Great walk through http://www.trainsignaltraining.com/how-to-setup-iscsi-drive-using-freenas/2009-01-19/
PS. Once the drive shows up in computer management on Server 2008 - it may be offline (with some bogus error about security policy). Right click offline and click online. You will likely also need to right click again and initialize. Then you should be able to right click the drive and partition.
Great video on Server 2008 Quorum http://www.youtube.com/watch?v=j9E1LgLwG88
Saturday, August 28, 2010
Saturday, August 14, 2010
CISSP - Operations Security
Scanning identifies open ports - fingerprinting identifies OS / Application - this can be active (creating the traffic) or passive (watching existing traffic)
War Chalking - used to indicate where wireless networks are
TCSEC Assurance Levels -
1. System Architecture
2. System Integrity
3. Covert Channel Analysis
4. Trusted Facility Management
5. Trusted Recovery
Common Criteria - Recovery
1. Manual Recovery
2. Automated Recovery
3. Automated Recovery without Undue Loss
Componenets
1. failure preparation(backups), system recovery
War Chalking - used to indicate where wireless networks are
TCSEC Assurance Levels -
1. System Architecture
2. System Integrity
3. Covert Channel Analysis
4. Trusted Facility Management
5. Trusted Recovery
Common Criteria - Recovery
1. Manual Recovery
2. Automated Recovery
3. Automated Recovery without Undue Loss
Componenets
1. failure preparation(backups), system recovery
CISSP - Information Security and Risk Management
RFC 2196 - Site Security Handbook
Formulai
Total Risk = Threat * Vulnerability * Asset Value
Annual Loss Expectancy = Single Loss Expectancy * Annualized Rate of Occurence
Residual Risk = Annual Loss Expectancy * Control Gap
Single Loss Expectancy = Asset Value * Exposure Factor
Risk Analysis
FRAP - Facilitated Risk Analysis Process - team gets together to brainstorm through. 26 commong controls.
Delphi - answers are in written form - good for getting some quiet opinions - not good for discussion
Risk Assessment Steps
1. Reduce, Transfer, or avoid risk
2. Derive annual loss potential
3. Perform a threat analysis
4. Estimate potential loss
5. assign value to assets
Labeling
Government = Unclassified -> Top Secret
Commercial = Public -> Confidential
Roles
Information Security Officer - Functional Role of Security
Auditors -> provide reports on effectiveness to senior management
Senior Management - ultimately responsible for security
Formulai
Total Risk = Threat * Vulnerability * Asset Value
Annual Loss Expectancy = Single Loss Expectancy * Annualized Rate of Occurence
Residual Risk = Annual Loss Expectancy * Control Gap
Single Loss Expectancy = Asset Value * Exposure Factor
Risk Analysis
FRAP - Facilitated Risk Analysis Process - team gets together to brainstorm through. 26 commong controls.
Delphi - answers are in written form - good for getting some quiet opinions - not good for discussion
Risk Assessment Steps
1. Reduce, Transfer, or avoid risk
2. Derive annual loss potential
3. Perform a threat analysis
4. Estimate potential loss
5. assign value to assets
Labeling
Government = Unclassified -> Top Secret
Commercial = Public -> Confidential
Roles
Information Security Officer - Functional Role of Security
Auditors -> provide reports on effectiveness to senior management
Senior Management - ultimately responsible for security
CISSP - Application Security
Waterfall Model - discrete sequential steps
SDLC Phases
1. Project Initiation and Planning
2. Functional Requirements Definition
3. System Design Specifications
4. Development and Implementation
5. Documentation and Common Program Controls
6. Testing and Evaluation Control, Certification, and Accredidation
7. Transition to Production (Implementation)
8. Operations and Maintenance Support
9. Revisions and System Replacement
Data Dictionary - database of schemas
Mobile Code - code that can be executed in network browsers (ie, firefox)
Software Capability Maturity Model
1. Initiating
2. Repeatable (Project Management has been documented)
3. Defined (quantitative process improvement)
4. Managed
5. Optimizing
replaced in 2007 by CMMI = CMM + Integration
now has 22 process areas
Distributed System Requirements
1. interoperability
2. portability
3. transparency
4. extensibility
5. security
spoofing is changing the ip address, masquerading is changing the email from or caller id
perturbation - is injecting noise (meaningless data) to prevent inferrence.
SODA - Secure Object-Oriented Database Access - uses polyinstantiation to remedy the multiparty update conflict
Change Control Process
1. formal request
2. analyze
3. record
4. approve
5. develop (ie. scripts)
6. report to management
SDLC Phases
1. Project Initiation and Planning
2. Functional Requirements Definition
3. System Design Specifications
4. Development and Implementation
5. Documentation and Common Program Controls
6. Testing and Evaluation Control, Certification, and Accredidation
7. Transition to Production (Implementation)
8. Operations and Maintenance Support
9. Revisions and System Replacement
Data Dictionary - database of schemas
Mobile Code - code that can be executed in network browsers (ie, firefox)
Software Capability Maturity Model
1. Initiating
2. Repeatable (Project Management has been documented)
3. Defined (quantitative process improvement)
4. Managed
5. Optimizing
replaced in 2007 by CMMI = CMM + Integration
now has 22 process areas
Distributed System Requirements
1. interoperability
2. portability
3. transparency
4. extensibility
5. security
spoofing is changing the ip address, masquerading is changing the email from or caller id
perturbation - is injecting noise (meaningless data) to prevent inferrence.
SODA - Secure Object-Oriented Database Access - uses polyinstantiation to remedy the multiparty update conflict
Change Control Process
1. formal request
2. analyze
3. record
4. approve
5. develop (ie. scripts)
6. report to management
Thursday, August 12, 2010
CISSP - Telecommunications and Network Security
WAN
ISDN BRI = 2 B and 1 D
Packet Switched = Frame Relay, X.25, ATM
Circuit Switched = DDS
Networking Models
OSI Model is an ISO Standard
TCP IP Model = Network Interface -> Inter networking -> Transport -> Application
SSL is between transport and session layers
802.15 = Wireless personal area - think bluetooth
IP
protocol field of packet -> 0x01 = ICMP, 0x06 = TCP, 0x11 = UDP, 0x58 = IGRP
determine Class
0xxxxxxx = <128 = A
10xxxxxx = <192 = B
110xxxxx = <224 = C
1110xxxx = <240 = D
private addresses
10.0.0.0/8
*127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.168.0.0/16
RAID
0 = Striping
1 = Mirroring
2 = bit level striping w/ parity
3 = byte level striping w / parity
4 = block level striping w/ parity
5 = block level striping w / distributed parity
6 = block level striping w/ double distributed parity (requires 4 disks but can tolerate 2 down disks)
VPN
PPTP (PPP w/ MPPE, MS-CHAP, EAP-TLS), L2TP, IPSEC, L2F
Authentication
EAP, RADIUS, TACACS, PAP, CHAP
Wireless Security
WEP, WAP, WPA, TKIP
WAP 1 = no authentication, 2 = server authentication, 3 = server and client authentication
Attacks
Wormhole - a shortcut(wormhole) is created between 2 networks tricking routing protocols into using the wormhole. Then all traffic can be monitored or disrupted.
Firewalls
Dual-homed / bastion = think pc w/ 2 nics filtering traffic
Screened host = separation is logical instead of physical - in other words - only one nic. I picture this as a router only allowing 80 traffic to a proxy server, and the proxy server being the screened host firewall - though dependent on the router.
Screened subnet = 3 nics - think DMZ
ISDN BRI = 2 B and 1 D
Packet Switched = Frame Relay, X.25, ATM
Circuit Switched = DDS
Networking Models
OSI Model is an ISO Standard
TCP IP Model = Network Interface -> Inter networking -> Transport -> Application
SSL is between transport and session layers
802.15 = Wireless personal area - think bluetooth
IP
protocol field of packet -> 0x01 = ICMP, 0x06 = TCP, 0x11 = UDP, 0x58 = IGRP
determine Class
0xxxxxxx = <128 = A
10xxxxxx = <192 = B
110xxxxx = <224 = C
1110xxxx = <240 = D
private addresses
10.0.0.0/8
*127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.168.0.0/16
RAID
0 = Striping
1 = Mirroring
2 = bit level striping w/ parity
3 = byte level striping w / parity
4 = block level striping w/ parity
5 = block level striping w / distributed parity
6 = block level striping w/ double distributed parity (requires 4 disks but can tolerate 2 down disks)
VPN
PPTP (PPP w/ MPPE, MS-CHAP, EAP-TLS), L2TP, IPSEC, L2F
Authentication
EAP, RADIUS, TACACS, PAP, CHAP
Wireless Security
WEP, WAP, WPA, TKIP
WAP 1 = no authentication, 2 = server authentication, 3 = server and client authentication
Attacks
Wormhole - a shortcut(wormhole) is created between 2 networks tricking routing protocols into using the wormhole. Then all traffic can be monitored or disrupted.
Firewalls
Dual-homed / bastion = think pc w/ 2 nics filtering traffic
Screened host = separation is logical instead of physical - in other words - only one nic. I picture this as a router only allowing 80 traffic to a proxy server, and the proxy server being the screened host firewall - though dependent on the router.
Screened subnet = 3 nics - think DMZ
Subscribe to:
Posts (Atom)