SANS Cyber Defense Whitepapers

SANS Cyber Defense Whitepapers

White Papers are an excellent source for information gathering, problem-solving and learning. Below is a list of White Papers written by cyber defense practitioners seeking GSEC, GCED, and GISP Gold. SANS attempts to ensure the accuracy of information, but papers are published "as is".

Errors or inconsistencies may exist or may be introduced over time. If you suspect a serious error, please contact webmaster@sans.org.

Featured Papers

SANS Cyber Defense Whitepapers
Title Author Cert
Scalable Methods for Conducting Cyber Threat Hunt Operations Michael Long II GSEC
PORTKnockOut: Data Exfiltration via Port Knocking over UDP Matthew Lichtenberger GCIA
Introduction to Rundeck for Secure Script Executions John Becker GSEC
Detecting Penetration Testers on a Windows Network with Splunk Fred Speece GCIA
In but not Out: Protecting Confidentiality during Penetration Testing Andrew Andrasik GSEC
Practical Considerations on IT Outsourcing Implementation under the Monetary Authority of Singapore’s Technology Risk Management Guidelines Andre Shori GCCC
Physical Security and Why It Is Important David Hutter GSEC
Creating a Secure and Compliant Digital Forensics and Incident Response Network with Remote Access Scott Perry GSEC
An Approach to Reducing Federal Data Breaches David Thomas GSEC
Full Packet Capture Infrastructure Based on Docker Containers Mauricio Espinosa Gomez GSEC
Dissect the Phish to Hunt Infections Seth Polley GCED
Cloud Security Framework Audit Methods Diana Salazar GSEC
Threat Intelligence: Planning and Direction Brian Kime GSEC
Indicators of Compromise TeslaCrypt Malware Kevin Kelly GCIA
The Power and Implications of Enabling PowerShell Remoting Across the Enterprise Robert Adams GSEC
How to Leverage PowerShell to Create a User- Friendly Version of WinDump Robert Adams GCIA
Network Inspection of Duplicate Packets Randy Devlin GCIA
Data Loss Prevention Randy Devlin GSEC
Encryption Solutions for Small Networks David Reed GSEC
Understanding and Preventing Threats to Point of Sale Systems Richard Hummel GSEC
The Case for Endpoint Visibility Robert Mier GSEC
Methods for Understanding and Reducing Social Engineering Attacks Michael Alexander GCCC
Secure Architecture for Industrial Control Systems Luciana Obregon GSEC
Infrastructure Security Architecture for Effective Security Monitoring Luciana Obregon GCIA
Realistic Risk Management Using the CIS 20 Security Controls Andrew Baze GCCC
Security Risk Communication Tools Andrew Baze GSEC
There's No Going it Alone: Disrupting Well Organized Cyber Crime John Garris GSEC
Crossing the line: Joining forces with your customers Jules Vandalon GISF
NERC CIP Patch Management and Cisco IOS Trains Aaron Prazan GSEC
Breaking the Ice: Gaining Initial Access Phillip Bosco GSEC
Intrusion Detection and Prevention Systems Cheat Sheet: Choosing the Best Solution, Common Misconfigurations, Evasion Techniques, and Recommendations. Phillip Bosco GCIA
Real-World Case Study: The Overloaded Security Professional's Guide to Prioritizing Critical Security Controls Phillip Bosco GCCC
Changing the Perspective of Information Security in the Cloud: Cloud Access Security Brokers and Cloud Identity and Access Management Jennifer Johns GSEC
Data Loss Prevention and a Point of Sales Breach Nicholas Kollasch GSEC
Detecting and Preventing Attacks Earlier in the Kill Chain Chris Velazquez GSEC
Shedding Light on Cross Domain Solutions Scott Smith GSEC
Catching Flies: A Guide to the Various Flavors of Honeypots Scott Smith GCIA
Arming SMB's Against Ransomware Attacks Tim Ashford GCIA
Implementing Least Privilege in an SMB Tim Ashford GSEC
Tracking Online Counterfeiters Emilio Casbas GCIA
Under The Ocean of the Internet - The Deep Web Brett Hawkins GCIA
Case Study: The Home Depot Data Breach Brett Hawkins GSEC
Legal Considerations When Creating an Incident Response Plan Bryan Chou GSEC
Securing Jenkins CI Systems Allen Jeng GCIA
Minimizing Damage From J.P. Morgan's Data Breach Allen Jeng GSEC
The Role of Static Analysis in Heartbleed Jeff Sass GSEC
The Role of Static Analysis in Hardening Open Source Intrusion Detection Systems Jeff Sass GCIA
Protecting Home Devices from Malicious or Blacklisted Websites Sumesh Shivdas GCIA
Automating Provisioning of NetFlow Analyzers Sumesh Shivdas GCCC
Obfuscation and Polymorphism in Interpreted Code Kristopher Russo GSEC
Building and Maintaining a Denial of Service Defense for Businesses Matt Freeman GCCC
The Perfect ICS Storm Glenn Aydell GCIA
Fingerprinting Windows 10 Technical Preview Jake Haaksma GCIA
Shoestring Virtualization - Reducing the Risk to Small Business Data from Compromised Remote Networks Christopher Jarko GSEC
Practical Approach to Detecting and Preventing Web Application Attacks over HTTP/2 Russel Van Tuyl GCIA
Detecting Malicious SMB Activity Using Bro Richie Cyrus GCIA
Audits Made Simple David Belangia GCCC
The Best Defenses Against Zero-day Exploits for Various-sized Organizations David Hammarberg GSEC
Finding Bad with Splunk David Brown GCCC
Denial of Service Deterrence Ryan Sepe GSEC
A Secure Approach to Deploying Wireless Networks Joseph Matthews GSEC
Integration of Network Conversation Metadata with Asset and Configuration Management Databases Mike Yeatman GCIA
Practical Security Considerations for Managed Service Provider On-Premise Equipment Mike Yeatman GSEC
Case Study: Critical Controls that Could Have Prevented Target Breach Teri Radichel GSEC
Balancing Security and Innovation With Event Driven Automation Teri Radichel GCIA
Intrusion detection through traffic analysis from the endpoint using Splunk Stream Etrik Eddy GCIA
Intrusion Detection Evasion Techniques and Case Studies Pierce Gibbs GCIA
Botnet Tracking Tools Pierce Gibbs GSEC
A security assessment of Z-Wave devices and replay attack vulnerability. Mark Devito GSEC
Securing the Home IoT Network Manuel Leos Rivas GSEC
Profiling Web Applications for Improved Intrusion Detection Manuel Leos Rivas GCIA
Impediments to Adoption of Two-factor Authentication by Home End-Users Preston Ackerman GSEC
Is It Patched Or Is It Not? Jason Simsay GSEC
Securing Linux Containers Major Hayden GCUX
SAMHAIN: Host Based Intrusion Detection via File Integrity Monitoring Martinus Nel GSEC
Implementing Public Key Infrastructure (PKI) Using Microsoft Windows Server 2012 Certificate Services Michael Naish GSEC
Uncovering Indicators of Compromise (IoC) Using PowerShell, Event Logs and a Traditional Monitoring Tool Dallas Haselhorst GCCC
Tagging Data to Prevent Data Leakage (Forming Content Repositories) Michael Hendrik Matthee GCIA
Agile defensive perimiters: forming the security test regression pack Michael Hendrik Matthee GSEC
An Early Malware Detection, Correlation, and Incident Response System with Case Studies Yaser Mansour GCIA
Poaching: Hunting Without Permission David Switzer GCIA
Secure Network Design: Micro Segmentation Brandon Peterson GSEC
Home Field Advantage - Using Indicators of Compromise to Hunt down the Advanced Persistent Threat Matthew Toussain GSEC
Clickbait: Owning SSL via Heartbleed, POODLE, and Superfish Matthew Toussain GCIA
JavaScript Weaponized Matthew Toussain GCCC
Two-Factor Authentication (2FA) using OpenOTP Colin Gordon GSEC
Extending your Business Network through a Virtual Private Network (VPN) Kaleb Fornero GSEC
Is Anyone Out There? Monitoring DNS for Misuse Kaleb Fornero GCIA
Know Thy Network - Cisco Firepower and Critical Security Controls 1 & 2 Ryan Firth GCCC
Leveraging the Federal Public Trust Clearance Model in State Government Personnel Security Programs Joseph Impinna GSEC
Implementation and use of DNS RPZ in malware and phishing defence Alex Lomas GSEC
PLC Device Security - Tailoring needs Wen Chinn Yew GSEC
Building a Forensically Capable Network Infrastructure Nik Alleyne GCIA
Continuous Security: Implementing the Critical Controls in a DevOps Environment Alyssa Robinson GCCC
Automated Network Defense through Threat Intelligence and Knowledge Management Christopher O'Brien GCIA
Deception Techniques as Part of Intrusion Detection Strategy Colm Kennedy GCIA
Lenovo and the Terrible, Horrible, No Good, Very Bad Week Shaun McCullough GSEC
Using Vagrant to Build a Manageable and Sharable Intrusion Detection Lab Shaun McCullough GCIA
Securing Static Vulnerable Devices Chris Farrell GSEC
Security through Configuration Control at Scale – An Introduction to Ansible Patrick Neise GSEC
Intrusion Detection Through Relationship Analysis Patrick Neise GCIA
Incident identification through outlier analysis Joshua Lewis GCUX
Practical approaches for MTCP Security Joshua Lewis GCIA
The Automotive Top 5: Applying the Critical Controls to the Modern Automobile Roderick Currie GCCC
Developments in Car Hacking Roderick Currie GSEC
Continuous Monitoring: Build A World Class Monitoring System for Enterprise, Small Office, or Home Austin Taylor GMON
A Framework for Assessing 20 Critical Controls Using ISO 15504 and COBIT 5 Process Assessment Model (PAM) Muzamil Riffat GCCC
Security Assurance of Docker Containers Stefan Winkel GCCC
Network Forensics and HTTP/2 Stefan Winkel GCIA
Snort IDS & SSL Packets inspection Yousef Bakhdlaghi GCIA
Challenges for IDS/IPS Deployment in Industrial Control Systems Michael Horkan GCIA
A Black-Box Approach to Embedded Systems Vulnerability Assessment Michael Horkan GSEC
Straddling the Next Frontier Part 1: Quantum Computing Primer Eric Jodoin GCIA
SOHO Remote Access VPN. Easy as Pie, Raspberry Pi... Eric Jodoin GSEC
Implementing Full Packet Capture Matthew Koch GCIA
An Introduction to Linux-based malware Matthew Koch GSEC
Basic Reverse Engineering with Immunity Debugger Roberto Nardella GSEC
Paying Attention to Critical Controls Edward Zamora GCCC
Cloud Assessment Survival Guide Edward Zamora GSEC
Password Management Applications and Practices Scott Standridge GSEC
Using COIN Doctrine to Improve Cyber Security Policies Sebastien Godin GSEC
NetFlow Collection and Analysis Using NFCAPD, Python, and Splunk David Mashburn GCIA
Investing in Information Security: A Case Study in Community Banking Wesley Earnest GSEC
Moving Legacy Software and FOSS to the Cloud, Securely Larry Llewellyn GSEC
Learning from the Dridex Malware - Adopting an Effective Strategy Lionel Teo Jia Yeong GCIA
Analyzing Network Traffic with Basic Linux Tools Travis Green GCIA
How to Target Critical Infrastructure: The Adversary Return on Investment on an Industrial Control System Matthew Hosburgh GCCC
The Spy with a License to Kill Matthew Hosburgh GSEC
Leveraging the SCADA Cloud for Fun and Profit Matthew Hosburgh GCIA
Active Defense Through Deceptive Configuration Techniques Nathaniel Quist GSEC
Active Defense via a Labyrinth of Deception Nathaniel Quist GCIA
DevOps Rescuing White Lodging from Breaches Tobias Mccurry GSEC
Implementing Active Defense Systems on Private Networks Josh Johnson GCIA
Finding Evil in the Whitelist Josh Johnson GSEC
Open Source IDS High Performance Shootout George Khalil GCIA
Password Security-- Thirty-Five Years Later George Khalil GSEC
BYOD: Do You Know Where Your Backups Are Stored? Marsha Miller GSEC
Android Security: Web Browsers and Email Applications Marsha Miller GCCC
Exploits of Yesteryear Are Never Truly Gone Marsha Miller GCIA
Simple Approach to Access Control: Port Control and MAC Filtering Bill Knaffl GCCC
Case Study: How CIS Controls Can Limit the Cascading Failures During an Attack Bill Knaffl GSEC
Rootkit Detection with OSSEC Sally Vandeven GCIA
SSL/TLS: What's under the Hood Sally Vandeven GSEC
Web Application Attack Analysis Using Bro IDS Ganesh Kumar Varadarajan GCIA
Analyzing Polycom Video Conference Traffic Chris Cain GCIA
Application White-listing with Bit9 Parity Mike Weeks GSEC
Intrusion Analysis Using Windows PowerShell Mike Weeks GCIA
Critical Security Controls: Software Designed Inventory, Configuration, and Governance Lenny Rollison GCCC
Gh0st in the Dshell: Decoding Undocumented Protocols David Martin GCIA
Tracing the Lineage of DarkSeoul David Martin GSEC
OS X as a Forensic Platform David Martin GCIA
A No-Budget Approach to Malware Containment Paul Ackerman GSEC
Implementing the Critical Security Control: Controlled Use of Administrative Privileges Paul Ackerman GCCC
The LogLED An LED-Based Information Security Dashboard Paul Ackerman GCIA
Neutrino Exploit Kit Analysis and Threat Indicators Luis Rocha GCIA
Using the Department of Defense Architecture Framework to Develop Security Requirements James Richards GSEC
Defense-in-Policy begets Defense-in-Depth Matthew Greenwell GCED
A Hands-on XML External Entity Vulnerability Training Module Carrie Roberts GCIA
Discovering Security Events of Interest Using Splunk Carrie Roberts GSEC
Leveraging the Asset Inventory Database Timothy Straightiff GCCC
Cloud Computing - Maze in the Haze Godha Iyengar GSEC
Security Systems Engineering Approach in Evaluating Commercial and Open Source Software Products Jesus Abelarde GCIA
Inside Mac Security Ben Knowles GSEC
Cybersecurity Inventory at Home Glen Roberts GCCC
60 Seconds on the Wire: A Look at Malicious Traffic Kiel Wadner GCIA
Security Implications of iOS Kiel Wadner GSEC
Airwatch MDM and Android: a policy and technical review Tim Collyer GSEC
Faster than a speeding bullet: Geolocation data and account misuse Tim Collyer GCIA
Extracting Files from Network Packet Captures Stephen Deck GCIA
Triaging the Enterprise for Application Security Assessments Stephen Deck GCCC
BitTorrent & Digital Contraband Kenneth Hartman GCIA
Skype and Data Exfiltration Kenneth Hartman GSEC
What Every Tech Startup Should Know About Security, Privacy, and Compliance Kenneth Hartman GCCC
Using Decision Tree Analysis for Intrusion Detection: A How-To Guide Jeff Markey GCIA
Custom Full Packet Capture System Derek Banks GSEC
Reducing Organizational Risk Through Virtual Patching Joseph Faust GSEC
Preventing data leakage: A risk based approach for controlled use of the use of administrative and access privileges Christoph Eckstein GCCC
Validating Security Configurations and Detecting Backdoors in New Network Devices Christoph Eckstein GSEC
OS fingerprinting with IPv6 Christoph Eckstein GCIA
Endpoint Security Through Application Streaming Adam Walter GISP
Applying Machine Learning Techniques to Measure Critical Security Controls Balaji Balakrishnan GCCC
Honeytokens and honeypots for web ID and IH Rich Graves GCIA
Phishing Detection and Remediation Rich Graves GSEC
Using SSL to Secure LDAP Traffic to Microsoft Domain Controllers Andrew Reid GSEC
Log2Pcap Joaquin Moreno Garijo GCIA
About Face: Defending Your Organization Against Penetration Testing Teams Terrence OConnor GSEC
Detecting and Responding to Data Link Layer Attacks Terrence OConnor GCIA
Security Analytics: having fun with Splunk and a packet capture file pcap Alexandre Teixeira GCIA
The Age of Encryption Wesley Whitteker GCIA
Leading Effective Cybersecurity with the Critical Security Controls Wesley Whitteker GCCC
Point of Sale (POS) Systems and Security Wesley Whitteker GSEC
Windows Installed Software Inventory Jonathan Risto GCCC
Creating a Bastioned Centralized Audit Server with GroundWork Open Source Log Monitoring for Event Signatures Christopher Duffy GSEC
Technical Implementation of the Critical Control "Inventory of Authorized and Unauthorized Devices" for a Small Office/Home Office Kenton Groombridge GCCC
Nftables as a Second Language Kenton Groombridge GSEC
Beating the IPS Michael Dyrmose GCIA
Building a Home Network Configured to Collect Artifacts for Supporting Network Forensic Incident Response Gordon Fraser GCIA
Covert Channels Erik Couture GCIA
USB - Ubiquitous Security Backdoor Erik Couture GSEC
Implementing a PC Hardware Configuration (BIOS) Baseline David Fletcher GSEC
Comparative Risk Analysis Between GPON Optical LAN and Traditional LAN Technologies Jason Young GSEC
Daisy Chain Authentication Courtney Imbert GSEC
Beyond the cookie: Using network traffic characteristics to enhance confidence in user identity Courtney Imbert GCIA
The Fall of SS7 - How Can the Critical Security Controls Help? Hassan Mourad GCCC
Sleeping Your Way out of the Sandbox Hassan Mourad GSEC
Data Charging Bypass: How your IDS can help Hassan Mourad GCIA
Security Best Practices for IT Project Managers Michelle Pruitt GSEC
Security Best Practices for IT Project Managers Michelle Pruitt GSEC
An Analysis of the Snort Data Acquisition Modules Christopher Murphy GCIA
Web Application Firewalls Jason Pubal GCIA
Budgeting for the Critical Security Controls Paul Hershberger GCCC
Snort 3.0 Beta 3 for Analysts Doug Burks GCIA
Testing Application Identification Features of Firewalls William McGlasson GCIA
Check Point Firewall Log Analysis In-Depth Mark Stingley GCIA
OPM vs. APT: How Proper Implementation of Key Controls Could Have Prevented a Disaster David Kennel GSEC
Linux/Unix v. Ransomware: How Ransomware Attacks Inform the Defense of Linux & Unix Systems David Kennel GCUX
Enhancing Intrusion Analysis through Data Visualization Wylie Shanks GCIA
Building and Managing a PKI Solution for Small and Medium Size Business Wylie Shanks GSEC
The Security Onion Cloud Client Network Security Monitoring for the Cloud Joshua Brower GCIA
Securely Integrating iOS Devices into the Business Environment Joshua Brower GSEC
The Business Case for TLS Certificate Enterprise Key Management of Web Site Certificates Wrangling TLS Certificates on the Wild Web Sandra Dunn GCCC
A Practical Big Data Kill Chain Framework Brian Nafziger GSEC
Practical Attack Detection, Analysis, and Response using Big Data, Semantics, and Kill Chains within the OODA Loop Brian Nafziger GCIA
Don't Always Judge a Packet by Its Cover Gabriel Sanchez GCIA
Case Study: Critical Controls that Sony Should Have Implemented Gabriel Sanchez GSEC
eAUDIT: Designing a generic tool to review entitlements Francois Begin GCCC
BYOB: Build Your Own Botnet Francois Begin GSEC
What's Running on Your Network? Francois Begin GCIA
Remotely Accessing Sensitive Resources Jason Ragland GSEC
Configuration Management with Windows PowerShell Desired State Configuration (DSC) Brian E. Quick GSEC
Breach Control: Best Practices in Health Care Brian E. Quick GCIA
Hunting Threats Inside Packet Captures Muhammad Elharmeel GCIA
Humans... The Overlooked Asset Muhammad Elharmeel GSEC
Online Backup: Worth the Risk? Stephen Strom GSEC
Check Point firewalls - rulebase cleanup and performance tuning Barry Anderson GSEC
Social Engineering: Manipulating the Source Jared Kee GCIA
Logging and Monitoring to Detect Network Intrusions and Compliance Violations in the Environment Sunil Gupta GCIA
Spoofing: An Overview of Some Current Spoofing Threats Neil Riser GSEC
Using Web Application Firewall to detect and block common web application attacks Issac Kim GCIA
Vulnerabilities In TCP And UDP Ports Robert Davis GSEC
The Importance of Security Awareness Training Cindy Brodie GSEC
An Analysis of Gameover Zeus Network Traffic Daryl Ashley GCIA
Passing the Sniff (Snort) Test Matthew Hansen GCIA
Diskless Cluster Computing: Security Benefit of oneSIS and Git Aron Warren GSEC
Setting up Splunk for Event Correlation in Your Home Lab Aron Warren GCIA
Catching Phishers with Honey-Mail Denise Dragos GSEC
Managing Accepted Vulnerabilities Tracy Brockman GCCC
Does it come with Networking? Tracy Brockman GCIA
Smart IDS — Hybrid LaBrea Tarpit Cristian Ruvalcaba GCIA
Business Continuity On A Stick Patrick Kral GSEC
Incident Handler's Handbook Patrick Kral GSEC
Coding For Incident Response: Solving the Language Dilemma Shelly Giesbrecht GSEC
Implementing IEEE 802.1x for Wired Networks Johan Loos GCWN
Implementing the Critical Security Controls in the Cloud Jon Mark Allen GCCC
IPv6 and Open Source IDS Jon Mark Allen GCIA
OS and Application Fingerprinting Techniques Jon Mark Allen GSEC
Protect Critical Infrastructure Systems With Whitelisting Dwight Anderson GSEC
Implementing a Vulnerability Management Process Tom Palmaers GSEC
VoIP Security Vulnerabilities David Persky GCIA
Designing and Implementing a Honeypot for a SCADA Network Charles Scott GCIA
Auditing and Securing Multifunction Devices Charles Scott GSEC
Wireshark: A Guide to Color My Packets Roy Cheok GCIA
Small Business: The New Target What can they Do? Robert Comella GCIA
Firefox VS Windows Internet Explorer Robert Comella GSEC
Host-Based Detection and Data Loss Prevention Using Open Source Tools Chris Hoke GCIA
Detecting and Preventing Rogue Devices on the Network Ibrahim Halil Saruhan GCIA
Mimikatz Overview, Defenses and Detection James Mulder GSEC
Open Source Host Based Intrusion Detections System (OHIDS) Tom Webb GCIA
An Architecture for Implementing Enterprise Multifactor Authentication with Open Source Tools Tom Webb GSEC
VPNScan: Extending the Audit and Compliance Perimeter Robert Vandenbrink GSEC
IOSMap: TCP and UDP Port Scanning on Cisco IOS Platforms Robert Vandenbrink GCIA
Intel IXP Network Processor Based Intrusion Detection Greg Pangrazio GCIA
Building Servers as Appliances for Improved Security Algis Kibirkstis GSEC
Using Splunk to Detect DNS Tunneling Steve Jaworski GCIA
Visualizing Firewall Log Data to Detect Security Trenton Bond GCIA
A Practical Social Media Incident Runbook Trenton Bond GSEC
Protecting Laptop Computers Greg Hill GSEC
Laptop Security: Windows® Vista vs. XP Greg Hill GSEC
Using rsync to centralize backups in small to medium-sized networks Jeff Lake GSEC
Applying Information Security and Privacy Principles to Governance, Risk Management & Compliance Scott Giordano GSEC
Intrusion Detection & Response Leveraging Next Generation Firewall Technology Ahmed Abdel-Aziz GCIA
Windows 2000 Monitoring from Windows NT in a Workgroup Frank Vianzon GCWN
Visual Baselines - Maximizing Economies of Scale Using Round Robin Databases Kirsten Hook GCIA
Preparing to face new vulnerabilities Jacelyn Faucher GSEC
A Practical Application of Background Investigations for Small Company Security Perimeters Timothy Cook GSEC
Zork as a Computer Investigative Mind Set Timothy Cook GCIA
Monitoring Network Traffic for Android Devices Angel Alonso-Parrizas GCIA
Detecting DNS Tunneling Greg Farnham GCIA
Windows Remote Desktop Heroes and Villains Greg Farnham GSEC
Malware Analysis: An Introduction Dennis Distler GSEC
Wireless Attacks from an Intrusion Detection Perspective Gary Deckerd GCIA
A Virtually Secure Browser Seth Misenar GSEC
Using Network Based Security Systems to Search for STIX and TAXII Based Indicators of Compromise Jason Mack GCIA
Simulating Cyber Operations: A Cyber Security Training Framework Bryan Fite GSEC
Corporate Identity Fraud: Life-Cycle Management of Corporate Identity Assets Bryan Fite GSEC
Integrating Wired and Wireless IDS Data Michael Stanton GCIA
Passive Application Mapping Benjamin Small GCIA
Corporate vs. Product Security Philip Watson GSEC
The User Agent Field: Analyzing and Detecting the Abnormal or Malicious in your Organization Darren Manners GCIA
A Framework to Collect Security Events for Intrusion Analysis Jim Chrisos GCIA
Trends in Bot Net Command and Control Will Longman GSEC
Risks and Rewards of Instant Messaging in the Banking Sector Nicholas Rose GSEC
A Small Business No Budget Implementation of the SANS 20 Security Controls Russell Eubanks GCIA
Application Firewalls: Don't Forget About Layer 7 Russell Eubanks GSEC
Something Phishy: How to Avoid Being Caught in the Net of Specialized Spam Karen Friend GSEC
Visa's 3-D Secure™:Secure Online Payment Authentication Dominique Singer GSEC
Securing the GPRS Network Infrastructure - a Network Operator's Perspective Jonathan Sau GSEC
How to Avoid Inofrmation Disclosure when Managing Windows with WMI Alex Timkov GSEC
An Introduction to Metasploit Project for the Penetration Tester Brandon Greenwood GSEC
Tuning an IDS/IPS From The Ground UP Brandon Greenwood GCIA
Network Security: Layering a 3R Solution @ the Perimeter Larry Copeland GSEC
Securing Windows Service Accounts Gerald Rice GSEC
Apache modules for rapid mitigation of security threats Stephanie Sullivan GSEC
Deploying Nagios Monitoring Services on Secured Red Hat Enterprise Linux 3 Environment Alexey Rogozhkin GCUX
How to Configuring Local Logging on Solaris 8 and Use Symantec Intruder Alert for Centralized Logging Nolan Haisler GSEC
GIAC GCIA Assignment - Pass Chris Sia GCIA
Pass - English Version Marco Brando GCIA
Measuring effectiveness in Information Security Controls Manuel Humberto Santander Pelaez GSEC
GIAC GCIA Assignment - Pass Manuel Humberto Santander Pelaez GCIA
Case Study: The Get Connected CD David Greenberg GSEC
Secure remote access using a Juniper SSL VPN Graham Belton GSEC
Detecting Attacks Against The 'Internet of Things' Adam Kliarsky GCIA
GIAC GCIA Assignment - Pass Adam Kliarsky GCIA
Indelicate Balance: The Challenge of Content Filtering Systems in a Litigious Society Grant Streeter GSEC
Incident Management 101: Preparation & Initial Response (aka Identification) Robin Dickerson GSEC
Taking control of your Internet email using Sendmail and Mimedefang. Matthew Schumacher GSEC
Risk Assessment of Social Media Robert Shullich GSEC
GIAC GCIA Assignment - Pass Andrew Magnusson GCIA
An Overview of 802.11 Wireless Network Security Standards & Mechanisms Luis Carlos Wong Or GSEC
Information Systems Security Architecture: A Novel Approach to Layered Protection George Farah GSEC
Identity Theft:What you need to know Krzysztof Biernacki GSEC
But I have a firewall, my network's secure! Derran Guinan GSEC
Understanding Oracle Auditing Wayne Reeser GSEC
IT Security Awareness Best Practices James Neidich GSEC
Case Study: Secure Application Deployment Utilizing Terminal Server and VPN Clients Greg Croteau GSEC
GIAC GCIA Assignment - Pass Alexander Schinner GCIA
IP Fragment Reassembly with Scapy Mark Baggett GCIA
Thumb Drive Threats and Countermeasures in a Mircosoft Windows Environment Mark Baggett GSEC
Database Activity Monitoring (DAM): Understanding And Configuring Basic Network Monitoring Using Imperva's SecureSphere Charles Brodsky GCIA
Configuring a Cisco PIX to use TACACS+ for authentication of a remote user VPN Charles Brodsky GSEC
Track 3 - Intrusion Detection In-Depth GIAC Certified Intrusion Analyst (GCIA) Practical Assignment Version 4.0 Jan Stodola GCIA
Securing Wireless Networks Brett Thorne GSEC
Creating A Secure Linux Logging System Nathaniel Hall GSEC
Setting up a Secure Mail Server with HP-UX 11i v1, Qmail and Qpopper Patrick Wallek GCUX
Secure Data. Is there Such a Thing? Sheetal Sood GSEC
Steganography in the Corporate Environment Joann Kennedy GSEC
3DES and Secure PIN-based Electronic Transaction Processing Michael Buegler GSEC
Implementing a Secure WebDAV System Richard Ross GSEC
Evil Through the Lens of Web Logs Russ McRee GCIA
SMaK Russ McRee GSEC
Voice over Internet Protocol: A Discussion on How to Securely Implement on an Existing Data Network Kevin Larson GSEC
PHYSICALLY SECURITY CONSIDERATIONS FOR HIGHLY DISTRIBUTED AUTOMATION NETWORKS Rob McComber GSEC
Utilizing Static Packet Filters to Enhance Network Security Scott Foster GSEC
Meeting the challenges of automated patch management John Walther GSEC
CARP: The Free Fail-over Protocol Pieter Danhieux GSEC
GIAC GCIA Assignment - Pass Josh Berry GCIA
Surfing the Web Anonymously - The Good and Evil of the Anonymizer Peter Chow GSEC
Monitoring the vital signs of a network with Multi Router Traffic Grapher (MRTG) Peter Chow GSEC
Information Security.s Unlikely Advocae Matt Sorensen GSEC
Maintaining a secure network Robert Droppleman GSEC
Vulnerability Assessment Homyar Naterwala GSEC
Building an Enterprise Ready, Client based VPN Solution. Kurt Anderson GSEC
Building a Secure Sun JumpStart Environment Using the Solaris Security Toolkit, Step-by-Step Mahrlon Willis GCUX
Are SSL VPNs Ready for the Mainstream? Michael Jackson GSEC
GIAC GCIA Assignment - Pass Blaine Hein GCIA
An Introduction to the Computer Security Incident Response Tom Campbell GSEC
Preparation@Incident Response.security Dan Widger GSEC
A Case Study: Removing Server Based Trust Relationships Keith Gaughan GSEC
Detecting Spam with Genetic Regular Expressions Eric Conrad GCIA
A Non-technical Perspective: Authentication - AKA: The Idiot's Guide to Passwords Matt Galin GSEC
The "Great Firewall" of China: A Real National Strategy to Secure Cyberspace? Carolyn Pearson GSEC
Managing Sophos Anti-Virus on a College Network Steven Blanc GSEC
Setting Up a Database Security Logging and Monitoring Program Jim Horwath GCIA
Building a Cost Effective Enterprise-Wide Monitoring Solution Using Big Brother Jim Horwath GCUX
iPad Security Settings And Risk Review For iOS 4.X Jim Horwath GSEC
Adapting Windows Security for Legacy Applications Edward Myers GSEC
GIAC GCIA Assignment - Pass Ben Allen GCIA
Active Directory, Group Policy And Auditingsystem Design For Merged Windows 2000 Multiforest Environment Tomislav Herceg GCWN
GIAC GCIA Assignment - Pass Bobby Noell GCIA
Windows Security Architecture issues for an IT outsourcing company within a single infrastructure Christian Gigandet GCWN
Meeting FISMA Requirements for Systems Constructing a System Security Plan Daniel Nagy GSEC
Practical demonstration of 802.11 wireless network system risk for non-technical business managers Marie Fromm GSEC
How to Effectively Launch and Maintain Security Policies Vincent Fitzpatrick GSEC
Novell NetWare 6 Security Baseline Configuration John Saley GSEC
Network Security- A Guide for Small and Mid-sized Businesses Jim Hietala GSEC
Securing the Employees in a HIPAA-Regulated Environment Brian LaPointe GSEC
Securely Operating Windows Terminal Services/Remote Desktop Multiplatform Environment Keith Lawson GSEC
Using a Custom LiveCD and Firewall Builder to Provide Enterprise Level Security on a Budget Jim Gadrow GSEC
Netfilter and IPTables - A Structural Examination Alan Jones GSEC
Case Study - Assessing the Impact of Unsolicited Commercial E-mail in a Large Corporation Joseph Mccomb GSEC
CA-ACF2 User Account Cleanup Scott Meyer GSEC
The Art of Web Filtering Robert Alvey GSEC
Step by Step Installation of a Secure Linux Web, DNS and Mail Server John Holbrook GSEC
Dynamic Host Configuration Protocol: Security Implications and Possible Safeguards Matthew Harvey GSEC
A Policy to Prevent Outsider Attacks on the Local Network Clarissa Evans Brown GSEC
Securing a NetWare 6.5 Installation and Server Environment Robert Clarke GSEC
Basic Lindows Security Andrew Bernoth GSEC
GIAC GCIA Assignment - Pass Vance Victorino GCIA
Base64 Can Get You Pwned Kevin Fiscus GCIA
A Survey of IT Offshoring Kelly Gieg GSEC
Department of Defense Public Key Infrastructure Sandra Felton GSEC
Audit Of The GIAC Enterprises Production Web And Database Servers Richard Allen Stone GCUX
Security Analysis Of GIAC Enterprises FTP Gateway Ivar Aarsnes GCUX
Wireless Security Dispelling Myths Eric Smith GSEC
Detachable Data Compartmentalization: Layered Defense for Laptop Data Using USB Keychain Hard Drives as Detachable Data Compartmentalization Modules John Pritchard GSEC
Case Study in Implementing AAA Servers Using TACACS+ Steve Ingram GSEC
How do you like your Internal Security? Hard-Boiled or Scrambled? A Case Study of Hardening Interior Security Jennifer Gruener GSEC
Case Study: Improving Security in Corporate (SMTP) E-Mail Delivery Brian Sommers GSEC
Security Policy and Social Media Use Maxwell Chi GSEC
Passed Maxwell Chi GSEC
Cyberspace: America's New Battleground Maxwell Chi GSEC
Skimming and Its Side Effects Nobie Cleaver GSEC
Highly Available PCs First Step in Business Continuity for Executives Joseph Fraher GSEC
GIAC GCIA Assignment - Pass Eric Evans GCIA
GIAC GCIA Assignment - Pass Geoffrey Sanders GCIA
When Business Need Justifies Leaving RPC Services Enabled Bertha Marasky GCUX
A practical guide to OpenSSH Olivier De Lampugnani GSEC
GIAC GCIA Assignment - Pass Stephen Hall GCIA
Managing Security with Group Policy and the Windows Server 2003 Group Policy Management Console Norman Christopher-Knight GSEC
Implementing a Windows 2003 PKI from an Existing Windows 2000 Network Norman Christopher-Knight GCWN
Securing A Wireless LAN: A Case Study Richard Park GSEC
Instant Messaging technology for the business market. Do the advantages outweigh the risks? Phuong Nguyen GSEC
Rapid Tactical Reconnaissance Techniques for Extremely Large-Scale, Dynamic Enterprise Networks Jonathan Ham GSEC
Following a Breach Simulating and Detecting a Common Attack Dale Daugherty GCIA
Secure Server Policies and Procedures for Novell NetWare Compliance Dale Daugherty GSEC
Auditor's Report - GIAC University - Solaris MTA Security Audit Susan Hanna GCUX
Linux Kernel Hardening Taylor Merry GSEC
Securing the Network in a K-12 Public School Environment Russ Penner GSEC
Evading Network Security Devices Utilizing Secure Shell Wesley Brown GSEC
Case Study: Meeting the Security Requirements of the Gramm-Leach-Bliley Act (GLBA) Stephen Sims GSEC
Novell Small Business Suite Security Recommendations Scott Stone GSEC
Information Assurance Ramifications of Using OpenSSL in the Department of Defense Computing Environment Joel Kirch GSEC
Wanted Dead or Alive: Snort Intrusion Detection System Mark Eanes GSEC
Role-Based Access Control: The NIST Solution Hazen Weber GSEC
Case Study: Implementing a Secure Wireless Network using WPA Randy Hensel GSEC
GIAC GCIA Assignment - Pass Johnny Wong GCIA
Architecting, Designing and Building a Secure Information Technology Infrastructure, a case study John Johnston GSEC
Viral Polymorphism Stephen Pearce GSEC
Configuring Watchguard Proxies: A Guideline to Supplementing Virus Protection and Policy Enforcement Alan Mercer GSEC
Obstacles to - And Workarounds For - Deploying Secure Systems Craig Cox GSEC
Framework for Innovative Security Decisions Ergash Karshiev GCED
An Introduction to SELinux for Administrators Jeff Pike GCUX
Auditing-In-Depth For Solaris Jeff Pike GSEC
Linux kernel rootkits: protecting the systems Ring-Zero Raul Siles GCUX
Security Elements of IIS 6.0 Anthony DeVoto GSEC
GIAC GCIA Assignment - Pass Joanne Schell GCIA
GIAC GCIA Assignment - Pass Carl Madzelan GCIA
Information Security Managing Risk with Defense in Depth Ken Straub GSEC
Wireless Security: Past, Present and Future Keith Morris GSEC
Brush up on Bluetooth Jeffrey Hall GSEC
A Cliff Notes Guide to the History of Information Security: Past, Present, and Future David Jackson GSEC
Encrypting Mail in a Windows Network David Perez GCWN
GIAC GCIA Assignment - Pass David Perez GCIA
Logging and Reporting : A view from the top Rick Hislop GSEC
Building a Secure Backup Server for theSolaris 9 Operating Environment Shaun McAdams GCUX
SSH (Secure Shell) Authentication Methods and Security Control Robert Decker III GSEC
Case Study: Spam Blocking, Content Filtering, Virus Scanning and Attachment Blocking in a Novell GroupWise Environment With Guinevere, SpamAssassin and Symantec (Norton) Anti-Virus Corporate Edition Doug Hitchen GSEC
Data-Centric Quantitative Computer Security Risk Assessment Brett Berger GSEC
Enhancing E-mail Security using Exchange Server 2003 and Outlook 2003 Cheryl Jones GCWN
Securing Wireless Clients using IPsec via Linux Gateway Robert King GSEC
Network- and Host-Based Vulnerability Assessments: An Introduction to a Cost Effective and Easy to Use Strategy. Ragi Guirguis GSEC
Keeping Red Hat Linux Systems Secure with up2date John Mravunac GSEC
Limiting Exposure to Denial of Service Attacks Heather Burritt GSEC
Getting Started: The Impacts of Privacy and Security Under HIPAA - A Case Study Barbara Filkins GSEC
Hard Earned Lessons In Implementing Computer Security Incident Response Jason Chee GSEC
GIAC GCIA Assignment - Pass John Petkovsek GCIA
Securing the Gold through Better Network Design: A Case Study Todd Sheppard GSEC
A Best Practices Guide To Secure a Windows(R) XP Professional Installation Zacharias Groves GSEC
Branch Office connectivity: Private Frame to VPN's, makes dollars and sense. David Boyden GSEC
Discovery, Eradication and Analysis of an attack on an open system: Welcome to the Jungle Steve Terrell GSEC
Secure File Transfer with SSH2 Renato Lozano GSEC
Lessons in Learning Network Security Coleen Regalmuto GSEC
Securing Windows 2000 with Security Templates Patricia Shirer GCWN
Why The Need for Internet Content Filtering/Management- A Close Look at Internet Manager Elron Web Inspector 6.03 Michell Singleton GSEC
Deploying a website built using Oracle9iAS Portal Stephen Coates GSEC
GIAC GSEC Assignment - Pass Colleen Bolan GSEC
Lean Thinking in Information Security Stuart Berman GSEC
The Need for an Established Security Awareness Training Program Richard Lewis GSEC
Enhancing risk management within a research laboratory, from behind an academic institution's firewall - a case study Paul Buzzell GSEC
Long Distance Failover - High Availability using Cisco PIX Firewall Chris Ellem GSEC
GIAC GCIA Assignment - Pass Terry MacDonald GCIA
A New Evolution in Hack Attacks: A General Overview of Types, Methods, Tools, and Prevention Kelley Ealy GSEC
Implementing a Security Program from the Beginning, for the Beginner Thomas Paulger GSEC
Slippery Slope or Terra Firma? Current and Future Anti-Spam Measures Charlene LeBlanc GSEC
Steganography Michael Meister GSEC
Case Study: Transforming a Traditional Windows Client/Server Application Into a Secured ASP Offering David Strubbe GSEC
GIAC GCIA Assignment - Pass Don Murdoch GCIA
Building a Secured OS for a Root Certificate Authority Don Murdoch GCUX
Putting Eyes on the Wire Don Murdoch GSEC
SANS and GIAC Together Again Don Murdoch GCWN
SANS/GIAC Enterprises Active Directory Merger - Design, Security Policy, and Auditing Practices Ben Schmitt GCWN
Building a Secure OpenBSD Mail System on a Small Budget Jesse Trucks GCUX
GIAC GCIA Assignment - Pass Bill Young GCIA
Design a Secure Windows 2000 Infrastructure Jack Kohn GCWN
Oracle Collaboration Suite Security Chris Bennett GSEC
Security Process for the implementation of a Company's extranet network connections. Kirk Steinklauber GSEC
GIAC GCIA Assignment - Pass Jim Becher GCIA
Securing a Windows 2000 Application Server With Security Templates Joshua Sprenger GCWN
Kerberos and Access Token Limitations Joshua Sprenger GSEC
Security in Practice- Reducing the Effort Leon Pholi GSEC
Centralized Monitoring of Distributed Systems Edward Finneran GCUX
Case study: Implementing Trend Micro antivirus solutions in the enterprise. Mark De Rijk GSEC
GIAC GCIA Assignment - Pass Andrew Patrick GCIA
Limiting Concurrent Logins in Windows NT/2000 Gene Burton GSEC
GIAC GCIA Assignment - Pass Ashley Thomas GCIA
Strategies for Improving Vulnerability Assessment Effectiveness in Large Organizations Robert Huber GSEC
Cost Effective Firewalling Using Linux Technology In Small Businesses Steve Lang GSEC
Facing Security on a Boosted RREN Backbone Carlos Fragoso Mariscal GSEC
A Guide to Hash Algorithms Britt Savage GSEC
Linux Firewall Audit: GIAC Enterprises Elaine Madison GCUX
Introducing Security to the Small Business Enterprise Jeff Herbert GSEC
Windows Update and Its Derivatives - With a focus on SUS Pei-li Chao GSEC
ACF2 Mainframe Security Bethany Hinsch GSEC
GIAC Certified Windows Security Administrator Bryce Thompson GCWN
Let's Slam SQL: The Slammer Worm and Lessons Learned Brian Greif GSEC
The Logbook of The World Ted Demopoulos GSEC
An Introduction To File Integrity Checking On Unix Systems Del Armstrong GCUX
Light at the end of the TCP Tunnel: Freedom or Oncoming Train? Risks, Benefits and Best Practices James Ault GSEC
GIAC GCIA Assignment - Pass Daniel Wesemann GCIA
Current Steganography Tools and Methods Erin Michaud GSEC
NIDS Countermeasures: What, Why, Where, When, and How Jonathan Kobrick GSEC
Integrating Real-Time Services on the Web Pete Kobak GSEC
Symantec Enterprise VPN Solution: Extending our Network through the Internet Robin Parrish GSEC
A Guide to Government Security Mandates Christian Enloe GSEC
Building a Security Test Environment Richard Noel GSEC
Scanning for viruses Dan Boyd GSEC
GIAC GCIA Assignment - Pass Ron Shuck GCIA
Common Ground - A Discussion of Standards in Network Security and How to Extend Them into the Network Assessment Arena Timothy Politowicz GSEC
Implementation Methodology for Information Security Management System (to comply with BS 7799 Requirements) Avinash Kadam GSEC
Smart Card Authentication: Added Security for Systems and Network Access Lawrence Thompson GSEC
Custom IIS Authentication and Access Control using ISAPI Filter Arsne von Wyss GCWN
Securing Windows running Trend Micro Services with Security Templates Curtis Simonson GCWN
Finding the Right Instant Messaging Solution for Your Company Jeff Richeson GSEC
GIAC GCIA Assignment - Pass Greg Lalla GCIA
Centralizing Event Logs on Windows 2000 Greg Lalla GSEC
Patching Windows Environments Using Microsoft Software Update Services SUS Ihaab Dais GSEC
UNIX System Management and Security: Differences between Linux, Solaris, AIX and HP-UX Haral Tsitsivas GSEC
Setting Up Controlled Virtual Private Networks Using Microsoft's Proxy Server and Routing and Remote Access Service Mike Powell GSEC
Defending Against Spyware Invasion Jeff Smith GSEC
Achieving Managements Security Commitment Sherry Desbrough GSEC
Firewall Fingerprinting: Using default TCP/UDP port combinations and Nmap to identify firewall types in a network Charles Hamby GSEC
Remote Access VPN Security Concerns and Policy Enforcement Mike Stines GSEC
The Difficulty of Detecting Rogue Wireless Access Points on a University or Organization Campus Anna Zapata GSEC
Bastion Build Revisited Al Un GCUX
Vulnerabilities Secure Base Build of AIX 5.1 Al Un GSEC
VPN Deployment: Remote Access via Cisco PIX Dwayne Foley GSEC
Slapper Paul Elwell GSEC
Contingency Planning for ACE/Server 5.0 Tikuo Chen GSEC
Event Correlation Systems - The New Threat Frontline Kevin McIntyre GSEC
Under the radar: A look at three covert communications channels Jim Goltz GSEC
Setting up a Secure Home Office Network Perry Jurancich GSEC
Creating a Home Test Lab Russell Elliott GSEC
GIAC GCIA Assignment - Pass Carl Gibbons GCIA
Intrusion Detection, Evasion, and Trace Analysis Michael Wyman GCIA
Security for a CRM environment Jason LaFrance GSEC
A Novice's Guide to Securing Windows XP Home Edition Timothy Potter GSEC
Building a Cookerpot: Using honeypots to improve Mandrake Linux security Valter Santos GSEC
Protecting the Average Consumer-What's wrong with Firewalls Thomas Hauer GSEC
Case Study: Deploying and Configuring a Netscreen 100 Firewall Appliance to Secure the Network James Murphy GSEC
Steganography Policies for Protecting Your Web Site Toni Halley GSEC
Web Application Security - Layers of Protection William Fredholm GSEC
The Need for Information Security in Today's Economy Jeff Tarte GSEC
Distributed Intrusion Detection Systems: An Introduction and Review Royce Robbins GSEC
GIAC GCIA Assignment - Pass Edward Ray GCIA
Case Study On Improving The Security Of A Firm In A Legacy Application Setting Susan Bradley GSEC
Ransomware Susan Bradley GSEC
Protecting Small Business Banking Susan Bradley GSEC
Setting Up and Securing a Small Network with OpenBSD Blair Heiserman GSEC
Ghosts in the machine: The who, why, and how of attacks on information security Cary Barker GSEC
Information Security in Higher Education: Threats & Response Thomas Roberts GSEC
Electronic Medical Records: Success Requires an Information Security Culture Thomas Roberts GSEC
Firewall Builder the GUI alternative James Coffey GSEC
Securing The Hp Nonstop Himalaya Using Safeguard Thomas Hamzik GSEC
GIAC GCIA Assignment - Pass Thomas Hoffecker GCIA
Security for Online Transaction Processing in a White Label Financial Switch Fabian Soler GSEC
Remote Users: Trust verses Necessity Chrystal Lionberger GSEC
A Case Study on Securing Medical Practitioners' Offices and Making The Offices HIPAA-Aware Ira Victor GSEC
Development of a Network Intrusion Detection Policy Frank Yarnell GSEC
SSL Appliance Based Solutions for Corporate Web Farms: The Benefits, the Drawbacks, and the Vulnerabilities Matthew Fries GSEC
What is Seen is Screened Todd Emerton GSEC
InfoWar: Cyber Terrorism in the 21st Century Can SCADA Systems Be Successfully Defended, or are They Our "Achilles Heal"? Michael Ratledge GSEC
Securing Microsoft Exchange with Ciphertrust Ironmail John Warren GSEC
Impact of Automatic Update installation in Service Pack 3 from Microsoft on Windows 2000 workstation. Robert Blackwell GSEC
Securing Our Critical Infrastructures Chris Brooks GSEC
PestPatrol in a Corporate Environment: A Case Study In Information Security Tim Strong GSEC
Help We Just Fired Our Only IT Person! Doug Cox GSEC
Mitigating Web Application Risks With A Security Code Review And Appscan. Michael Blase GSEC
Linux.Slapper.Worm: Buffer Overflow Attacks Continue to Be a Problem Richard Fifarek GSEC
GIAC GCIA Assignment - Pass Erik Montcalm GCIA
Securing Task Station Computers Using Windows 2000 Group Policy Roger McClinton GCWN
GIAC GCIA Assignment - Pass Jose Faial GCIA
GIAC GCIA Assignment - Pass Mohammed Haron GCIA
Is Your Storage Area Network Secure? An Overview of Storage Area Network from Security Perspective Mohammed Haron GSEC
A Case Study: Deployment of Virus Protection In The Global Enterprise Carl Alexander GSEC
Packet Sniffing In a Switched Environment Tom King GSEC
Secure Setup of a Corporate Detection and Scanning Environment Dieter Sarrazyn GSEC
GIAC GCIA Assignment - Pass Antonia Rana GCIA
GIAC GCIA Assignment - Pass Frans Kollee GCIA
Firewall on a Budget Scott Schimkowitsch GSEC
Securing an IIS 5.0 Web Server on Windows 2000 using Security Tools and Templates Graeme McLintock GSEC
GIAC GCIA Assignment - Pass Kerry Long GCIA
Distributed Systems Security: Java, CORBA, and COM+ April Moreno GSEC
Aladdin Esafe Enterprise v3.0 Stacy Bolton GSEC
GIAC GCIA Assignment - Pass Nils Reichen GCIA
GIAC GCIA Assignment - Pass Rob McBee GCIA
Combating the Lazy User: An Examination of Various Password Policies and Guidelines Sam Wilson GSEC
Securing Mac OS X 10.1.5 Using Free Software David Shinberg GSEC
Security Features in IPv6 Penny Hermann-Seton GSEC
Design a Secure Windows 2000 Infrastructure Erik Weinmeister GCWN
The Life Cycle of A Security Awareness Program:What has and has not Worked John Turner GSEC
Using IDS to Evaluate Outbound Port Usage for Security and Reduction of IDS Alerts: A Case Study Ken Underwood GSEC
GIAC GCIA Assignment - Pass Dongmei Huang GCIA
GIAC GCIA Assignment - Pass Denis Brooker GCIA
Smart Cards - the All-in-One Security Platform for Today's Corporate World Ee Chin Chong GSEC
Case Study: Adventures in Securing Mom and Pop Ken Davidson GSEC
Security Audit Report Mandar Rege GCUX
Stopping P2P: How to Rid Your Network of Unwanted P2P Traffic Russell Meyer GSEC
Challenges of Managing an Intrusion Detection System (IDS) in the Enterprise Russell Meyer GCIA
Information Assurance Using Biometrics Bryan Feltin GSEC
GIAC GCIA Assignment - Pass Jason Tant GCIA
Deploying Secure Public Kiosk Networks Jon Shaffer GSEC
Securing the SNMP Service Robert Hayden GCWN
Authenticating Nortel Contivity Clients Using RSA SecurID Tokens Rusty Fancher GSEC
CyberPorn Tricks and Awareness Stephen Karrick GSEC
Security Aspects of a Samhain Client/Server Installation to Protect a Solaris Web Server Winston Holmes GCUX
System and Network Documentation Winston Holmes GSEC
Virii Generators: Understanding the Threat James Tarala GSEC
Implementing a Secure Microsoft Windows Server 2003 Terminal Services Infrastructure: A Case Study for ACME Healthcare, Inc. James Tarala GCWN
Steganography - See No Evil, Hear No Evil, Speak No Evil Chris Farrow GSEC
HIPAA/ISO 17799 Security Audit of GIAC Enterprises Onsite Employee Health Clinic Database Server Sherry Cummins GCUX
The University Has a Firewall - Isn't That Enough? Why Users Still Need to Be Concerned About Computer Security Sherry Cummins GSEC
Developing a Secure and Portable Snort Sensor based on Red Hat 9 Frederick Larabee GCUX
Proactive Vulnerability Assessments with Nessus Jason Mitchell GSEC
Assumptions in Intrusion Detection - Blind Spots in Analysis Rodney Caudle GCIA
SPAM: Recourse and Education Rodney Caudle GSEC
Maintaining Departmental Security in a Centralized Environment: Keeping Things Secure When You Have to Cooperate Brent Veenstra GSEC
Novell Server Quick Security Guide for the Overworked Administrator Tony Flowers GSEC
Managing Network Firewalls -A Love/Hate Relationship James Medeiros GSEC
The Firewall Has Been Installed, Now What? Developing a Local Firewall Security Policy Richard Walker GSEC
Critical System Lifecycle: A Security Perspective Geoffrey Pascoe GSEC
GIAC GCIA Assignment - Pass Pedro Bueno GCIA
Inter-node Security Issues in 802.11b Wireless LAN Environments Patrick Sweeney GSEC
How to Effectively Secure Your Business Albert Yu GSEC
Public-key Cryptography: PGP, SSL, and SSH Thomas Jonson GSEC
Designing a Secure Windows 2000 Network Infrastructure David Branscome GCWN
Enforcing the "Least Privilege" Principle through Active Directory, OUs, GPOs, and Group Policy Filtering Ricardo Rodriguez GSEC
Securing a Red Hat Linux 7.2 Anonymous FTP Server with Security Support syslog Server Brian Melcher GCUX
Microsoft Internet Explorer 6.0 Security: Step-by-Step Chris Christianson GSEC
Aggressive Patching and the Use of a Standard Build: An OpenBSD example Michael Sullenszino GSEC
Security Audit Report Zarina Musa GCUX
Secure Open-Source Network IDS Jared McLaren GSEC
GIAC GCIA Assignment - Pass Jared McLaren GCIA
How to Install IC Radius and Extend via Custom Perl Script Michael Meacle GSEC
GIAC GCIA Assignment - Pass Michael Meacle GCIA
Protecting your Internal Systems from a Compromised Host Michael Nancarrow GSEC
GIAC GCIA Assignment - Pass David Manley GCIA
Nessus: Vulnerability Scanning and Beyond Paul Schmelzel GSEC
GIAC GCIA Assignment - Pass Paul Schmelzel GCIA
Cyber IPB Steve Winterfeld GSEC
A Qualitative Risk Analysis and Management Tool - CRAMM Zeki Yazar GSEC
Iris Recognition Technology for Improved Authentication Penny Khaw GSEC
LaBrea - A New Approach to Securing Our Networks Leigh Haig GSEC
GIAC GCIA Assignment - Pass Brian Sheffler GCIA
Building a Secure Solaris 8 Backup Server Jason Christensen GCUX
SSH and Intrusion Detection Heather Larrieu GSEC
GIAC GCIA Assignment - Pass Heather Larrieu GCIA
GIAC GCIA Assignment - Pass Jalal Moloo GCIA
Implementing n Internet Content Filtering and Reporting Program Eric Wilkens GSEC
A Tool for Running Snort in Dynamic IP Address Assignment Environment Shin Ishikawa GSEC
GIAC GCIA Assignment - Pass Mark Embrich GCIA
Echelon: The Dangers of Communication in the 21st Century Chad Yancey GSEC
GIAC GCIA Assignment - Pass Glenn Larratt GCIA
Introduction to the Security Audit Process Jim Murray GSEC
GIAC GCIA Assignment - Pass Michael McDonnell GCIA
Protecting Against the Unexpected Keith Seymour GSEC
Distilling Data in a SIM: A Strategy for the Analysis of Events in the ArcSight ESM James Voorhees GCIA
The Limits on Wireless Security: 802.11 in Early 2002 James Voorhees GSEC
Computing Industry Certifications and Security Kurt Jensen GSEC
A Detailed Look at Steganographic Techniques and Their Use in an Open-Systems Environment Bret Dunbar GSEC
Deploying Microsoft HiSecurity Template on a Windows 2000 Professional Workstation within a Windows NT 4.0 Domain Joe Matyaz GCWN
GIAC GCIA Assignment - Pass Dan Hawrylkiw GCIA
Wireless Networking Security: As Part of Your Perimeter Defense Strategy Daniel Owen GSEC
Implementing a Windows 2000 Host Based Intrusion Detection System Richard Springs GSEC
GIAC GCIA Assignment - Pass Patrick Ethier GCIA
GIAC GCIA Assignment - Pass Karim Merabet GCIA
PGP in a Networked, Multi-user Environment Mark Fennig GSEC
Monitoring for Security Events Using Windows Management Instrumentation Stephen Seigler GSEC
GIAC GCIA Assignment - Pass John Hally GCIA
Steganography: What's the Real Risk? John Hally GSEC
Twists in Security for Law Enforcement Conrad Larkin GSEC
Secure Shell Daemon crc32 Compensations Attack Detector Vulnerability Tim Yeager GSEC
Violations of Basic Computer Security Principles within the Television Broadcast Community and Some Suggested Solutions Paul Claxton GSEC
GIAC GCIA Assignment - Pass James Hoover GCIA
An Informal Analysis of One Site's Attempts to Contact Host Owners Laurie Zirkle GSEC
Applying the CIS Linux Benchmark v1.1.0 Recommendations to a Mandrake 9.1 Laptop with Higher Security Enabled Laurie Zirkle GCUX
We're Auditors - We're Here to Help James Butler GSEC
GIAC GCIA Assignment - Pass Sean-Paul Heare GCIA
An Organic Approach to Implementing the Critical Security Controls Jim Hendrick GCCC
GIAC GCIA Assignment - Pass Jim Hendrick GCIA
Host vs. Network-Based Intrusion Detection Systems David Trzcinski GSEC
GIAC GCIA Assignment - Pass Keven Murphy GCIA
Making Smart Cards Work in the Enterprise Brett Lewis GSEC
Research Guide to Web Resources at Microsoft.com and Applying This to Patching Internet Information Server Barry Dahling GSEC
No Budget, no Policy: Leading the Bull by the Nose or Thank God for the Cisco IOS Firewall Feature Set Richard Haynal GSEC
GIAC GCIA Assignment - Pass Thomas Shepherd GCIA
Researching a Topic on the Internet Eve Edelson GSEC
Rootkit: Attacker Undercover Tools Saliman Manap GSEC
A Secure Windows 2000 Infrastructure David Heed GCWN
GIAC GCIA Assignment - Pass David Heed GCIA
Step-by-step Guide to Securing Red Hat 7.1 Linux Lawrence Grim GCUX
Security Awareness: Help the Users Understand Kenton Smith GSEC
GIAC GCIA Assignment - Pass Gregory Lajon GCIA
Building a Cost Effective Syslog Server using Solaris For Intel and SunScreen Lite - Honor Harpal Parmar GCUX
Securing a Windows 2000 IIS Web Server - Lessons Learned Harpal Parmar GSEC
A Secure Windows 2000 Infrastructure for GIAC Enterprises Harpal Parmar GCWN
A Guide to Building and Securing an Intranet Mail Server/Hub with AIX 5L Version 5.1 on an IBM RS/6000 Server Devon Caines GCUX
GIAC GCIA Assignment - Pass Orazio Mistretta GCIA
Basic Travel Security Revisited Thomas Palmer GSEC
Can Hackers Turn Off Your Lights? Jonathan Stidham GSEC
Conducting an electronic information risk assessment for Gramm-Leach-Bliley Act compliance. Kevin Bong GSEC
GIAC GCIA Assignment - Pass Kevin Bong GCIA
GIAC GCIA Assignment - Pass Reuben Rubio GCIA
GIAC GCIA Assignment - Pass Alan Woodroffe GCIA
GIAC GCIA Assignment - Pass Mark Maher GCIA
GIAC GCIA Assignment - Pass Philipp Stadler GCIA
Proactively Guarding Against Unknown Web Server Attacks William Geiger GSEC
The Code Red Worm John Dolak GSEC
SuSE Linux 7.1 Professional Installation Checklist Felix Schallock GCUX
Disconnect from the Internet - Whale's e-Gap In-Depth Kevin Gennuso GSEC
How to Choose an Intrusion Detection Solution Baiju Shah GSEC
The Weakest Link: The Human Factor Bradley Fulton GSEC
Protecting Sensitive Data in Secure Domains Mikael Trosell GSEC
Cisco Router Hardening: Step-by-Step Dana Graesser Williams GSEC
GIAC GCIA Assignment - Pass Harvey Lange GCIA
Linux Red Hat 7.1 Security Assessment Bente Petersen GCUX
GIAC GCIA Assignment - Pass Bente Petersen GCIA
GIAC GCIA Assignment - Pass John Melvin GCIA
GIAC GCIA Assignment - Pass Toby Kohlenberg GCIA
Protect your enterprise against clients centric attacks, using Windows 2000 GPO Thierry Agassis GCWN
Information Security: Handling Compromises Craig Bowser GSEC
Enforce Network Access Control through Security Policy Management Process and Enforcement Craig Bowser GSEC
Why Small Businesses Need to Secure Their Computers (and How to Do It!) Bruce Diamond GSEC
Kerberos Authentication in Windows 2000 Vishwas Gadgil GSEC
GIAC GCIA Assignment - Pass Vernon Stark GCIA
Using Snort v1.8 with SnortSnarf on a Red Hat Linux System Richard Greene GSEC
Firewall Rule Review Rita Will GSEC
Spyware and Network Security Lester Cheveallier GSEC
GIAC GCIA Assignment - Pass Lorna Hutcheson GCIA
GIAC Enterprises: Fortunes for the Future - Implementing Active Directory with Defense in Depth Lorna Hutcheson GCWN
GIAC GCIA Assignment - Pass Beth Binde GCIA
Successful Partnerships for Fighting Computer Crime Beth Binde GSEC
How to Build and Secure a General Purpose "Internet Ready" Workstation Robert Beswick GCUX
Cheese Worm: Pros and Cons of a "Friendly" Worm Bryan Barber GSEC
Backup Rotations - A Final Defense Stephen Lennon GSEC
Using Open Source to Create a Cohesive Firewall/IDS System Thomas Dager GSEC
The China Syndrome Charles Bacon GSEC
Logfile Analysis: Identifying a Network Attack Michael Fleming GSEC
GIAC GCIA Assignment - Pass Stephen Pedersen GCIA
GIAC GCIA Assignment - Pass Mike Poor GCIA
Filtering Routers in a Small Office/Home Office with a Mixed OS Environment Ricky Smith GSEC
Public Servers Vulnerability Assessment Report Ricky Smith GCUX
Group Policies for GIAC Enterprises Ricky Smith GCWN
GIAC GCIA Assignment - Pass Ricky Smith GCIA
GIAC GCIA Assignment - Pass Janice Slocumb GCIA
System Security and Your Responsibilities: Minimizing Your Liability Gary Holtz GSEC
Implementing/Re-Implementing Change Control Policies Derek Milroy GSEC
Open File Shares: An Unexpected Business Risk Jaime Carpenter GSEC
GIAC GCIA Assignment - Pass Wes Bateman GCIA
Vulerability Scanning in the Corporate Enterprise Peter Nichols GSEC
Risk Assessment in the University Setting Kent Knudsen GSEC
Preventing Your Computer from Becoming a Zombie Jamy Klein GSEC
GIAC GCIA Assignment - Pass Geoffrey Poer GCIA
Auditing a University Solaris System Geoffrey Poer GCUX
GIAC GCIA Assignment - Pass Nathan Kim GCIA
GIAC GCIA Assignment - Pass Brian Credeur GCIA
Guide to Deploying a Windows 2000/Exchange 2000/File/Print Server in a Single Server Environment Gary Pasikowski GCWN
Prosecution: A Subset of Incident Response Procedures Gary Pasikowski GSEC
Business Consideration and Network Implementation of Generally Accepted Security Standards Patrick Nolan GSEC
Is It Really Gone? Grant Thompson GSEC
Creating Security Policies - Lessons Learned Mark Worthington GSEC
Overview of Biometric Encryption Mark Wood GSEC
GIAC GCIA Assignment - Pass Michael Lastor GCIA
The Future of Fighting Viruses: A History and Analysis of the Digital Immune System Michael Bussa GSEC
To CVP or not to CVP Kurt Koenigsknecht GSEC
GIAC GCIA Assignment - Pass Bill Phillips GCIA
Solaris 8 (sparc) Security Checklist for JFY, Inc. Ben Laws GCUX
Wireless LANs - the Big New Security Risk Gordon Mitchell GSEC
Inverse Mapping Using Disguised TCP Resets Minna Kangasluoma GSEC
Securing the Wile Modem: A Case Study on the Use of Policies, War Dialers and Firewalls for Phone Lines Archie Woodworth GSEC
Securing Unix Step by Step George Markham GCUX
Certificate Revocation in Public Key Infrastructures Scott Fairbrother GSEC
GIAC GCIA Assignment - Pass Miika Turkia GCIA
Instruments of the Information Security Trade Mark Graff GSEC
Central Auditing of Windows NT Using Windows Script Host (WSH) Roger Mclaren GCWN
Securing Windows 2000 for Web Server Deployment Jay Robinson GCWN
Stronger Authentication Methods: Biometrics and Public Acceptance Mark Wolansky GSEC
NetTop for Data Privacy through Secure Desktops Rick Wanner GSEC
Detecting Torrents Using Snort Rick Wanner GCIA
GIAC GCIA Assignment - Pass Robert Peter Sorensen GCIA
Secure Browsing Environment Robert Peter Sorensen GSEC
Securing NT4 Workstations in an Educational Computer Lab Environment Eric Nooden GSEC
Securing SNMP Windows Stephen Cicirelli GSEC
Checklist for Securing RedHat Linux 7.1 on an IBM Thinkpad Laptop Paul DePriest GCUX
Do You Copy? Security Issues with Digital Copiers Kevin Smith GSEC
Step-by-step Guide to Securing an IRIX Mediabase Video Web Server Robert Drollinger GCUX
GIAC GCIA Assignment - Pass Peter Szczepankiewicz GCIA
Securing a Multi-User Solaris 8 SPARC System Yong Choe GCUX
Usefulness and Shortcomings of the Pre-configured Security Policy Templates that are Included with Windows 2000 Yong Choe GCWN
Black ICE 2.5 Events, False Positives and Custom Attack Signatures Alan J Mercer GSEC
Malicious Code: VBS/OnTheFly (Anna Kournikova) Marco Smitshoek GSEC
Implementing Site-to-Site IPSEC VPNs Using Cisco Routers Millie Ives GSEC
Kerberos Network Authentication Security Protocol - Recent Security Vulnerabilities Jay Holcomb GSEC
PC Week hack of 1999 Shawn Balestracci GSEC
Securing an AIX 5.2 Development Server Chris Talianek GCUX
GIAC GCIA Assignment - Pass Chris Talianek GCIA
Installing and Securing an SSH Server with HP Secure OS Software for Linux and Cryptography Kenneth Gallo GCUX
GIAC GCIA Assignment - Pass Michael Semling GCIA
Information Warfare: Are You Battlefield Ready? Phillip Conrad GSEC
Basic Steps to Hardening a Standalone Windows 2000 Installation Todd Anderson GSEC
Nessus - Get on Board Greg Brooks GSEC
BIND 8 Buffer Overflow in TSIG Richard Biever GSEC
GIAC GCIA Assignment - Pass Chris Hayden GCIA
Attacks from Within: A Look at Security Concerns for ASPs Tyson Kopczynski GSEC
AES: The New Key on the Block Christopher Silveira GSEC
Search Engines: The Ignored Threat Paul Heely GSEC
Importance of a Standard Methodology in Computer Forensics Jim McMillan GSEC
GIAC GCIA Assignment - Pass Donald Pitts GCIA
Log Consolidation with syslog Donald Pitts GSEC
SOHO OpenBSD Intranet IMAP Server Donald Pitts GCUX
Protecting Your Home Computer from the Internet, Can You Keep the Heat Out? Robert Ashworth GSEC
GIAC GCIA Assignment - Pass Robert Ashworth GCIA
Securing Information on Laptop Computers James Purcell GSEC
Limiting the Exposure of a Netware Server in an IP World Dana Mclaughlin GSEC
Scripting as a Method of Establishing a Reliable Baseline Posture George Moncrief GSEC
Firewall Load Balancers Megan Restuccia GSEC
Hacktivism - A Free Form of Expression or a Digital Vandalism Eva Dadok GSEC
GIAC GCIA Assignment - Pass Michael Worman GCIA
An Explanation of "TCP Wrappers" for the Security Manager Richard Branicki GSEC
Security Audit Report Gary Needham GCUX
Securing Microsoft Outlook 2000 Using the Outlook Security Update in a Microsoft Exchange Server 5.5 Environment Brad Peer GSEC
Creating a Certificate-Enabled Public Web Site With Windows 2000 Michael Reiter GCWN
Consolidated Security Event Monitoring for Microsoft Windows NT 4.0 Server Jeff Shawgo GCWN
Security Audit Intrusion Report Michael Gauthier GCIA
Security Assessment Michael Gauthier GCUX
Windows NT Web Server Auditing Dean Farrington GCWN
Security Issues in NIS Jim O'Brien GSEC
GIAC GCIA Assignment - Pass Rhonda Maluia GCIA
Critical Infrastructure Protection: Establishing an Information Sharing and Analysis Center Can Be Like Developing an Organizational Security Policy Frances Wentworth GSEC
Security Implications of Update Agent Software Shaun Glaim GSEC
Securing Windows 2000 with Security Templates John Jenkinson GCWN
Using VAX/VMS to Augment Security of a Large UNIX Environment John Jenkinson GSEC
GIAC GCIA Assignment - Pass John Jenkinson GCIA
AIX Version 4.3.3 on Power2 3xx Series RS/6000 John Jenkinson GCUX
SANS GIAC Intrusion Detection Curriculum Parliament Hill 2000 Guy Bruneau GCIA
Build Securely a Shadow Sensor Step-by-Step Powered by Slackware Linux Guy Bruneau GCUX
The History and Evolution of Intrusion Detection Guy Bruneau GSEC
GIAC GCIA Assignment - Pass Glenn Davis GCIA
GIAC GCIA Assignment - Pass Curtis Blais GCIA
Audit of Gauntlet 5.5 Firewall (Running on Solaris 2.6 with BIND 8.2.3-REL) Jeff Holland GCUX
Know Yourself: Vulnerability Assessments Adrien de Beaupre GSEC
Trinity v3 DDoS: Tomorrow's Headline? David Sheridan GSEC
Why Your Switched Network Isn't Secure Steven Sipes GSEC
Linux DNS (Domain Name Server) System Setup Checklist Martin Tremblay GCUX
Promoting Security from the Middle Siegfried Hill GSEC
The Impact of Cumulative Secure and High Secure Windows 2000 Professional Security Templates on a Workstation Running SCT Banner Siegfried Hill GCWN
DSL and Computer Security Issues Joanne Ashland GSEC
GIAC GCIA Assignment - Pass Jasmir Beciragic GCIA
Cookies and Exploits Jasmir Beciragic GSEC
Public Domain FTP Buffer Overflow Vulnerabilities Feb. - Oct. 1999 Ralph Durkee GSEC
GIAC GCIA Assignment - Pass Joseph Rach GCIA
Corporate LAN Intranet Server Compromise Jasey DePriest GSEC
Security Audit Report Daniel Robb GCUX
Consultants Report from Auditing UNIX Lenny Zeltser GCUX
The Evolution of Malicious Agents Lenny Zeltser GSEC
Designing a Secure Windows 2000 Infrastructure Lenny Zeltser GCWN
GIAC GCIA Assignment - Pass Donald Tomczak GCIA
GIAC GCIA Assignment - Pass Kevin Pietersma GCIA
GIAC GCIA Assignment - Pass Michael Wee GCIA
GIAC GCIA Assignment - Pass John Dietrich GCIA
GIAC GCIA Assignment - Pass David Blaine GCIA
GIAC GCIA Assignment - Pass Kevin Miller GCIA
Database Encryption Things you know before you encrypt James Summers GSEC
GIAC GCIA Assignment - Pass James Summers GCIA
GIAC GCIA Assignment - Pass JD Baldwin GCIA
Integration Of Single Sign On Within The Framework Of An J2EE Environment In Banking Field
French Translation
Philippe Gros GSEC
Enhancing IDS using, Tiny Honeypot Richard Hammer GCIA
The Inside-Out Firewall Vulnerability Richard Hammer GSEC
GIAC GCIA Assignment - Pass George Huang GCIA
GIAC GCIA Assignment - Pass Donna Andert GCIA
GIAC GCIA Assignment - Pass Javier Romero GCIA
The Packet Filter: A Basic Network Security Tool Daniel Strom GSEC
GIAC GCIA Assignment - Pass Daniel Strom GCIA
GIAC GCIA Assignment - Pass David Nolan GCIA
GIAC GCIA Assignment - Pass Bob Long GCIA
Good News, Bad News: The Infosec Issues of Usenet Bob Long GSEC
GIAC GCIA Assignment - Pass David Hesprich GCIA
GIAC GCIA Assignment - Pass Jim Clausing GCIA
GIAC GCIA Assignment - Pass Joe Dietz GCIA
GIAC GCIA Assignment - Pass Kirk Becker GCIA
Windows NT and Novell Host Based Intrusion Detection Using Native Logging and 3rd Party Log Reporting Tools Robert Grill GSEC
GIAC GCIA Assignment - Pass Jerry Shenk GCIA