The most recent content from our members.
Having an alert based on a sudden traffic change (raise or drop) in last 30 minutes would be very useful. For example if we have a rapid interface flap that doesn't take the routing down won't be noticed. If we have an alert based in a traffic drop we can be aware of such problems. On the other way around if we have an…
The largest population of the world, China, woke up last Sunday (25th August, 2013) to the most colossal distributed denial of service (DDoS) attacks to have rattled the Chinese digital age. With over 8 million websites affected[1] on .cn domains, the government has condemned this incident and dubbed it the biggest ever…
Week 4 of NCSAM and its time for some awareness on Cybercrimes!! With the continuous increase of cybercrimes, nearly every enterprise is affected in some way. PricewaterhouseCoopers (PWC) recently conducted a survey on the Cybercrimes in the US. The survey revealed the following: * Organizations are not well-informed about…
Hi, I am currently facing some problem in establishing correctional rules.To make a correlation rules we must understand the behavior of attack as per my knowledge. Lem has built in correlation rules like worm detection but I want to make correlation rules customized to my environment.Please let me know that what are the…
So, I’m sure you're all aware of the Google phishing scam. It, conveniently, presents a few key items that I would like to discuss. What we know, as in what Google will tell us, is that the expedition did not represent an access of information. Rather, it merely gathered contacts and re-sent the phishing email for fake…
Is there any default rule in LEM to detect below attacks? If not with default, How can we create custom rules for them? BruteForce Attack Directory Harvesting Attack InValid TCP Traffic
If you’re a security practitioner, you should be reading this. The 2013 Data Breach Investigations Report (DBIR) has published some alarming statistics that question us on our preparedness to combat new-age security attacks. The speed and sophistication of today’s attacks and new threat vectors being introduced are causing…
Don't Be a Sitting Duck! Script kiddies test the defenses of FTP servers and SFTP servers (using SSH) every minute of every day. IT administrators have gotten used to these probes, and smart ones have already enabled IP lockouts on their perimeter servers. (This setting is on the "Server Settings" pane in Serv-U FTP…
It looks like you're new here. Sign in or register to get started.