation Disclosure when Managing Windows with WMI Alex Timkov GSEC
An Introduction to Metasploit Project for the Penetration Tester Brandon Greenwood GSEC
Tuning an IDS/IPS From The Ground UP Brandon Greenwood GCIA
Network Security: Layering a 3R Solution @ the Perimeter Larry Copeland GSEC
Securing Windows Service Accounts Gerald Rice GSEC
Security for Critical Infrastructure SCADA Systems Andrew Hildick-Smith GSEC
Apache modules for rapid mitigation of security threats Stephanie Sullivan GSEC
Deploying Nagios Monitoring Services on Secured Red Hat Enterprise Linux 3 Environment Alexey Rogozhkin GCUX
Phishing for Banks: A Timely Analysis on Identity Theft & Fraud in the Financial Sector Tony UcedaVelez GSEC
Securing a virtual fortune cookie saying business in the wired and wireless world Klaus Wagner GPPA
How to Configuring Local Logging on Solaris 8 and Use Symantec Intruder Alert for Centralized Logging Nolan Haisler GSEC
An Overview of the Wireless Intrusion Detection System Oliver Poblete GSEC
Cyberstalking: A Modern Dilemma Shelli Richard GSEC
GIAC GCIA Assignment – Pass Chris Sia GCIA
Pass – English Version Marco Brando GCIA
GIAC GCIA Assignment – Pass Jax Gough GCIA
GIAC GCFW Assignment – Pass Mike Jensen GPPA
GIAC GCIA Assignment – Pass Kenneth Foster GCIA
A Guide to Discovering Web Application Insecurities, Before Attackers Do Don Williams GSEC
Measuring effectiveness in Information Security Controls Manuel Humberto Santander Pelaez GSEC
GIAC GCIA Assignment – Pass Manuel Humberto Santander Pelaez GCIA
Case Study: The Get Connected CD David Greenberg GSEC
Secure remote access using a Juniper SSL VPN Graham Belton GSEC
GIAC GCIA Assignment – Pass Adam Kliarsky GCIA
GIAC GCIA Assignment – Pass Kevin Holestine GCIA
Hardening Oracle in a Linux (Unix) Environment Robert Persick GSEC
EnterpriseOne Security Solution for Real Estate Management Ruben A. Amely-Velez GSEC
GIAC GCFW Assignment – Pass Robert McKinney GPPA
Indelicate Balance: The Challenge of Content Filtering Systems in a Litigious Society Grant Streeter GSEC
GIAC GCIA Assignment – Pass Steven Wimmer GCIA
Incident Management 101: Preparation & Initial Response (aka Identification) Robin Dickerson GSEC
Taking control of your Internet email using Sendmail and Mimedefang. Matthew Schumacher GSEC
Risk Assessment of Social Media Robert Shullich GSEC
Minimizing the effects of infected PCs on a Network Sean Sheil GSEC
Voice Over Internet Protocol (VoIP) and Security Greg Tucker GSEC
GIAC GCIA Assignment – Pass Andrew Magnusson GCIA
An Overview of 802.11 Wireless Network Security Standards & Mechanisms Luis Carlos Wong Or GSEC
Information Systems Security Architecture: A Novel Approach to Layered Protection George Farah GSEC
Identity Theft:What you need to know Krzysztof Biernacki GSEC
A primer for PC secured configuration compliance monitoring solution Efi Kaufman GSEC
But I have a firewall, my network’s secure! Derran Guinan GSEC
Understanding Oracle Auditing Wayne Reeser GSEC
IT Security Awareness Best Practices James Neidich GSEC
Case Study: Secure Application Deployment Utilizing Terminal Server and VPN Clients Greg Croteau GSEC
GIAC GCIA Assignment – Pass Alexander Schinner GCIA
.Securing the Cisco Aironet 1200 Access Point. Jeffrey Turner GSEC
GIAC GCFW Assignment – Pass Craig Howell GPPA
Thumb Drive Threats and Countermeasures in a Mircosoft Windows Environment Mark Baggett GSEC
IP Fragment Reassembly with Scapy Mark Baggett GCIA
Configuring a Cisco PIX to use TACACS+ for authentication of a remote user VPN Charles Brodsky GSEC
Track 3 – Intrusion Detection In-Depth GIAC Certified Intrusion Analyst (GCIA) Practical Assignment Version 4.0 Jan Stodola GCIA
Securing Wireless Networks Brett Thorne GSEC
Creating A Secure Linux Logging System Nathaniel Hall GSEC
GIAC GCFW Assignment – Pass John Swartzendruber GPPA
Building a Secure Solaris 9 JumpStart Server Bayly Eley GCUX
Setting up a Secure Mail Server with HP-UX 11i v1, Qmail and Qpopper Patrick Wallek GCUX
Secure Data. Is there Such a Thing? Sheetal Sood GSEC
Steganography in the Corporate Environment Joann Kennedy GSEC
Assessment of the Blackberry Enterprise Solution Robin Killeen GSEC
3DES and Secure PIN-based Electronic Transaction Processing Michael Buegler GSEC
Information Operations: An Orchestra of Protection John Petropoulos GSEC
Implementing a Secure WebDAV System Richard Ross GSEC
Evil Through the Lens of Web Logs Russ McRee GCIA
SMaK Russ McRee GSEC
Voice over Internet Protocol: A Discussion on How to Securely Implement on an Existing Data Network Kevin Larson GSEC
Look who.s listenin Richard Sillito GSEC
Utilizing Static Packet Filters to Enhance Network Security Scott Foster GSEC
Meeting the challenges of automated patch management John Walther GSEC
CARP: The Free Fail-over Protocol Pieter Danhieux GSEC
Using the FEMA Incident Command System to manage Computer Security Incidents Chuck Morris GSEC
Did You Get My Email? Ray Ellington GSEC
GIAC GCIA Assignment – Pass Josh Berry GCIA
Monitoring the vital signs of a network with Multi Router Traffic Grapher (MRTG) Peter Chow GSEC
Surfing the Web Anonymously – The Good and Evil of the Anonymizer Peter Chow GSEC
Information Security.s Unlikely Advocae Matt Sorensen GSEC
Maintaining a secure network Robert Droppleman GSEC
Vulnerability Assessment Homyar Naterwala GSEC
Building an Enterprise Ready, Client based VPN Solution. Kurt Anderson GSEC
Challenges Associated with Windows 2000Group Policy Object (GPO) Management Henry Kiiskinen GSEC
Building a Secure Sun JumpStart Environment Using the Solaris Security Toolkit, Step-by-Step Mahrlon Willis GCUX
Automation of Secure Debian/GNU Linux Installations withFully Automatic Installation Mathew Chrystal GSEC
Are SSL VPNs Ready for the Mainstream? Michael Jackson GSEC
GIAC GCIA Assignment – Pass Blaine Hein GCIA
Case for an Intrusion Detection System on the RFInterface of GPRS/EDGE Vanessa Pegueros GSEC
An Introduction to the Computer Security Incident Response Tom Campbell GSEC
Preparation@Incident Dan Widger GSEC
Web SSL Authentication Using Client X.509 Digital Certificates Artem Kazantsev GSEC
A Case Study: Removing Server Based Trust Relationships Keith Gaughan GSEC
Detecting Spam with Genetic Regular Expressions Eric Conrad GCIA
A Non-technical Perspective: Authentication – AKA: The Idiot’s Guide to Passwords Matt Galin GSEC
GIAC GCFW Assignment – Pass Dan Lazarakis GPPA
The “Great Firewall” of China: A Real National Strategy to Secure Cyberspace? Carolyn Pearson GSEC
Managing Sophos Anti-Virus on a College Network Steven Blanc GSEC
iPad Security Settings And Risk Review For iOS 4.X Jim Horwath GSEC
Setting Up a Database Security Logging and Monitoring Program Jim Horwath GCIA
Building a Cost Effective Enterprise-Wide Monitoring Solution Using Big Brother Jim Horwath GCUX
Wireless Security: The Draft IEEE 802.11i Standard Greg Nowicki GSEC
GIAC GCIA Assignment – Pass Ben Allen GCIA
Active Directory, Group Policy And Auditingsystem Design For Merged Windows 2000 Multiforest Environment Tomislav Herceg GCWN
GIAC GCIA Assignment – Pass Bobby Noell GCIA
Meeting FISMA Requirements for Systems Constructing a System Security Plan Daniel Nagy GSEC
Practical demonstration of 802.11 wireless network system risk for non-technical business managers Marie Fromm GSEC
How to Effectively Launch and Maintain Security Policies Vincent Fitzpatrick GSEC
GIAC GCIA Assignment – Pass Hitendra Patel GCIA
Design and Deployment of a Rapid Response Security Vulnerability Scanning Infrastructure Eliot Lim GSEC
Novell NetWare 6 Security Baseline Configuration John Saley GSEC
GIAC GCIA Assignment – Pass Scott Renna GCIA
Network Security- A Guide for Small and Mid-sized Businesses Jim Hietala GSEC
Securing the Employees in a HIPAA-Regulated Environment Brian LaPointe GSEC
Securely Operating Windows Terminal Services/Remote Desktop Multiplatform Environment Keith Lawson GSEC
Using a Custom LiveCD and Firewall Builder to Provide Enterprise Level Security on a Budget Jim Gadrow GSEC
Netfilter and IPTables – A Structural Examination Alan Jones GSEC
Case Study – Assessing the Impact of Unsolicited Commercial E-mail in a Large Corporation Joseph Mccomb GSEC
CA-ACF2 User Account Cleanup Scott Meyer GSEC
The Art of Web Filtering Robert Alvey GSEC
GIAC GCFW Assignment – Pass John Holbrook GPPA
Step by Step Installation of a Secure Linux Web, DNS and Mail Server John Holbrook GSEC
GIAC GCFW Assignment – Pass Tom Jozwiak GPPA
Buffer Overflows and Application Security Craig Sheppard GSEC
Information Security Gets a Seat at the Table Kent Nabors GSEC
Security Best Practice – Novell NetWare 6.5 Remote Management Utilities Adam Schieman GSEC
California’sNotice of Security Breach’s What’s it all About and What it Means to You Vicki Harris GSEC
A Policy to Prevent Outsider Attacks on the Local Network Clarissa Evans Brown GSEC
Securing a NetWare 6.5 Installation and Server Environment Robert Clarke GSEC
Basic Lindows Security Andrew Bernoth GSEC
GIAC GCIA Assignment – Pass Vance Victorino GCIA
Base64 Can Get You Pwned Kevin Fiscus GCIA
A Survey of IT Offshoring Kelly Gieg GSEC
Department of Defense Public Key Infrastructure Sandra Felton GSEC
Audit Of The GIAC Enterprises Production Web And Database Servers Richard Allen Stone GCUX
Security Analysis Of GIAC Enterprises FTP Gateway Ivar Aarsnes GCUX
Securing Sensitive Data in a Research Environment: A Case Study Tim Van Acker GSEC
Row Level Security in Oracle Databases with Virtual Private Database and Label Security Steve Enevold GSEC
Wireless Security Dispelling Myths Eric Smith GSEC
GIAC GCIA Assignment – Pass David Lewis GCIA
Detachable Data Compartmentalization: Layered Defense for Laptop Data Using USB Keychain Hard Drives as Detachable Data Compartmentalization Modules John Pritchard GSEC
GIAC GCFW Assignment – Pass Tim Lewis GPPA
Case Study in Implementing AAA Servers Using TACACS+ Steve Ingram GSEC
Disaster Recovery in Healthcare Organizations: The Impact of HIPAA Security James Murphy GSEC
How do you like your Internal Security? Hard-Boiled or Scrambled? A Case Study of Hardening Interior Security Jennifer Gruener GSEC
Case Study: Improving Security in Corporate (SMTP) E-Mail Delivery Brian Sommers GSEC
Network Security Blueprint Steve Clancy GSEC
Passed Maxwell Chi GSEC
Security Policy and Social Media Use Maxwell Chi GSEC
Cyberspace: America’s New Battleground Maxwell Chi GSEC
Skimming and Its Side Effects Nobie Cleaver GSEC
Highly Available PCs First Step in Business Continuity for Executives Joseph Fraher GSEC
Distributed Vulnerability Assessment with Nessus Faiz Ahmad Shuja GSEC
GIAC GCIA Assignment – Pass Bent Mathiesen GCIA
GIAC GCIA Assignment – Pass Eric Evans GCIA
GIAC GCFW Assignment – Pass Chris Reining GPPA
GIAC GCIA Assignment – Pass Chris Reining GCIA
GIAC GCIA Assignment – Pass Geoffrey Sanders GCIA
When Business Need Justifies Leaving RPC Services Enabled Bertha Marasky GCUX
A practical guide to OpenSSH Olivier De Lampugnani GSEC
Implementing a Windows 2003 PKI from an Existing Windows 2000 Network Norman Christopher-Knight GCWN
Managing Security with Group Policy and the Windows Server 2003 Group Policy Management Console Norman Christopher-Knight GSEC
Implementing and Configuring IPv6 in Windows 2003 and XP SP1 Keith H Irby GSEC
Authentication – The simple things in life cannot be forgotten Simon Clarke GSEC
GIAC GCFW Assignment – Pass Richard Park GPPA
Securing A Wireless LAN: A Case Study Richard Park GSEC
Instant Messaging technology for the business market. Do the advantages outweigh the risks? Phuong Nguyen GSEC
Security Concerns in Using Open Source Software for Enterprise Requirements SreenivasaRao Vadalasetty GSEC
Consumer Oriented Security Information: Common threats on the Internet and how to avoid them Dave Cadrette GSEC
Rapid Tactical Reconnaissance Techniques for Extremely Large-Scale, Dynamic Enterprise Networks Jonathan Ham GSEC
Secure Server Policies and Procedures for Novell NetWare Compliance Dale Daugherty GSEC
Auditor’s Report – GIAC University – Solaris MTA Security Audit Susan Hanna GCUX
Linux Kernel Hardening Taylor Merry GSEC
Securing the Network in a K-12 Public School Environment Russ Penner GSEC
Smartcards: One stop shop? Deploying smartcards Tyler Tobin GSEC
GIAC GCFW Assignment – Pass Miles Parkin GPPA
Evading Network Security Devices Utilizing Secure Shell Wesley Brown GSEC
GIAC GCFW Assignment – Pass Mike Mahurin GPPA
Novell Small Business Suite Security Recommendations Scott Stone GSEC
Information Assurance Ramifications of Using OpenSSL in the Department of Defense Computing Environment Joel Kirch GSEC
Daily Processes for Maintaining a Secure Windows Environment Larry Arant GSEC
Wanted Dead or Alive: Snort Intrusion Detection System Mark Eanes GSEC
Role-Based Access Control: The NIST Solution Hazen Weber GSEC
Case Study: Implementing a Secure Wireless Network using WPA Randy Hensel GSEC
GIAC GCFW Assignment – Pass Eu Jin Justin Ng GPPA
GIAC GCIA Assignment – Pass Johnny Wong GCIA
Slamming the door on the Slammer worm Matthew Boykin GSEC
Architecting, Designing and Building a Secure Information Technology Infrastructure, a case study John Johnston GSEC
The Third Element (The rise of the NEO hacker) Jayson Street GSEC
Viral Polymorphism Stephen Pearce GSEC
GIAC GCFW Assignment – Pass Roberto Obialero GPPA
GIAC GCFW Assignment – Pass Bee Seah Li GPPA
Configuring Watchguard Proxies: A Guideline to Supplementing Virus Protection and Policy Enforcement Alan Mercer GSEC
Obstacles to – And Workarounds For – Deploying Secure Systems Craig Cox GSEC
An Introduction to SELinux for Administrators Jeff Pike GCUX
Auditing-In-Depth For Solaris Jeff Pike GSEC
GIAC GCIA Assignment – Pass Joe Bowling GCIA
Linux kernel rootkits: protecting the systems Ring-Zero Raul Siles GCUX
Security Elements of IIS 6.0 Anthony DeVoto GSEC
GIAC GCIA Assignment – Pass Joanne Schell GCIA
GIAC GCFW Assignment – Pass Robert Winding GPPA
Information Security Managing Risk with Defense in Depth Ken Straub GSEC
Wireless Security: Past, Present and Future Keith Morris GSEC
Brush up on Bluetooth Jeffrey Hall GSEC
Examining the RPC DCOM Vulnerability: Developing a Vulnerability-Exploit Cycle Kevin O’Shea GSEC
GIAC GCIA Assignment – Pass David Perez GCIA
Encrypting Mail in a Windows Network David Perez GCWN
Deploying Honeypots and the Security Architecture of a Fictitious Company David Perez GPPA
Logging and Reporting : A view from the top Rick Hislop GSEC
Building a Secure Backup Server for theSolaris 9 Operating Environment Shaun McAdams GCUX
SSH (Secure Shell) Authentication Methods and Security Control Robert Decker III GSEC
A Comparison of 3rd Party Anti-Spyware Tools for a Business Environment Richard Snow GCWN
Case Study: Spam Blocking, Content Filtering, Virus Scanning and Attachment Blocking in a Novell GroupWise Environment With Guinevere, SpamAssassin and Symantec (Norton) Anti-Virus Corporate Edition Doug Hitchen GSEC
Data-Centric Quantitative Computer Security Risk Assessment Brett Berger GSEC
Enhancing E-mail Security using Exchange Server 2003 and Outlook 2003 Cheryl Jones GCWN
Securing Wireless Clients using IPsec via Linux Gateway Robert King GSEC
GIAC GCFW Assignment – Pass Rupert Currey GPPA
Network- and Host-Based Vulnerability Assessments: An Introduction to a Cost Effective and Easy to Use Strategy. Ragi Guirguis GSEC
Keeping Red Hat Linux Systems Secure with up2date John Mravunac GSEC
Common issues in PKI implementations – climbing the “Slope of Enlightenment” Angela Keith GSEC
Limiting Exposure to Denial of Service Attacks Heather Burritt GSEC
GroupWise 6.5 Security Joyce Noeltner GSEC
Getting Started: The Impacts of Privacy and Security Under HIPAA – A Case Study Barbara Filkins GSEC
Hard Earned Lessons In Implementing Computer Security Incident Response Jason Chee GSEC
GIAC GCIA Assignment – Pass John Petkovsek GCIA
Implementing Least Privilege at your Enterprise Jeff Langford GSEC
Methods for Securing a Multi-Platform Environment David Lyon GSEC
Securing Blackboard Learn on Linux David Lyon GCUX
Trapping A Monster: An Observation of Honeypots Enoch Gamble I GSEC
Securing the Gold through Better Network Design: A Case Study Todd Sheppard GSEC
A Best Practices Guide To Secure a Windows(R) XP Professional Installation Zacharias Groves GSEC
Branch Office connectivity: Private Frame to VPN’s, makes dollars and sense. David Boyden GSEC
Discovery, Eradication and Analysis of an attack on an open system: Welcome to the Jungle Steve Terrell GSEC
Secure File Transfer with SSH2 Renato Lozano GSEC
Lessons in Learning Network Security Coleen Regalmuto GSEC
Securing Windows 2000 with Security Templates Patricia Shirer GCWN
Why The Need for Internet Content Filtering/Management- A Close Look at Internet Manager Elron Web Inspector 6.03 Michell Singleton GSEC
GIAC GCFW Assignment – Pass Timothy Miller GPPA
Deploying a website built using Oracle9iAS Portal Stephen Coates GSEC
GIAC GSEC Assignment – Pass Colleen Bolan GSEC
The Need for an Established Security Awareness Training Program Richard Lewis GSEC
GIAC GCFW Assignment – Pass Richard Lewis GPPA
Enhancing risk management within a research laboratory, from behind an academic institution’s firewall – a case study Paul Buzzell GSEC
Long Distance Failover – High Availability using Cisco PIX Firewall Chris Ellem GSEC
Case Study in Developing Fault Tolerant and Highly Available Systems with Secure Zones of Protection Kevin Knox GSEC
GIAC GCIA Assignment – Pass Kevin Knox GCIA
GIAC GCIA Assignment – Pass Terry MacDonald GCIA
A New Evolution in Hack Attacks: A General Overview of Types, Methods, Tools, and Prevention Kelley Ealy GSEC
Implementing a Security Program from the Beginning, for the Beginner Thomas Paulger GSEC
Slippery Slope or Terra Firma? Current and Future Anti-Spam Measures Charlene LeBlanc GSEC
Steganography Michael Meister GSEC
Case Study: Transforming a Traditional Windows Client/Server Application Into a Secured ASP Offering David Strubbe GSEC
Building a Secured OS for a Root Certificate Authority Don Murdoch GCUX
SANS and GIAC Together Again Don Murdoch GCWN
GIAC GCIA Assignment – Pass Don Murdoch GCIA
Putting Eyes on the Wire Don Murdoch GSEC
SANS/GIAC Enterprises Active Directory Merger – Design, Security Policy, and Auditing Practices Ben Schmitt GCWN
Building a Secure OpenBSD Mail System on a Small Budget Jesse Trucks GCUX
GIAC GCIA Assignment – Pass Bill Young GCIA
Design a Secure Windows 2000 Infrastructure Jack Kohn GCWN
GIAC GCFW Assignment – Pass Amit Sood GPPA
Oracle Collaboration Suite Security Chris Bennett GSEC
Security Process for the implementation of a Company’s extranet network connections. Kirk Steinklauber GSEC
GIAC GCIA Assignment – Pass Jim Becher GCIA
Securing a Windows 2000 Application Server With Security Templates Joshua Sprenger GCWN
Kerberos and Access Token Limitations Joshua Sprenger GSEC
Security in Practice- Reducing the Effort Leon Pholi GSEC
Centralized Monitoring of Distributed Systems Edward Finneran GCUX
Case study: Implementing Trend Micro antivirus solutions in the enterprise. Mark De Rijk GSEC
GIAC GCIA Assignment – Pass Andrew Patrick GCIA
Case Study: Using Syslog in a Microsoft & Cisco Environment Dan Rathbun GSEC
Limiting Concurrent Logins in Windows NT/2000 Gene Burton GSEC
GIAC GCIA Assignment – Pass Ashley Thomas GCIA
Understanding Wireless LAN Technology and its Security Risks Julie Schuller GSEC
Strategies for Improving Vulnerability Assessment Effectiveness in Large Organizations Robert Huber GSEC
Cost Effective Firewalling Using Linux Technology In Small Businesses Steve Lang GSEC
Facing Security on a Boosted RREN Backbone Carlos Fragoso Mariscal GSEC
A Guide to Hash Algorithms Britt Savage GSEC
Linux Firewall Audit: GIAC Enterprises Elaine Madison GCUX
GIAC GCFW Assignment – Pass Stanley Yachera GPPA
Introducing Security to the Small Business Enterprise Jeff Herbert GSEC
Windows Update and Its Derivatives – With a focus on SUS Pei-li Chao GSEC
ACF2 Mainframe Security Bethany Hinsch GSEC
In Search of Secure File Transfer Across the Internet Robert Solomon GSEC
GIAC Certified Windows Security Administrator Bryce Thompson GCWN
Let’s Slam SQL: The Slammer Worm and Lessons Learned Brian Greif GSEC
The Logbook of The World Ted Demopoulos GSEC
An Introduction To File Integrity Checking On Unix Systems Del Armstrong GCUX
Light at the end of the TCP Tunnel: Freedom or Oncoming Train? Risks, Benefits and Best Practices James Ault GSEC
GIAC GCIA Assignment – Pass Daniel Wesemann GCIA
Current Steganography Tools and Methods Erin Michaud GSEC
NIDS Countermeasures: What, Why, Where, When, and How Jonathan Kobrick GSEC
Integrating Real-Time Services on the Web Pete Kobak GSEC
Symantec Enterprise VPN Solution: Extending our Network through the Internet Robin Parrish GSEC
A Guide to Government Security Mandates Christian Enloe GSEC
Building a Security Test Environment Richard Noel GSEC
Solaris 9 Secure File Transfer Server Audit Julie Baumler GCUX
Scanning for viruses Dan Boyd GSEC
GIAC GCIA Assignment – Pass Ron Shuck GCIA
Security Assessment Guidelines for Financial Institutions Karen Nelson GSEC
The Key to Internet Security Is Education Cindy James GSEC
Common Ground – A Discussion of Standards in Network Security and How to Extend Them into the Network Assessment Arena Timothy Politowicz GSEC
Web services – why all the talk about security? Richard Rabinowitz GSEC
Implementation Methodology for Information Security Management System (to comply with BS 7799 Requirements) Avinash Kadam GSEC
Smart Card Authentication: Added Security for Systems and Network Access Lawrence Thompson GSEC
Custom IIS Authentication and Access Control using ISAPI Filter Arsne von Wyss GCWN
Securing Windows running Trend Micro Services with Security Templates Curtis Simonson GCWN
Finding the Right Instant Messaging Solution for Your Company Jeff Richeson GSEC
GIAC GCFW Assignment – Pass Greg Lalla GPPA
GIAC GCIA Assignment – Pass Greg Lalla GCIA
Patching Windows Environments Using Microsoft Software Update Services SUS Ihaab Dais GSEC
UNIX System Management and Security: Differences between Linux, Solaris, AIX and HP-UX Haral Tsitsivas GSEC
GIAC GCFW Assignment – Pass Mike Powell GPPA
Setting Up Controlled Virtual Private Networks Using Microsoft’s Proxy Server and Routing and Remote Access Service Mike Powell GSEC
Defending Against Spyware Invasion Brian Smith GSEC
Achieving Managements Security Commitment Sherry Desbrough GSEC
GIAC GCFW Assignment – Pass Terry Hasford GPPA
The Risks Involved With Open and Closed Public Key Infrastructure Philip Hlavaty GSEC
Firewall Fingerprinting: Using default TCP/UDP port combinations and Nmap to identify firewall types in a network Charles Hamby GSEC
Remote Access VPN Security Concerns and Policy Enforcement Mike Stines GSEC
Monitoring Web Server Logs Using Event Log Monitoring Steven Becker GSEC
The Difficulty of Detecting Rogue Wireless Access Points on a University or Organization Campus Anna Zapata GSEC
Detecting and Protecting Against Word Field Code Abuse Mark Soderlund GSEC
Vulnerabilities Secure Base Build of AIX 5.1 Al Un GSEC
Bastion Build Revisited Al Un GCUX
VPN Deployment: Remote Access via Cisco PIX Dwayne Foley GSEC
Slapper Paul Elwell GSEC
Contingency Planning for ACE/Server 5.0 Tikuo Chen GSEC
Event Correlation Systems – The New Threat Frontline Kevin McIntyre GSEC
GIAC GCIA Assignment – Pass Alex Wood GCIA
PGP For Everyday Use Jeremy Hoel GSEC
Under the radar: A look at three covert communications channels Jim Goltz GSEC
Creating a Home Test Lab Russell Elliott GSEC
GIAC GCIA Assignment – Pass Carl Gibbons GCIA
Intrusion Detection, Evasion, and Trace Analysis Michael Wyman GCIA
PureSecure(TM) Complete Intrusion Detection Jason Oseen GSEC
Security for a CRM environment Jason LaFrance GSEC
A Novice’s Guide to Securing Windows XP Home Edition Timothy Potter GSEC
Building a Cookerpot: Using honeypots to improve Mandrake Linux security Valter Santos GSEC
Protecting the Average Consumer-What’s wrong with Firewalls Thomas Hauer GSEC
Case Study: Deploying and Configuring a Netscreen 100 Firewall Appliance to Secure the Network James Murphy GSEC
Steganography Policies for Protecting Your Web Site Toni Halley GSEC
Web Application Security – Layers of Protection William Fredholm GSEC
The Need for Information Security in Today’s Economy Jeff Tarte GSEC
Distributed Intrusion Detection Systems: An Introduction and Review Royce Robbins GSEC
Security Management Adam Wojnicki GSEC
Empowering Your IT Call Center as Information Security Advocates Carrollynn Brown GSEC
Patch Management, Getting Started Lee Debruin GSEC
Securing Wireless Networking Within The College District Case Study Gregory Evilsizer GSEC
Case Study On Improving The Security Of A Firm In A Legacy Application Setting Susan Bradley GSEC
Protecting Small Business Banking Susan Bradley GSEC
Setting Up and Securing a Small Network with OpenBSD Blair Heiserman GSEC
Ghosts in the machine: The who, why, and how of attacks on information security Cary Barker GSEC
A Case for Forensics Tools in Cross-Domain Data Transfers Dwane Knott GSEC
GIAC GCFW Assignment – Pass Brian States GPPA
Electronic Medical Records: Success Requires an Information Security Culture Thomas Roberts GSEC
Information Security in Higher Education: Threats & Response Thomas Roberts GSEC
Group Policy Security Risks and Best Practices Jenko Shih-jen Edward Hwong GSEC
Firewall Builder the GUI alternative James Coffey GSEC
Securing The Hp Nonstop Himalaya Using Safeguard Thomas Hamzik GSEC
GIAC GCIA Assignment – Pass Thomas Hoffecker GCIA
Security for Online Transaction Processing in a White Label Financial Switch Fabian Soler GSEC
GIAC GCFW Assignment – Pass Craig Duerr GPPA
Remote Users: Trust verses Necessity Chrystal Lionberger GSEC
A Case Study on Securing Medical Practitioners’ Offices and Making The Offices HIPAA-Aware Ira Victor GSEC
Development of a Network Intrusion Detection Policy Frank Yarnell GSEC
SSL Appliance Based Solutions for Corporate Web Farms: The Benefits, the Drawbacks, and the Vulnerabilities Matthew Fries GSEC
What is Seen is Screened Todd Emerton GSEC
InfoWar: Cyber Terrorism in the 21st Century Can SCADA Systems Be Successfully Defended, or are They Our “Achilles Heal”? Michael Ratledge GSEC
Securing Microsoft Exchange with Ciphertrust Ironmail John Warren GSEC
Impact of Automatic Update installation in Service Pack 3 from Microsoft on Windows 2000 workstation. Robert Blackwell GSEC
Bluetooth And Its Inherent Security Issues Tu Niem GSEC
GIAC GCFW Assignment – Pass Lesa Ludwig GPPA
GIAC GCFW Assignment – Pass Mark Hillick GPPA
Securing Our Critical Infrastructures Chris Brooks GSEC
PestPatrol in a Corporate Environment: A Case Study In Information Security Tim Strong GSEC
Ethics in Your Day, Your Job and Your Next Decision Norman Witt GSEC
Help We Just Fired Our Only IT Person! Doug Cox GSEC
Mitigating Web Application Risks With A Security Code Review And Appscan. Michael Blase GSEC
Linux.Slapper.Worm: Buffer Overflow Attacks Continue to Be a Problem Richard Fifarek GSEC
GIAC GCFW Assignment – Pass Mark Conger GPPA
Patch Management: Tackling the Remote Laptop and Teleworker – A Case Study Kay Cornwell GSEC
GIAC GCIA Assignment – Pass Erik Montcalm GCIA
Securing Task Station Computers Using Windows 2000 Group Policy Roger McClinton GCWN
Act Now! An Introduction To Canada’s PIPED Act and its Affect on Organizations and IT Departments Kevin Egan GSEC
GIAC GCIA Assignment – Pass Mohammed Haron GCIA
Is Your Storage Area Network Secure? An Overview of Storage Area Network from Security Perspective Mohammed Haron GSEC
A Case Study: Deployment of Virus Protection In The Global Enterprise Carl Alexander GSEC
Packet Sniffing In a Switched Environment Tom King GSEC
Security Considerations for Sharepoint Team Services on Windows 2000 Server Jonathan Davies GSEC
Secure Setup of a Corporate Detection and Scanning Environment Dieter Sarrazyn GSEC
GIAC GCIA Assignment – Pass Antonia Rana GCIA
Security Awareness – Implementing an Effective Strategy Chelsa Russell GSEC
GIAC GCIA Assignment – Pass Frans Kollee GCIA
Firewall on a Budget Scott Schimkowitsch GSEC
Securing an IIS 5.0 Web Server on Windows 2000 using Security Tools and Templates Graeme McLintock GSEC
GIAC GCIA Assignment – Pass Kerry Long GCIA
GIAC GCFW Assignment – Pass Greg Surla GPPA
Distributed Systems Security: Java, CORBA, and COM+ April Moreno GSEC
Aladdin Esafe Enterprise v3.0 Stacy Bolton GSEC
GIAC GCIA Assignment – Pass Nils Reichen GCIA
Securing a Web Development Workstation with the NSA Security Template Bill Sterns GCWN
Exploring Client-side Web Exploits Bill Sterns GSEC
Using A Reverse Proxy To Filter HTTP and HTTPS Mattison Ward GSEC
Combating the Lazy User: An Examination of Various Password Policies and Guidelines Sam Wilson GSEC
GIAC GCFW Assignment – Pass Sam Wilson GPPA
Solaris 10 Filesystem Integrity Protection Using Radmind Sam Wilson GCUX
Securing Mac OS X 10.1.5 Using Free Software David Shinberg GSEC
GIAC GCFW Assignment – Pass Penny Hermann-Seton GPPA
Security Features in IPv6 Penny Hermann-Seton GSEC
Design a Secure Windows 2000 Infrastructure Erik Weinmeister GCWN
Internet Email: Defense in Depth Howard Edin GSEC
The Life Cycle of A Security Awareness Program:What has and has not Worked John Turner GSEC
Are You a Responsible Internet Neighbour? Phillip Croft GSEC
Using IDS to Evaluate Outbound Port Usage for Security and Reduction of IDS Alerts: A Case Study Ken Underwood GSEC
GIAC GCIA Assignment – Pass Dongmei Huang GCIA
GIAC GCIA Assignment – Pass Denis Brooker GCIA
Smart Cards – the All-in-One Security Platform for Today’s Corporate World Ee Chin Chong GSEC
Case Study: Adventures in Securing Mom and Pop Ken Davidson GSEC
Security Audit Report Mandar Rege GCUX
Stopping P2P: How to Rid Your Network of Unwanted P2P Traffic Russell Meyer GSEC
Challenges of Managing an Intrusion Detection System (IDS) in the Enterprise Russell Meyer GCIA
Information Assurance Using Biometrics Bryan Feltin GSEC
GIAC GCIA Assignment – Pass Jason Tant GCIA
Deploying Secure Public Kiosk Networks Jon Shaffer GSEC
Securing the SNMP Service Robert Hayden GCWN
Authenticating Nortel Contivity Clients Using RSA SecurID Tokens Rusty Fancher GSEC
Implementing Defense in Depth at the University Level G Michael Runnels GSEC
CyberPorn Tricks and Awareness Stephen Karrick GSEC
Security Aspects of a Samhain Client/Server Installation to Protect a Solaris Web Server Winston Holmes GCUX
System and Network Documentation Winston Holmes GSEC
Virii Generators: Understanding the Threat James Tarala GSEC
Implementing a Secure Microsoft Windows Server 2003 Terminal Services Infrastructure: A Case Study for ACME Healthcare, Inc. James Tarala GCWN
Steganography – See No Evil, Hear No Evil, Speak No Evil Chris Farrow GSEC
The University Has a Firewall – Isn’t That Enough? Why Users Still Need to Be Concerned About Computer Security Sherry Cummins GSEC
HIPAA/ISO 17799 Security Audit of GIAC Enterprises Onsite Employee Health Clinic Database Server Sherry Cummins GCUX
Developing a Secure and Portable Snort Sensor based on Red Hat 9 Frederick Larabee GCUX
Proactive Vulnerability Assessments with Nessus Jason Mitchell GSEC
SPAM: Recourse and Education Rodney Caudle GSEC
Assumptions in Intrusion Detection – Blind Spots in Analysis Rodney Caudle GCIA
Maintaining Departmental Security in a Centralized Environment: Keeping Things Secure When You Have to Cooperate Brent Veenstra GSEC
Novell Server Quick Security Guide for the Overworked Administrator Tony Flowers GSEC
Managing Network Firewalls -A Love/Hate Relationship James Medeiros GSEC
The Firewall Has Been Installed, Now What? Developing a Local Firewall Security Policy Richard Walker GSEC
Critical System Lifecycle: A Security Perspective Geoffrey Pascoe GSEC
GIAC GCIA Assignment – Pass Pedro Bueno GCIA
Inter-node Security Issues in 802.11b Wireless LAN Environments Patrick Sweeney GSEC
Buffer Overflows for Dummies Josef Nelissen GSEC
How to Effectively Secure Your Business Albert Yu GSEC
Continuously Anticipating the Network Attack Mark Georgas GSEC
Public-key Cryptography: PGP, SSL, and SSH Thomas Jonson GSEC
Designing a Secure Windows 2000 Network Infrastructure David Branscome GCWN
Securing a Red Hat Linux 7.2 Anonymous FTP Server with Security Support syslog Server Brian Melcher GCUX
Microsoft Internet Explorer 6.0 Security: Step-by-Step Chris Christianson GSEC
Aggressive Patching and the Use of a Standard Build: An OpenBSD example Michael Sullenszino GSEC
GIAC GCFW Assignment – Pass Robert Schiela GPPA
GIAC GCFW Assignment – Pass Blair Nason GPPA
Multi-Layered Approach to Small Office Networking David Taylor GSEC
Security Audit Report Zarina Musa GCUX
VPN-1 SecureClient – Check Point’s Solution for Secure Intranet Extension Ryan Gibbons GSEC
Securing an Anonymous FTP Server in Solaris 8 with WU-FTPD Mansel Bell GSEC
GIAC GCIA Assignment – Pass Jared McLaren GCIA
Secure Open-Source Network IDS Jared McLaren GSEC
GIAC GCFW Assignment – Pass Jared McLaren GPPA
GIAC GCIA Assignment – Pass Michael Meacle GCIA
How to Install IC Radius and Extend via Custom Perl Script Michael Meacle GSEC
Protecting your Internal Systems from a Compromised Host Michael Nancarrow GSEC
GIAC GCIA Assignment – Pass David Manley GCIA
Nessus: Vulnerability Scanning and Beyond Paul Schmelzel GSEC
GIAC GCIA Assignment – Pass Paul Schmelzel GCIA
Cyber IPB Steve Winterfeld GSEC
A Qualitative Risk Analysis and Management Tool – CRAMM Zeki Yazar GSEC
Iris Recognition Technology for Improved Authentication Penny Khaw GSEC
LaBrea – A New Approach to Securing Our Networks Leigh Haig GSEC
GIAC GCIA Assignment – Pass Brian Sheffler GCIA
Building a Secure Solaris 8 Backup Server Jason Christensen GCUX
SSH and Intrusion Detection Heather Larrieu GSEC
GIAC GCIA Assignment – Pass Jalal Moloo GCIA
GIAC GCIA Assignment – Pass Kris Wicks GCIA
Implementing n Internet Content Filtering and Reporting Program Eric Wilkens GSEC
GIAC GCIA Assignment – Pass Jon Repaci GCIA
A Tool for Running Snort in Dynamic IP Address Assignment Environment Shin Ishikawa GSEC
The Sun Enterprise Authentication Mechanism John Douglass GSEC
GIAC GCIA Assignment – Pass Mark Embrich GCIA
IDS Burglar Alarms: A How-To Guide Mark Embrich GSEC
GIAC GCIA Assignment – Pass Tim Newell GCIA
Echelon: The Dangers of Communication in the 21st Century Chad Yancey GSEC
A Solaris Backup Script How-to Stanley Hearn GSEC
GIAC GCIA Assignment – Pass Glenn Larratt GCIA
GIAC GCFW Assignment – Pass Glenn Larratt GPPA
Introduction to the Security Audit Process Jim Murray GSEC
GIAC GCIA Assignment – Pass Michael McDonnell GCIA
Protecting Against the Unexpected Keith Seymour GSEC
Distilling Data in a SIM: A Strategy for the Analysis of Events in the ArcSight ESM James Voorhees GCIA
The Limits on Wireless Security: 802.11 in Early 2002 James Voorhees GSEC
Computing Industry Certifications and Security Kurt Jensen GSEC
A Detailed Look at Steganographic Techniques and Their Use in an Open-Systems Environment Bret Dunbar GSEC
Deploying Microsoft HiSecurity Template on a Windows 2000 Professional Workstation within a Windows NT 4.0 Domain Joe Matyaz GCWN
GIAC GCIA Assignment – Pass Dan Hawrylkiw GCIA
Wireless Networking Security: As Part of Your Perimeter Defense Strategy Daniel Owen GSEC
Implementing a Windows 2000 Host Based Intrusion Detection System Richard Springs GSEC
GIAC GCIA Assignment – Pass Patrick Ethier GCIA
GIAC GCIA Assignment – Pass Karim Merabet GCIA
Leveraging the Load Balancer to Fight DDoS Brough Davis GCIA
Areas to Consider When Planning Virus and Software Updates of Remote Computers Jeff Markee GSEC
PGP in a Networked, Multi-user Environment Mark Fennig GSEC
GIAC GCFW Assignment – Pass Mark Fennig GPPA
GIAC GCFW Assignment – Pass Mark Ballister GPPA
Monitoring for Security Events Using Windows Management Instrumentation Stephen Seigler GSEC
GIAC GCIA Assignment – Pass John Hally GCIA
Steganography: What’s the Real Risk? John Hally GSEC
Defeating Perimeter Security With HTTP Marcus Bailey GSEC
Twists in Security for Law Enforcement Conrad Larkin GSEC
Secure Shell Daemon crc32 Compensations Attack Detector Vulnerability Tim Yeager GSEC
An Analysis of Terrorist Groups’ Potential Use of Steganography Stephen Lau GSEC
Violations of Basic Computer Security Principles within the Television Broadcast Community and Some Suggested Solutions Paul Claxton GSEC
GIAC GCIA Assignment – Pass James Hoover GCIA
Securing a Fortune Marc Westbrock GCWN
ELECTRONIC DATA RECOVERY A Critical Component of Security, Disaster Recovery and Company Survival Marc Westbrock GSEC
An Informal Analysis of One Site’s Attempts to Contact Host Owners Laurie Zirkle GSEC
Applying the CIS Linux Benchmark v1.1.0 Recommendations to a Mandrake 9.1 Laptop with Higher Security Enabled Laurie Zirkle GCUX
We’re Auditors – We’re Here to Help James Butler GSEC
GIAC GCIA Assignment – Pass Sean-Paul Heare GCIA
GIAC GCIA Assignment – Pass Dan Guinane GCIA
GIAC GCIA Assignment – Pass Jim Hendrick GCIA
GIAC GCFW Assignment – Pass Jim Hendrick GPPA
Finding dsniff on Your Network Richard Duffy GSEC
Host vs. Network-Based Intrusion Detection Systems David Trzcinski GSEC
GIAC GCIA Assignment – Pass Keven Murphy GCIA
Implementation of a Secure Wireless Network on a University Campus Greg Redder GSEC
Making Smart Cards Work in the Enterprise Brett Lewis GSEC
Research Guide to Web Resources at and Applying This to Patching Internet Information Server Barry Dahling GSEC
GIAC GCFW Assignment – Pass Daniel Mengel GPPA
No Budget, no Policy: Leading the Bull by the Nose or Thank God for the Cisco IOS Firewall Feature Set Richard Haynal GSEC
GIAC GCIA Assignment – Pass Thomas Shepherd GCIA
An Exploration into Biometrics, Security Architecture Design, and Security Policies Thomas Shepherd GPPA
GIAC GCFW Assignment – Pass Eve Edelson GPPA
Researching a Topic on the Internet Eve Edelson GSEC
Rootkit: Attacker Undercover Tools Saliman Manap GSEC
A Secure Windows 2000 Infrastructure David Heed GCWN
GIAC GCIA Assignment – Pass David Heed GCIA
Step-by-step Guide to Securing Red Hat 7.1 Linux Lawrence Grim GCUX
Security Awareness: Help the Users Understand Kenton Smith GSEC
Anti-virus Software: The Challenge of Being Prepared for Tomorrow’s MalWare Today Lisa Galarneau GSEC
GIAC GCIA Assignment – Pass Gregory Lajon GCIA
Overview of Nimda John Phillips GSEC
Building a Cost Effective Syslog Server using Solaris For Intel and SunScreen Lite – Honor Harpal Parmar GCUX
A Secure Windows 2000 Infrastructure for GIAC Enterprises Harpal Parmar GCWN
Securing a Windows 2000 IIS Web Server – Lessons Learned Harpal Parmar GSEC
A Guide to Building and Securing an Intranet Mail Server/Hub with AIX 5L Version 5.1 on an IBM RS/6000 Server Devon Caines GCUX
GIAC GCFW Assignment – Pass Orazio Mistretta GPPA
GIAC GCIA Assignment – Pass Orazio Mistretta GCIA
Basic Travel Security Revisited Thomas Palmer GSEC
Can Hackers Turn Off Your Lights? Jonathan Stidham GSEC
GIAC GCFW Assignment – Pass Tracy Thurston GPPA
Conducting an electronic information risk assessment for Gramm-Leach-Bliley Act compliance. Kevin Bong GSEC
GIAC GCIA Assignment – Pass Kevin Bong GCIA
GIAC GCFW Assignment – Pass Kevin Bong GPPA
GIAC GCIA Assignment – Pass Reuben Rubio GCIA
GIAC GCIA Assignment – Pass Alan Woodroffe GCIA
GIAC GCIA Assignment – Pass Mark Maher GCIA
GIAC GCIA Assignment – Pass Philipp Stadler GCIA
GIAC GCFW Assignment – Pass Philipp Stadler GPPA
GIAC GCFW Assignment – Pass Justin Ginsberg GPPA
Proactively Guarding Against Unknown Web Server Attacks William Geiger GSEC
The Code Red Worm John Dolak GSEC
Security and the 802.11b Wireless LAN Sean Griffin GSEC
AIX 4.3 Installation Checklist Kenneth Lee GCUX
SuSE Linux 7.1 Professional Installation Checklist Felix Schallock GCUX
Disconnect from the Internet – Whale’s e-Gap In-Depth Kevin Gennuso GSEC
How to Choose an Intrusion Detection Solution Baiju Shah GSEC
Security from Scratch… How to Achieve It Alan Davies GSEC
GIAC GCFW Assignment – Pass Chris Kellogg GPPA
The Weakest Link: The Human Factor Bradley Fulton GSEC
Protecting Sensitive Data in Secure Domains Mikael Trosell GSEC
Electronic Data Retention Policy Brian Wrozek GSEC
Cisco Router Hardening: Step-by-Step Dana Graesser Williams GSEC
GIAC GCIA Assignment – Pass Harvey Lange GCIA
Linux Red Hat 7.1 Security Assessment Bente Petersen GCUX
GIAC GCIA Assignment – Pass Bente Petersen GCIA
GIAC GCIA Assignment – Pass John Melvin GCIA
Protect your enterprise against clients centric attacks, using Windows 2000 GPO Thierry Agassis GCWN
Information Security: Handling Compromises Craig Bowser GSEC
Enforce Network Access Control through Security Policy Management Process and Enforcement Craig Bowser GSEC
Why Small Businesses Need to Secure Their Computers (and How to Do It!) Bruce Diamond GSEC
A Business Perspective on PKI: Why Many PKI Implementations Fail, and Success Factors to Consider Leslie Peckham GSEC
Kerberos Authentication in Windows 2000 Vishwas Gadgil GSEC
GIAC GCIA Assignment – Pass Vernon Stark GCIA
Using Snort v1.8 with SnortSnarf on a Red Hat Linux System Richard Greene GSEC
Firewall Rule Review Rita Will GSEC
Spyware and Network Security Lester Cheveallier GSEC
GIAC GCFW Assignment – Pass Eric Mroczka GPPA
A Virus and a Worm: Lessons Learned from Sircam and Code Red in a University Environment Marc Mazuhelli GSEC
GIAC GCFW Assignment – Pass Lorna Hutcheson GPPA
GIAC Enterprises: Fortunes for the Future – Implementing Active Directory with Defense in Depth Lorna Hutcheson GCWN
Successful Partnerships for Fighting Computer Crime Beth Binde GSEC
GIAC GCIA Assignment – Pass Beth Binde GCIA
How to Build and Secure a General Purpose “Internet Ready” Workstation Robert Beswick GCUX
Manage your Security Initiative as a Project Rex Robitschek GSEC
Cheese Worm: Pros and Cons of a “Friendly” Worm Bryan Barber GSEC
Backup Rotations – A Final Defense Stephen Lennon GSEC
Using Open Source to Create a Cohesive Firewall/IDS System Thomas Dager GSEC
The China Syndrome Charles Bacon GSEC
Logfile Analysis: Identifying a Network Attack Michael Fleming GSEC
GIAC GCIA Assignment – Pass Stephen Pedersen GCIA
GIAC GCIA Assignment – Pass Mike Poor GCIA
Public Servers Vulnerability Assessment Report Ricky Smith GCUX
Group Policies for GIAC Enterprises Ricky Smith GCWN
GIAC GCIA Assignment – Pass Ricky Smith GCIA
Filtering Routers in a Small Office/Home Office with a Mixed OS Environment Ricky Smith GSEC
GIAC GCIA Assignment – Pass Janice Slocumb GCIA
System Security and Your Responsibilities: Minimizing Your Liability Gary Holtz GSEC
Implementing/Re-Implementing Change Control Policies Derek Milroy GSEC
Open File Shares: An Unexpected Business Risk Jaime Carpenter GSEC
GIAC GCIA Assignment – Pass Wes Bateman GCIA
Vulerability Scanning in the Corporate Enterprise Peter Nichols GSEC
Risk Assessment in the University Setting Kent Knudsen GSEC
Preventing Your Computer from Becoming a Zombie Jamy Klein GSEC
GIAC GCFW Assignment – Pass Jamy Klein GPPA
Security Awareness – Everyone’s Business Bev Memory GSEC
Auditing a University Solaris System Geoffrey Poer GCUX
GIAC GCIA Assignment – Pass Geoffrey Poer GCIA
GIAC GCIA Assignment – Pass Nathan Kim GCIA
GIAC GCIA Assignment – Pass Brian Credeur GCIA
Guide to Deploying a Windows 2000/Exchange 2000/File/Print Server in a Single Server Environment Gary Pasikowski GCWN
Prosecution: A Subset of Incident Response Procedures Gary Pasikowski GSEC
Business Consideration and Network Implementation of Generally Accepted Security Standards Patrick Nolan GSEC
Is It Really Gone? Grant Thompson GSEC
Creating Security Policies – Lessons Learned Mark Worthington GSEC
GIAC GCFW Assignment – Pass Eric Waddell GPPA
GIAC GCFW Assignment – Pass David Stokes GPPA
Overview of Biometric Encryption Mark Wood GSEC
GIAC GCIA Assignment – Pass Michael Lastor GCIA
The Future of Fighting Viruses: A History and Analysis of the Digital Immune System Michael Bussa GSEC
To CVP or not to CVP Kurt Koenigsknecht GSEC
GIAC GCFW Assignment – Pass Kurt Koenigsknecht GPPA
GIAC GCFW Assignment – Pass Georgios Sagos GPPA
GIAC GCIA Assignment – Pass Bill Phillips GCIA
GIAC GCFW Assignment – Pass Bill Phillips GPPA
GIAC GCFW Assignment – Pass Ben Laws GPPA
Solaris 8 (sparc) Security Checklist for JFY, Inc. Ben Laws GCUX
Wireless LANs – the Big New Security Risk Gordon Mitchell GSEC
Inverse Mapping Using Disguised TCP Resets Minna Kangasluoma GSEC
Securing the Wile Modem: A Case Study on the Use of Policies, War Dialers and Firewalls for Phone Lines Archie Woodworth GSEC
Securing Unix Step by Step George Markham GCUX
GIAC GCFW Assignment – Pass Norrie Bennie GPPA
Certificate Revocation in Public Key Infrastructures Scott Fairbrother GSEC
GIAC GCIA Assignment – Pass Miika Turkia GCIA
Instruments of the Information Security Trade Mark Graff GSEC
GIAC GCFW Assignment – Pass Mason Richardson GPPA
Central Auditing of Windows NT Using Windows Script Host (WSH) Roger Mclaren GCWN
OpenBSD Escorting Firewall Step by Step Guide Benjamin Eason GCUX
GIAC GCIA Assignment – Pass Charles Hutson GCIA
Stronger Authentication Methods: Biometrics and Public Acceptance Mark Wolansky GSEC
Detecting Torrents Using Snort Rick Wanner GCIA
NetTop for Data Privacy through Secure Desktops Rick Wanner GSEC
Secure Browsing Environment Robert Peter Sorensen GSEC
GIAC GCIA Assignment – Pass Robert Peter Sorensen GCIA
GIAC GCFW Assignment – Pass Robert Peter Sorensen GPPA
Securing NT4 Workstations in an Educational Computer Lab Environment Eric Nooden GSEC
GIAC GCFW Assignment – Pass Scot Hartman GPPA
Securing SNMP Windows Stephen Cicirelli GSEC
GIAC GCFW Assignment – Pass Stephen Cicirelli GPPA
Checklist for Securing RedHat Linux 7.1 on an IBM Thinkpad Laptop Paul DePriest GCUX
The Importance of the Ramen Worm Paul DePriest GSEC
GIAC GCFW Assignment – Pass Tanya Baccam GPPA
Do You Copy? Security Issues with Digital Copiers Kevin Smith GSEC
Step-by-step Guide to Securing an IRIX Mediabase Video Web Server Robert Drollinger GCUX
GIAC GCIA Assignment – Pass Peter Szczepankiewicz GCIA
Usefulness and Shortcomings of the Pre-configured Security Policy Templates that are Included with Windows 2000 Yong Choe GCWN
Black ICE 2.5 Events, False Positives and Custom Attack Signatures Alan J Mercer GSEC
Malicious Code: VBS/OnTheFly (Anna Kournikova) Marco Smitshoek GSEC
GIAC GCFW Assignment – Pass Marco Smitshoek GPPA
Intrusion Report for SANS University Gaspar Modelo Howard GCIA
The Hacking of Microsoft Ernest Quaglieri GSEC
Implementing Site-to-Site IPSEC VPNs Using Cisco Routers Millie Ives GSEC
GIAC GCFW Assignment – Pass Gavin Vallance GPPA
Kerberos Network Authentication Security Protocol – Recent Security Vulnerabilities Jay Holcomb GSEC
PC Week hack of 1999 Shawn Balestracci GSEC
GIAC GCFW Assignment – Pass Chris Talianek GPPA
Securing an AIX 5.2 Development Server Chris Talianek GCUX
GIAC GCIA Assignment – Pass Chris Talianek GCIA
Installing and Securing an SSH Server with HP Secure OS Software for Linux and Cryptography Kenneth Gallo GCUX
GIAC GCIA Assignment – Pass Michael Semling GCIA
Information Warfare: Are You Battlefield Ready? Phillip Conrad GSEC
Basic Steps to Hardening a Standalone Windows 2000 Installation Todd Anderson GSEC
Installing and Securing a Shell Access Server Using Red Hat 6.2 Linux Stephen Gibson GCUX
Nessus – Get on Board Greg Brooks GSEC
BIND 8 Buffer Overflow in TSIG Richard Biever GSEC
GIAC GCIA Assignment – Pass Chris Hayden GCIA
NetBus Chris Hayden GSEC
Attacks from Within: A Look at Security Concerns for ASPs Tyson Kopczynski GSEC
AES: The New Key on the Block Christopher Silveira GSEC
Importance of a Standard Methodology in Computer Forensics Jim McMillan GSEC
GIAC GCIA Assignment – Pass Donald Pitts GCIA
SOHO OpenBSD Intranet IMAP Server Donald Pitts GCUX
Log Consolidation with syslog Donald Pitts GSEC
Protecting Your Home Computer from the Internet, Can You Keep the Heat Out? Robert Ashworth GSEC
GIAC GCIA Assignment – Pass Robert Ashworth GCIA
Securing Information on Laptop Computers James Purcell GSEC
Limiting the Exposure of a Netware Server in an IP World Dana Mclaughlin GSEC
GIAC GCFW Assignment – Pass Dana Mclaughlin GPPA
Scripting as a Method of Establishing a Reliable Baseline Posture George Moncrief GSEC
Firewall Load Balancers Megan Restuccia GSEC
Hacktivism – A Free Form of Expression or a Digital Vandalism Eva Dadok GSEC
GIAC GCFW Assignment – Pass Graham Bennett GPPA
GIAC GCIA Assignment – Pass Michael Worman GCIA
An Explanation of “TCP Wrappers” for the Security Manager Richard Branicki GSEC
Security Audit Report Gary Needham GCUX
Securing Microsoft Outlook 2000 Using the Outlook Security Update in a Microsoft Exchange Server 5.5 Environment Brad Peer GSEC
Creating a Certificate-Enabled Public Web Site With Windows 2000 Michael Reiter GCWN
GIAC GCFW Assignment – Pass Michael Reiter GPPA
Consolidated Security Event Monitoring for Microsoft Windows NT 4.0 Server Jeff Shawgo GCWN
GIAC GCFW Assignment – Pass Pat Malone GPPA
GIAC GCFW Assignment Patrik Sternudd GPPA
Snort Overdrive Patrik Sternudd GCIA
Securing an OpenBSD 3.5 System for use with Honeyd Nicholas Smith GCUX
GIAC GCFW Assignment – Pass Michael Gauthier GPPA
Security Audit Intrusion Report Michael Gauthier GCIA
Security Assessment Michael Gauthier GCUX
Windows NT Web Server Auditing Dean Farrington GCWN
GIAC GCFW Assignment – Pass Mark Evans GPPA
GIAC GCFW Assignment – Pass Jim O’Brien GPPA
Security Issues in NIS Jim O’Brien GSEC
How Does Network Security Scanning Work Anyway? Ronald Black GSEC
GIAC GCIA Assignment – Pass Rhonda Maluia GCIA
An Elementary Introduction to Sendmail Jay Coleson GSEC
Critical Infrastructure Protection: Establishing an Information Sharing and Analysis Center Can Be Like Developing an Organizational Security Policy Frances Wentworth GSEC
Security Implications of Update Agent Software Shaun Glaim GSEC
Securing Windows 2000 with Security Templates John Jenkinson GCWN
GIAC GCFW Assignment – Pass John Jenkinson GPPA
AIX Version 4.3.3 on Power2 3xx Series RS/6000 John Jenkinson GCUX
Using VAX/VMS to Augment Security of a Large UNIX Environment John Jenkinson GSEC
GIAC GCIA Assignment – Pass John Jenkinson GCIA
Build Securely a Shadow Sensor Step-by-Step Powered by Slackware Linux Guy Bruneau GCUX
The History and Evolution of Intrusion Detection Guy Bruneau GSEC
SANS GIAC Intrusion Detection Curriculum Parliament Hill 2000 Guy Bruneau GCIA
A Risk Assessment Approach to NT Security Glenn Davis GCWN
GIAC GCIA Assignment – Pass Glenn Davis GCIA
GIAC GCIA Assignment – Pass Curtis Blais GCIA
GIAC GCFW Assignment – Pass Curtis Blais GPPA
GIAC GCFW Assignment – Pass Jeffrey Roth GPPA
Audit of Gauntlet 5.5 Firewall (Running on Solaris 2.6 with BIND 8.2.3-REL) Jeff Holland GCUX
Know Yourself: Vulnerability Assessments Adrien de Beaupre GSEC
Trinity v3 DDoS: Tomorrow’s Headline? David Sheridan GSEC
Why Your Switched Network Isn’t Secure Steven Sipes GSEC
Linux DNS (Domain Name Server) System Setup Checklist Martin Tremblay GCUX
Promoting Security from the Middle Siegfried Hill GSEC
The Impact of Cumulative Secure and High Secure Windows 2000 Professional Security Templates on a Workstation Running SCT Banner Siegfried Hill GCWN
DSL and Computer Security Issues Joanne Ashland GSEC
GIAC GCIA Assignment – Pass Jasmir Beciragic GCIA
GIAC GCFW Assignment – Pass Jasmir Beciragic GPPA
Cookies and Exploits Jasmir Beciragic GSEC
Public Domain FTP Buffer Overflow Vulnerabilities Feb. – Oct. 1999 Ralph Durkee GSEC
GIAC GCFW Assignment – Pass Brian Estep GPPA
GIAC GCIA Assignment – Pass Brian Estep GCIA
Windows NT Security Step-by-Step Charles John GCWN
GIAC GCIA Assignment – Pass Dan Chervenka GCIA
GIAC GCIA Assignment – Pass Joseph Rach GCIA
Corporate LAN Intranet Server Compromise Jason DePriest GSEC
GIAC GCFW Assignment – Pass Jason DePriest GPPA
Security Audit Report Daniel Robb GCUX
The Evolution of Malicious Agents Lenny Zeltser GSEC
Consultants Report from Auditing UNIX Lenny Zeltser GCUX
Designing a Secure Windows 2000 Infrastructure Lenny Zeltser GCWN
GIAC GCIA Assignment – Pass Donald Tomczak GCIA
GIAC GCIA Assignment – Pass Kevin Pietersma GCIA
GIAC GCIA Assignment – Pass Michael Wee GCIA
GIAC GCIA Assignment – Pass John Dietrich GCIA
GIAC GCIA Assignment – Pass David Blaine GCIA
GIAC GCIA Assignment – Pass Kevin Miller GCIA
Database Encryption Things you know before you encrypt James Summers GSEC
GIAC GCIA Assignment – Pass James Summers GCIA
GIAC GCIA Assignment – Pass JD Baldwin GCIA
Firewalls: What I Wish I’d Known When I Was Getting Started William Davis GSEC
GIAC GCIA Assignment – Pass William Davis GCIA
GIAC GCFW Assignment – Pass Dave Chen GPPA
Integration Of Single Sign On Within The Framework Of An J2EE Environment In Banking Field<br>French Translation Philippe Gros GSEC
GIAC GCFW Assignment – Pass Richard Hammer GPPA
Enhancing IDS using, Tiny Honeypot Richard Hammer GCIA
The Inside-Out Firewall Vulnerability Richard Hammer GSEC
GIAC GCIA Assignment – Pass Donna Andert GCIA
GIAC GCIA Assignment – Pass Javier Romero GCIA
GIAC GCIA Assignment – Pass Suzanne Vanpatten GCIA
The Packet Filter: A Basic Network Security Tool Daniel Strom GSEC
GIAC GCIA Assignment – Pass Daniel Strom GCIA
GIAC GCIA Assignment – Pass Andrew Korty GCIA
GIAC GCIA Assignment – Pass David Nolan GCIA
GIAC GCIA Assignment – Pass Bob Long GCIA
Good News, Bad News: The Infosec Issues of Usenet Bob Long GSEC
GIAC GCFW Assignment – Pass Marc Panet-Raymond GPPA
GIAC GCIA Assignment – Pass Shane Boothe GCIA
GIAC GCIA Assignment – Pass David Hesprich GCIA
GIAC GCIA Assignment – Pass Jim Clausing GCIA
GIAC GCIA Assignment – Pass Joe Dietz GCIA
GIAC GCIA Assignment – Pass Kirk Becker GCIA
Windows NT and Novell Host Based Intrusion Detection Using Native Logging and 3rd Party Log Reporting Tools Robert Grill GSEC
GIAC GCFW Assignment – Pass Jerry Shenk GPPA
GIAC GCIA Assignment – Pass Jerry Shenk GCIA
GIAC GCIA Assignment – Pass James Kirby GCIA
GIAC GCIA Assignment – Pass Martin Walker GCIA

SANS Forensics Whitepapers

White Papers are an excellent source for information gathering, problem-solving and learning. Below is a list of White Papers written by forensic practitioners seeking GCFA, GCFE, and GREM Gold. SANS attempts to ensure the accuracy of information, but papers are published “as is”.

Errors or inconsistencies may exist or may be introduced over time. If you suspect a serious error, please contact

SANS Forensics Whitepapers
Paper Author Cert
Intelligence-Driven Incident Response with YARA Ricardo Dias GCFA
Review of Windows 7 as a Malware Analysis Environment Adam Kramer GREM
Straddling the Next Frontier Part 2: How Quantum Computing has already begun impacting the Cyber Security landscape Eric Jodoin GCFA
Case Study: 2012 DC3 Digital Forensic Challenge Basic Malware Analysis Exercise Kenneth Zahn GREM
Detailed Analysis Of Sykipot (Smartcard Proxy Variant) Rong Hwa Chong GREM
Windows ShellBag Forensics in Depth Vincent Lo GCFA
A Detailed Analysis of an Advanced Persistent Threat Malware Frankie Fu Kay Li GREM
Forensic Images: For Your Viewing Pleasure Sally Vandeven GCFA
Analyzing Man-in-the-Browser (MITB) Attacks Chris Cain GCFA
Using IOC (Indicators of Compromise) in Malware Forensics Hun Ya Lock GREM
A Journey into Litecoin Forensic Artifacts Daniel Piggott GCFA
MalwareD: A study on network and host based defenses that prevent malware from accomplishing its goals Dave Walters GREM
Clash of the Titans: ZeuS v SpyEye Harshit Nayyar GREM
An Opportunity In Crisis Harshit Nayyar GREM
Comprehensive Blended Malware Threat Dissection Analyze Fake Anti-Virus Software and PDF Payloads Anthony Cheuk Tung Lai GREM
Creating a Baseline of Process Activity for Memory Forensics Gordon Fraser GCFA
Automation of Report and Timeline-file based file and URL analysis Florian Eichelberger GCFA
Repurposing Network Tools to Inspect File Systems Andre Thibault GCFA
Enhancing incident response through forensic, memory analysis and malware sandboxing techniques Wylie Shanks GCFA
Using Sysmon to Enrich Security Onion’s Host-Level Capabilities Joshua Brower GCFA
Indicators of Compromise in Memory Forensics Chad Robertson GCFA
Forensicator FATE – From Artisan To Engineer Barry Anderson GCFA
Computer Forensic Timeline Analysis with Tapestry Derek Edwards GCFA
Windows Logon Forensics Sunil Gupta GCFA
Windows Logon Forensics Sunil Gupta GCFA
What’s in a Name: Uncover the Meaning behind Windows Files and Processes Larisa Long GCFA
Analysis of a Simple HTTP Bot Daryl Ashley GREM
XtremeRAT – When Unicode Breaks Harri Sylvander GREM
Analysis of the building blocks and attack vectors associated with the Unified Extensible Firmware Interface (UEFI) Jean Agneessens GREM
Mobile Device Forensics Andrew Martin GCFA
Mac OS X Malware Analysis Joel Yonts GCFA
Building a Malware Zoo Joel Yonts GREM
Mastering the Super Timeline With log2timeline Kristinn Gudjonsson GCFA
A Regular Expression Search Primer for Forensic Analysts Timothy Cook GCFA
Identifying Malicious Code Infections Out of Network Ken Dunham GCFA
Live Response Using PowerShell Sajeev Nair GCFA
Forensic Analysis on iOS Devices Tim Proffitt GCFE
CC Terminals, Inc.Forensic Examination Report: Examination of a USB Hard Drive Brent Duckworth GCFA
Unspoken Truths – Forensic Analysis of an Unknown Binary Louie Velocci GCFA
Forensic Analysis of a SQL Server 2005 Database Server Kevvie Fowler GCFA
Taking advantage of Ext3 journaling file system in a forensic investigation Gregorio Narvaez GCFA
Lessons from a Linux Compromise John Ritchie GCFA
Forensic Analysis of a Compromised NT Server(Phishing) Andres Velazquez GCFA
Analysis of a serial based digital voice recorder Craig Wright GCFA
Analysis of an unknown USB JumpDrive image Roger Hiew GCFA
Forensic Investigation of USB Flashdrive Image for CC Terminals Rhonda Diggs GCFA
Discovering Winlogoff.exe Jennie Callahan GREM
GIAC GREM Assignment – Pass Joe Fresch GREM
Analysis of an unknown disk Jure Simsic GCFA
Integrating Forensic Investigation Methodology into eDiscovery Jeff Groman GCFA
Analysis of a Windows XP Professional compromised system Manuel Humberto Santander Pelaez GCFA
Analysis of a Commercial Keylogger installed on multiple systems Merlin Namuth GCFA
GIAC GREM Assignment – Pass David Chance GREM
Reverse Engineering the Microsoft exFAT File System Robert Shullich GCFA
How not to use a rootkit Mike Wilson GCFA
Forensic Analysis on a compromised Linux Web Server Jeri Malone GCFA
Analysis of a Red Hat Honeypot James Shewmaker GCFA
GIAC GREM Assignment – Pass James Shewmaker GREM
Forensic with Open-Source Tools and Platform: USB Flash Drive Image Forensic Analysis Leonard Ong GCFA
Forensic analysis of a Windows 2000 computer literacy training and software development device Golden Richard GCFA
GIAC GREM Assignment – Pass James Balcik GREM
Forensic Analysis Procedures of a Compromised system using Encase Jeffrey McGurk GCFA
Forensic analysis of a Compromised Windows 2000 workstation Charles Fraser GCFA
Forensic Analysis on a compromised Windows 2000 Honeypot Peter Hewitt GCFA
Evaluation of Crocwareis Mount Image Pro as a Forensic Tool Hugh Tower-Pierce GCFA
Forensic Tool Evaluation-MiTeC Registry File Viewer Kevin Fiscus GCFA
Camouflaged and Attacked? Bertha Marasky GCFA
Review of Foundstone Vision as a forensic tool Bil Bingham GCFA
Forensic Analysis of a Compromised Intranet Server Roberto Obialero GCFA
Analysis of an IRC-bot compromised Microsoft Windows system Jennifer Kolde GCFA
HONORS-Analysis of a USB Flashdrive Image Raul Siles GCFA
Safe at Home? David Perez GCFA
Evaluation of a Honeypot Windows 2000 Server with an IIS Web/FTP Server Kenneth Pearlstein GCFA
Forensic Analysis of a USB Flash Drive Norrie Bennie GCFA
Open Source Forensic Analysis – Windows 2000 Server – Andre Arnes GCFA
Forensic Analysis of dual bootable Operating System (OS) running a default Red Hat 6.2 Linux server installation and Windows 98 Mohd Shukri Othman GCFA
An Examination of a Compromised Solaris Honeypot, an Unknown Binary, and the Legal Issues Surrounding Incident Investigations Robert Mccauley GCFA
Forensic Analysis of an EBay acquired Drive Daniel Wesemann GCFA
Analyze an Unknown Image and Forensic Tool Validation: Sterilize Steven Becker GCFA
Malware Adventure Russell Elliott GREM
Binary Analysis, Forensics and Legal Issues Michael Wyman GCFA
Analysis on a compromised Linux RedHat 8.0 Honeypot Jeff Bryner GCFA
Forensic analysis of a compromised RedHat Linux 7.0 system Jake Cunningham GCFA
Validation of Norton Ghost 2003 John Brozycki GCFA
Forensic Analysis of Shared Workstation Michael Kerr GCFA
Forensic Analysis on a Windows 2000 Pro Workstation David Cragg GCFA
Sys Admins and Hackers/Analysis of a hacked system Lars Fresen GCFA
Validation of ISObuster v1.0 Steven Dietz GCFA
GIAC GREM Assignment – Pass Gregory Leibolt GREM
Analysis of a Potentially Misused Windows 95 System Gregory Leibolt GCFA
Forensic Analysis Think pad 600 laptop running Windows 2000 server Brad Bowers GCFA
Validation of Restorer 2000 Pro v1.1 (Build 110621) Denis Brooker GCFA
Analysis of a Suspect Red Hat Linux 6.1 System James Fung GCFA
Dead Linux Machines Do Tell Tales James Fung GCFA
Analysis and Comparison of Red Hat Linux 6.2 Honeypots With & Without LIDS-enabled Kernels Greg Owen GCFA
Analyzing a Binary File and File Partitions for Forensic Evidence James Butler GCFA
Becoming a Forensic Investigator/Use of Forensic Toolkit Mark Maher GCFA
Discovery Of A Rootkit: A simple scan leads to a complex solution John Melvin GCFA
GIAC GREM Assignment – Pass Lorna Hutcheson GREM
Forensic Analysis of a Windows 2000 server with IIS and Oracle Beth Binde GCFA
Forensic Analysis of a Sun Ultra System Tom Chmielarski GCFA
Reverse Engineering msrll.exe Rick Wanner GREM
Forensic Validity of Netcat Michael Worman GCFA
CC Terminals Harassment Case Dean Farrington GCFA
Forensic analysis of a compromised Linux RedHat 7.3 system Kevin Miller GCFA
Validation of Process Accounting Records Jim Clausing GCFA
Building an Automated Behavioral Malware Analysis Environment using Open Source Software Jim Clausing GREM
Forensic analysis of a Windows 98 system Jerry Shenk GCFA
Forensic analysis of a Compromised Red Hat 7.2 Web Server Martin Walker GCFA


SANS Digital Forensics Community: Summit Archives

SANS has held Digital Forensics Summits over the past years. Presentations given at these Summits are available for public viewing and download here.

Interested in learning more?

Forensics and Incident Response Summit 2012

US Digital Forensic and Incident Response Summit 2010

US Digital Forensic and Incident 2009

SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3

SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3

Download SIFT Workstation VMware Appliance Now – 1.5 GB

Having trouble downloading?
If you are having trouble downloading the SIFT Kit please contact and include the URL you were given, your IP address, browser type, and if you are using a proxy of any kind.

Having trouble with SIFT 3?
If you are experiencing errors in SIFT 3 itself, please submit errors, bugs, and recommended updates here:

How To:

  1. Download Ubuntu 14.04 ISO file and install Ubuntu 14.04 on any system. ->
  2. Once installed, open a terminal and run “wget –quiet -O – | sudo bash -s — -i -s -y”
  3. Congrats — you now have a SIFT workstation!!

Page Links

  • SIFT Workstation 3 Overview
  • Download SIFT Workstation 3 Locations
  • Manual SIFT 3 Installation
  • SIFT Workstation 3 Capabilities
  • SIFT Workstation 3 How-Tos
  • Report Bugs
  • SIFT Recommendations

SIFT Workstation 3 Overview

An international team of forensics experts, led by SANS Faculty Fellow Rob Lee, created the SANS Investigative Forensic Toolkit (SIFT) Workstation and made it available to the whole community as a public service. The free SIFT toolkit, that can match any modern forensic tool suite, is also featured in SANS’ Advanced Computer Forensic Analysis and Incident Response course (FOR 508). It demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.

Offered free of charge, the SIFT 3 Workstation will debut during SANS’ Advanced Computer Forensic Analysis and Incident Response course (FOR508) at DFIRCON. SIFT 3 demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.

“Even if SIFT were to cost tens of thousands of dollars, it would still be a very competitive product,” says, Alan Paller, director of research at SANS. “At no cost, there is no reason it should not be part of the portfolio in every organization that has skilled forensics analysts.”

Developed and continually updated by an international team of forensic experts, the SIFT is a group of free open-source forensic tools designed to perform detailed digital forensic examinations in a variety of settings. With over 100,000 downloads to date, the SIFT continues to be the most popular open-source forensic offering next to commercial source solutions.

“The SIFT Workstation has quickly become my “go to” tool when conducting an exam. The powerful open source forensic tools in the kit on top of the versatile and stable Linux operating system make for quick access to most everything I need to conduct a thorough analysis of a computer system,” said Ken Pryor, GCFA Robinson, IL Police Department

Key new features of SIFT 3 include:

  • Ubuntu LTS 14.04 Base
  • 64 bit base system
  • Better memory utilization
  • Auto-DFIR package update and customizations
  • Latest forensic tools and techniques
  • VMware Appliance ready to tackle forensics
  • Cross compatibility between Linux and Windows
  • Option to install stand-alone via (.iso) or use via VMware Player/Workstation
  • Online Documentation Project at
  • Expanded Filesystem Support

Download SIFT Workstation 3 Locations

Download SIFT Workstation VMware Appliance – 1.5 GB

Note: The file is zipped using 7zip in the 7z format. We recommend 7zip to unzip it. Download 7zip.

Manual SIFT 3 Installation


We tried to make the installation (and upgrade) of the SIFT workstation as simple as possible, so we create the SIFT Bootstrap project, which is a shell script that can be downloaded and executed to convert your Ubuntu installation into a SIFT workstation.

Check the project out at


Using wget to install the latest, configure SIFT, and SIFT theme

wget –quiet -O – | sudo bash -s — -i -s -y

Using wget to install the latest (tools only)

wget –quiet -O – | sudo bash -s — -i

SIFT Login/Password:

After downloading the toolkit, use the credentials below to gain access.

  • Login “sansforensics”
  • Password “forensics”
  • $ sudo su –
    • Use to elevate privileges to root while mounting disk images.

SIFT Workstation 3 Capabilities

Ability to securely examine raw disks, multiple file systems, evidence formats. Places strict guidelines on how evidence is examined (read-only) verifying that the evidence has not changed

File system support
  • ntfs (NTFS)
  • iso9660 (ISO9660 CD)
  • hfs (HFS+)
  • raw (Raw Data)
  • swap (Swap Space)
  • memory (RAM Data)
  • fat12 (FAT12)
  • fat16 (FAT16)
  • fat32 (FAT32)
  • ext2 (EXT2)
  • ext3 (EXT3)
  • ext4 (EXT4)
  • ufs1 (UFS1)
  • ufs2 (UFS2)
  • vmdk
Evidence Image Support
  • raw (Single raw file (dd))
  • aff (Advanced Forensic Format)
  • afd (AFF Multiple File)
  • afm (AFF with external metadata)
  • afflib (All AFFLIB image formats (including beta ones))
  • ewf (Expert Witness format (encase))
  • split raw (Split raw files) via affuse
  • affuse x2010 mount 001 image/split images to view single raw file and metadata
  • split ewf (Split E01 files) via
  • x2010 mount E01 image/split images to view single raw file and metadata
  • ewfmount – mount E01 images/split images to view single rawfile and metadata
Partition Table Support
  • dos (DOS Partition Table)
  • mac (MAC Partition Map)
  • bsd (BSD Disk Label)
  • sun (Sun Volume Table of Contents (Solaris))
  • gpt (GUID Partition Table (EFI))
Software Includes:
  • log2timeline (Timeline Generation Tool)
  • Rekall Framework (Memory Analysis)
  • Volatility Framework (Memory Analysis)
  • Autopsy (GUI Front-End for Sleuthkit)
  • PyFLAG (GUI Log/Disk Examination)afflib
    • afflib-tools
  • libbde
  • libesedb
  • libevt
  • libevtx
  • libewf
    • libewf-tools
    • libewf-python
  • libfvde
  • libvshadow
  • log2timeline
  • Plaso
  • qemu
  • SleuthKit
  • 100s more tools -> See Detailed Package Listing

SIFT Workstation 3 How-Tos

  • SANS DFIR Posters and Cheat Sheets
  • SIFT Documentation Project
  • How To Mount a Disk Image In Read-Only Mode
  • How To Create a Filesystem and Registry Timeline
  • How To Create a Super Timeline
  • How to use the SIFT Workstation for Basic Memory Image Analysis

Report Bugs

As with any release, there will be bugs and requests, please report all issues and bugs to the following website and location.

SIFT Recommendations

SIFT workstation is playing an important role for the Brazilian national prosecution office, especially due to Brazilian government budgetary constraints. Its forensic capabilities are bundled on a way that allows an investigation to be conducted much faster than it would take if not having the right programs grouped on such great Linux distribution. The new version, which will be bootable, will be even more helpful. I’d highly recommend SIFT for government agencies or other companies as a first alternative, for acquisition and analysis, from the pricey forensics software available on the market.

  • Marcelo Caiado, M.Sc., CISSP, GCFA, EnCE

What I like the best about SIFT is that my forensic analysis is not limited because of only being ableto run a forensic tool on a specific host operating system. With the SIFT VM Appliance, I can create snapshots to avoid cross-contamination of evidence from case to case, and easily manage system and AV updates to the host OS on my forensic workstation. Not to mention, being able to mount forensic images and share them as read-only with my host OS, where I can run other forensic tools to parse data, stream-lining the forensic examination process.

SANS Software Security Resources: Summit Archives

SANS AppSec 2014

SANS AppSec 2013

SANS AppSec 2012

SANS AppSec 2011

Vendor papers

CWE/SANS TOP 25 Most Dangerous Software Errors

The Top 25 Software Errors are listed below in three categories:

The New 25 Most Dangerous Programming Errors

The Scoring System

The Risk Management System

Click on the CWE ID in any of the listings and you will be directed to the relevant spot in the MITRE CWE site where you will find the following:

  • Ranking of each Top 25 entry,
  • Links to the full CWE entry data,
  • Data fields for weakness prevalence and consequences,
  • Remediation cost,
  • Ease of detection,
  • Code examples,
  • Detection Methods,
  • Attack frequency and attacker awareness
  • Related CWE entries, and
  • Related patterns of attack for this weakness.

Each entry at the Top 25 Software Errors site also includes fairly extensive prevention and remediation steps that developers can take to mitigate or eliminate the weakness.


Insecure Interaction Between Components

These weaknesses are related to insecure ways in which data is sent and received between separate components, modules, programs, processes, threads, or systems.

CWE-89 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
CWE-78 Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
CWE-434 Unrestricted Upload of File with Dangerous Type
CWE-352 Cross-Site Request Forgery (CSRF)
CWE-601 URL Redirection to Untrusted Site (‘Open Redirect’)

Risky Resource Management

The weaknesses in this category are related to ways in which software does not properly manage the creation, usage, transfer, or destruction of important system resources.

CWE-120 Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
CWE-494 Download of Code Without Integrity Check
CWE-829 Inclusion of Functionality from Untrusted Control Sphere
CWE-676 Use of Potentially Dangerous Function
CWE-131 Incorrect Calculation of Buffer Size
CWE-134 Uncontrolled Format String
CWE-190 Integer Overflow or Wraparound

Porous Defenses

The weaknesses in this category are related to defensive techniques that are often misused, abused, or just plain ignored.

CWE-306 Missing Authentication for Critical Function
CWE-862 Missing Authorization
CWE-798 Use of Hard-coded Credentials
CWE-311 Missing Encryption of Sensitive Data
CWE-807 Reliance on Untrusted Inputs in a Security Decision
CWE-250 Execution with Unnecessary Privileges
CWE-863 Incorrect Authorization
CWE-732 Incorrect Permission Assignment for Critical Resource
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
CWE-307 Improper Restriction of Excessive Authentication Attempts
CWE-759 Use of a One-Way Hash without a Salt

Resources to Help Eliminate The Top 25 Software Errors

  1. The TOP 25 Errors List will be updated regularly and will be posted at both the SANS and MITRE sites
    SANS Top 25 Software Errors Site
    CWE Top 25 Software Errors Site

    MITRE maintains the CWE (Common Weakness Enumeration) web site, with the support of the US Department of Homeland Security’s National Cyber Security Division, presenting detailed descriptions of the top 25 Software errors along with authoritative guidance for mitigating and avoiding them. That site also contains data on more than 700 additional Software errors, design errors and architecture errors that can lead to exploitable vulnerabilities. CWE Web Site

    SANS maintains a series of assessments of secure coding skills in three languages along with certification exams that allow programmers to determine gaps in their knowledge of secure coding and allows buyers to ensure outsourced programmers have sufficient programming skills. Organizations with more than 500 programmers can assess the secure coding skills of up to 100 programmers at no cost.

    Email for details.

  2. SAFECode – The Software Assurance Forum for Excellence in Code (members include EMC, Juniper, Microsoft, Nokia, SAP and Symantec) has produced two excellent publications outlining industry best practices for software assurance and providing practical advice for implementing proven methods for secure software development.

    Fundamental Practices for Secure Software Development 2nd Edition

    Overview of Software Integrity Controls

    Framework for Software Supply Chain Integrity

    Fundamental Practices for Secure Software Development

    Software Assurance: An Overview of Current Industry Best Practices

  3. Software Assurance Community Resources Site and DHS web sitesAs part of DHS risk mitigation efforts to enable greater resilience of cyber assets, the Software Assurance Program seeks to reduce software vulnerabilities, minimize exploitation, and address ways to routinely acquire, develop and deploy reliable and trustworthy software products with predictable execution, and to improve diagnostic capabilities to analyze systems for exploitable weaknesses.
  4. Nearly a dozen software companies offer automated tools that test programs for these errors.
  5. New York State has produced draft procurement standards to allow companies to buy software with security baked in.

    If you wish to join the working group to help improve the procurement guidelines you can go to the New York State Cyber Security and Critical Infrastructure Coordination web site.

    Draft New York State procurement language will be posted at SANS Application Security Contract.

For additional information on any of these:
SANS: Mason Brown,
MITRE: Bob Martin,
MITRE: Steve Christey,