Skip to Main Content
Security Monitoring
book

Security Monitoring

by Chris Fry, Martin Nystrom
February 2009
Intermediate to advanced content levelIntermediate to advanced
256 pages
7h 43m
English
O'Reilly Media, Inc.
Content preview from Security Monitoring

Real Stories of the CSIRT

To illustrate the monitoring steps we’ve recommended in this book, we collected stories from security monitoring teams in peer organizations. These stories illustrate incident response and some of the limitations of enterprise security monitoring.

Note

Because we were asked to keep some stories anonymous, we’ve added small embellishments to prevent identification of affected organizations as necessary. Similarities with actual events, individuals, or corporations are neither intentional nor implied.

Stolen Intellectual Property

A customer alerted Mike, a security investigator for Wirespeed, that source code belonging to his company had been posted on the Internet. Following the leads provided, he visited a web address that confirmed the information. Mike noted that the source code was visible due to a misconfiguration of the site’s Apache web server, allowing unauthenticated directory traversal. Mike perused the code, immediately recognizing it as Wirespeed’s order processing software. He even found some embedded system credentials, database accounts, and passwords within the open directories. Mike traced the web server’s IP address to a home ISP connection, and was surprised when it correlated to the home IP address of a Wirespeed employee.

Because Wirespeed managed the Internet connections of its employees, he was able to immediately disable the employee’s network connection and investigate further. With the website now disabled, he turned his attention to ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Applied Network Security Monitoring

Applied Network Security Monitoring

Chris Sanders, Jason Smith
Network Protocols for Security Professionals

Network Protocols for Security Professionals

Yoram Orzach, Deepanshu Khanna

Publisher Resources

ISBN: 9780596157944Errata Page