The Top Ten of Audit and Event Log Monitoring

Posted on เมษายน 6, 2012 by pitdeal

Event Log, Audit Log and Syslog messages have always been a good source of troubleshooting and diagnostic information, but the need to back up audit trail files to a centralized log server is now a mandatory component of many governance standards. Contemporary, SIEM solutions need to be
• flexible enough to cater for all devices, operating systems, platforms, databases and application
• sufficiently scalable to cope with thousands of devices generating millions of events
• intelligent, correlating events and identifying true security incidents only so resources can focus on genuine threats and attacks.

This is an introductory ‘Top Ten of Audit Trail and Event Log Monitoring’.
1. Security Standards and Corporate Governance Compliance Policies such as PCI DSS and GCSx CoCo require logging mechanisms and the ability to track user activities as they are critical in preventing, detecting, or minimizing the impact of a data compromise. Other policies such as FISMA, Sarbanes Oxley, NERC CIP, ISO 27000 and HIPAA all benefit from a means of centralizing audit log events to identify security incidents.

2. The state of the art in Audit Log Correlation technology provides automated configuration assessment, proactively testing and assessing a server environment against preconfigured, out-of-the-box policies, helping to enable a minimal deployment window. The best solutions leverage industry standards, specifically benchmarks from the Center for Internet Security (CIS), the National Institute of Standards and Technology (NIST), and the Defense Information Systems Agency (DISA). These benchmarks include thousands of configuration assessments enabling automatic sustainable policy compliance testing for FISMA.

3. Security standards such as PCI DSS and GCSx CoCo mandate the need to track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities. The presence of logs in all environments allows thorough tracking and analysis if something does go wrong. Determining the cause of a compromise is very difficult without system activity logs. A central event log analyzer is the best option to use.

4. It is vital that your system for centralizing audit log trails is robust and comprehensive. PCI DSS requires your audit trail history is retained for at least one year with at least 3 months history available for immediate access. The best audit-log tracking software solutions provide real-time indexing of logs with instant keyword search and correlation facilities.

5. While Unix and Linux hosts can forward audit trail and system events using syslog, Windows servers do not have an in-built mechanism for forwarding Windows Events and it is necessary to use an agent to convert Windows Event Logs to syslog. The Windows Events can then be collected centrally using your audit log server. Similarly, applications using Oracle or SQL Server or bespoke or non-standard applications do not use syslog to forward events and it is necessary to use an agent to forward events from these applications. Finally, if you are using an IBM z/OS mainframe or AS/400 system you will need further agent technology to centralize event and audit log messages.

6. Audit trail history must be securely stored in order to prevent retrospective editing or any tampering. The PCI DSS requires that audit trails are promptly backed up to a centralized log server or media that is difficult to alter. The best centralized log server solutions employ file-integrity monitoring for the log backup files so that any modifications can be detected and alerted.

7. Firewalls (Checkpoint, McAfee Sidewinder, Juniper, Netscreen, Cisco ASA, Nokia, Intrusion Protection System (IPS), Intrusion Detection Systems (IDS), routers and RADIUS accounting and authorization services, vulnerability scanning solutions such as Retine eEye, Nessus and other Pen Testing solutions, wireless routers, switches all natively generate syslog messages to report a range of events from the low-level informational logs through to critical events.

8. Syslog messages are defined in RFC 3164 and is officially known as the BSD Syslog Protocol. Syslog messages are sent using UDP on port 514 by default although different ports can be used. Syslog messages use a range of Facility Codes and Severity Codes. The Facility Codes range from 0 to 23 and determine the message type. The Severity Codes range from 0 to 7 as follows:

0 Emergency: system is unusable
1 Alert: action must be taken immediately
2 Critical: critical conditions
3 Error: error conditions
4 Warning: warning conditions
5 Notice: normal but significant condition
6 Informational: informational messages
7 Debug: debug-level messages

9. The Security Information and Event Management or SIEM market as defined by Gartner covers the advanced generation of solutions that not only harvest audit logs and provide centralized log server functions but parse event log messages and analyze event logs as they are stored. This allows event logs to be correlated to identify hacker activity and attack patterns and notify IT security teams. The best SIEM systems employ a range of artificial intelligence capabilities to recognize threat signatures by cross-referencing events from IPS, IDS and RADIUS systems, Anti-Virus, Host Integrity Monitoring systems, File Integrity Monitoring software, Firewalls, Active Directory and watching for classic hacker activity such as deletion of log files and “brute force” hacks where repeated/sequential logon failures or bad password events will be generated.

10. The goal for any SIEM solution is to provide comprehensive log harvesting, automatically filter out all ‘information only’ or ‘normal operation’ events while placing a spotlight on a manageable list of genuine, serious attack patterns or security incidents. Even a medium sized enterprise can have thousands or hundreds of thousands of events generated by devices in their infrastructure so a properly implemented SIEM system is invaluable.

Your Instant Video Best & Cheapest Xbox 360 Technology Gadgets

Posted in McAfee Total Protection | Tagged | Leave a comment

Windows 7 Boot Slow? How to Make Windows 7 Boot Faster!

Posted on เมษายน 2, 2012 by pitdeal

Does your Windows 7 boot slow? Wondering how to make Windows 7 boot faster without paying much? Maybe I can help you!

As a latest operating system, Win 7 Integrated more services and applications than any others in the past. With many programs run at startup, Windows 7 will boot slow as a tortoise. These programs not only occupy vast hard drive space, but also lengthen the boot up time greatly. So, more and more users want to know how to make Windows 7 boot faster now.

Of course, you can buy a new computer to make windows 7 faster quickly. But it will cost you much. And no matter how fast a new PC might be, it will get slower over time. So it doesn’t mean that you don’t need to optimize it again.

The easiest way to make Windows 7 boot faster is to manage your startup items and services. Thinking that if you get more than 50 items and 100 services run at startup, how to make Windows 7 boot faster?

Click Start and input “msconfig” in the Run box. Then point to OK and press. You will see all services and applications that are started automatically when your computer boots. Disenabling some unnecessarily items and re-boot your computer. Your Windows 7 boot up will never be slow again.

But please do it carefully since some services and startup items are very important to Windows. Removing them in error will cause serious problems even system crash. It’s not funny at all. So you’d better select some popular tools to do it for you.

Water and Structure Cheap Laptop 15.6 Inch Best Buy Best Laptop Deals Cheap

Posted in McAfee Total Protection | Tagged , | Leave a comment

Fix Winlogon EXE Application Error

Posted on มีนาคม 27, 2012 by pitdeal

WinLogon.exe application errors are a common occurrence for many users of Microsoft Operating Systems such as Windows XP, Windows Vista or Windows 7. These application errors can happen for a number of reasons, usually as a result of virus, trojan or other kind of malware infection or system file damage due to faulty hardware, especially RAM or HDD. Winlogon.exe is a crucial system component that handles the login and logout procedures so such errors can completely disrupt the stability of your PC!

Symptoms of Winlogon EXE Error

You are getting a “winlogon.exe has encountered a problem and needs to close” or a “The instruction at (location) referenced memory at (location). The memory could not be read/written” error message, most likely during the operating system startup. The computer crashes or restarts automatically after that. Don’t worry, there is hope yet.

How to Fix Winlogon EXE Error

1) The easiest and fastest way to fix Winlogon.exe errors is to use the System File Checker which is integrated in all modern versions of Windows. To do that, press Start > Run and enter “SFC.EXE /SCANNOW” (no quotes) and press Enter. You may need to run it as administrator in Vista. You might also need to insert a Windows CD so the SFC program could copy over the files that need replacing (if your system32dllchache folder doesn’t already contain them all).

Note that while this may as well fix the Winlogon.exe error, the cause of it (such as virus or other malware) will still stay in your system. System File Checker does not remove viruses!

2) Restart your computer and press F8 on load to enter Safe Mode. This starts your OS with only the barebone services and no unneeded stuff. After booting Windows in Safe Mode, use an antivirus scanner to thoroughly scan your computer. Use an antispyware scanner for a good measure as well.

3) In case the above steps fail, you can always do a Repair routine for your Windows installation. To do that insert your Windows CD and restart your computer (make sure CD-ROM or DVD-ROM is set as the first boot device in your BIOS). Press Enter when prompted to enter the setup. Press F8 to accept the terms. Once inside, use the keyboard keys to navigate to your existing installation and press “R”.

Note that this should be your last resort as Windows Repair will overwrite your registry, causing most installed programs to cease working!

Remember that keeping your PC secure by doing frequent updates and always running an antivirus monitor and a firewall at all times will minimize the chance of Winlogon.exe application errors occurring in the future. Research all software before installing it and don’t trust pirated copies.

World of Civil Engineering Best Buy Netbook 10.1 Inch Best & Cheapest Acer Netbook

Posted in McAfee Total Protection | Tagged , | Leave a comment

Learn How to Fix "Runtime Error 53 File Not Found" Easily

Posted on มีนาคม 24, 2012 by pitdeal

Computer errors generally plague us a lot. They have to be removed immediately before they can cause any further problems. One such error is the run time error 53. It shows the message “runtime error 53 file not found”.

In this error, problem occurs when a software program that is installed on the PC shows this error because it is trying to reach a DLL file that has been removed from the windows registry. This registry contains all the files that are used by Windows for executing any kind of commands by human users. This DLL file might have never been installed on the computer itself.

To fix runtime error 53 from your system, some simple steps have to be followed. Such steps include clicking on the start menu and then landing at the control panel. After you reached the control panel, open the programs and features icon. Open up all the programs stored in the computer through it. Uninstall the program, which produced the run time error 53 message. A window will also open up telling the user that the program has been removed from the system.

To make sure that the DLL file is stored again on the computer, one has to remove the program and then put it back. The program can be reintroduced into the system through a hard disk or a CD. Instructions will appear on the screen as this program gets installed. After clicking on the install it now option, the user will see the option of terms and conditions on the screen. Click on the “I agree” choice to continue with the installation. The operating systems that generally display this error are Windows XP, Windows Vista and Windows 7.

Run the program to ensure that runtime error 53 is not displayed again. If the error is still being produced, then contact the company, which supplied you with the software.

It is also intelligent on your part if you find out about the compatibility of your software with the operating system of your computer or other software. You can find out about this compatibility through an online research. The website of the software developer can also yield you such details. Tell the software developer about the intricacies of your system to get an adequate response from him about the runtime error 53.

However, the last and most easy solution to fix “runtime error 53 file not found” error is using windows registry cleaner software. Registry cleaner software can always eradicate any registry errors produced by wrong entries, which cause a runtime error 53. It can delete all the useless entries in the registry that are causing such an error. Using such software can ensure that you get an error-free system.

Electronics Gadgets Review Lcdtv 3d Nx810 Deal Technology Gadgets

Posted in McAfee Total Protection | Tagged , , | Leave a comment

What to Do When Your Email is Hacked

Posted on มีนาคม 22, 2012 by pitdeal

You know that something is really strange. Something has happened and you want to get to the bottom of it. Your phone rings incessantly. Text messages from friends pour in. Everyone wants to know that you’re okay and that nothing bad has happened. And then you were told, you sent an email to all your friends-or at least those whose email addresses are saved in your email contacts-that you are in a far-flung place in Africa, stranded and is in dire need of financial help. According to the email, any amount can be wired and they will be deeply appreciated.

First you feel confused. You were never in Africa (as you spend the weekend over at Mom’s because she’s a having a little fit when the lawnmower didn’t mow her lawn the way she wanted) and as far as you can remember, you never sent any email asking your friends to wire you money. And then you feel embarrassed. Your friends might think that you’re just pulling them off-making them worry about you and send you money. Then you feel angry after you realized that somebody might have hacked into your email and sent that message to your friends. If any of your friends bit into the trap, they might’ve sent some amount to the culprit, an identity theft criminal or a hacker perhaps (a con artist might be a better term). After all the emotions, you then feel worried, what else have the criminal done to your email account?

For what it’s worth, you might feel relieved if you know that you are not the only person who is experiencing this dilemma. A lot of people before you have had their email accounts hacked before and they’ve also been devastated, just like you. According to the FTC, most of the identity theft cases that they were able to track started out with hacking email addresses.

The damage has been done and your account has been compromised. Don’t give up. There are still a lot of things that you can do to recover from the devastation. Here are some smart tips that you have to take:

If somebody has hacked into your email, you need to know how they did so. You can start off with your computer. Scan it with a good, reliable and updated antivirus program and check if there are any viruses, malware or spyware embedded into your computer. If there are, remove them immediately.

You have to send another email to your friends and notify them that somebody else hacked into your account and if there are any future correspondences from compromised email that will, again, have this nature, tell them to ignore it. Whenever possible, use a different email address to warn your friends. You might also want to ask your friends to run their own scan on their computer because the first “African stow away” email that you allegedly sent may have included viruses and other malicious programs that can harm your friend’s computer.

computer engineering school

Posted in McAfee Total Protection | Tagged | Leave a comment

‘The Required File Cannot Be Found’ – iPod Error and Recovery

Posted on มีนาคม 17, 2012 by pitdeal

iTunes is the interface software that allows your iPod to interact with computer system. You can use iTunes to sync all files and folders of computer. But sometimes, it fails to sync and displays errors. One of the possible reasons is disk structure corruption that might force you to reformat it. After this, you need to restore lost data from backup. However, if backup cannot restore the required information, you should use iPod Recovery applications.

You might encounter the similar error message with your Windows:

“iPod name” cannot be synced. The required file cannot be found.”

Cause

Your iPod might fail to sync due to below possible reasons:

o Corrupted ‘Photo Cache’ folder

o iTunes installation files are corrupted or deleted

o Corrupted files in iTunes library

o USB connection issues

o Computer firewall or antivirus problems

o Out-of-date Windows installation

o Disk use is not enabled in iTunes

o iPod disk structure is damaged

Solution

You need to apply these methods to solve the existing problem:

o Delete the corrupted ” Photo Cache’ folder. To do so, click Start->Search->All files and folders and type ‘Photo Cache’ and search over the entire hard drive. Delete the folder when located

o Disconnect your iPod from computer and remove ‘iTunes’ and ‘QuickTime’ using ‘Add or Remove programs’ feature in Control Panel. Next, use Windows Installer Cleanup Utility to remove all their installation files from computer. You should then install latest version of iTunes and QuickTime

o Find and delete the corrupted files from iTunes Libraray, if any

o For correcting USB issues, first try connecting your iPod to the rear port. If this doesn’t help, perform steps like reinstalling or updating USB drivers and using a new USB cord

o Try allowing your iTunes onto your computer’s security/firewall programs

o Update Windows installation with the latest updates and service packs available

o You can also attempt to enable disk use in iTunes

o If the problem continues, disk structure might be damaged. Connect your iPod and run chkdsk. If this doesn’t resolve the issue, reformat the iPod and restore lost data from backup.

If data backup is not in clean state or not available, you can use iPod Recovery solutions. These are powerful iPod data Recovery utilities that can restore lost data in all logical data loss cases.

Stellar Phoenix iPod Recovery is an advanced recovery tool for lost music files, videos, documents, podcasts, graphics and other data from crashed iPod. It is available for both Mac and Windows operating systems. It is compatible with Nano, Classic, Mini and iPod Shuffle.

LCD 32 Inch 720p HDTV

Posted in McAfee Total Protection | Tagged , , , | Leave a comment

Google Redirect – How to Remove the Google Redirect Virus

Posted on มีนาคม 16, 2012 by pitdeal

Have you been infected with the Google Redirect Virus? You are probably well aware of the symptoms. When using the Google search engine your system gets redirected to advertisement and potentially malicious websites. Your computer also seems to run much slower than usual. If infected you should remove Google Redirect Virus as soon as possible.

Although it can be painfully annoying to constantly be redirected in the search engines, there is a greater danger to the Google Redirect problem. Sometimes you can be forced onto malicious websites that are loaded with spyware and viruses. This is what is known as browser hijacking. You are redirected to these dangerous websites and they load up your system with malware.

Once this stuff is loaded on your computer (usually without knowing), you can become the victim of identity fraud. This malware uses spyware to record private information like credit card numbers, social security numbers, and personal passwords.

How To Remove Google Redirect Virus

In order to conduct a Google Virus removal you need to have some knowledge of computer security and the registry. Your registry files have been compromised which has caused your browser to be hijacked. You will need to remove malicious:

o Registry entries

o Browser Help Objects

o Browser Add Ons

o Dynamic Link Library files

After removal clear your browser cache and restart the computer. For folks who may not be computer experts and are looking for an easier solution, you can actually remove Google Redirect Virus with certain software. Simply scan your computer, follow the instructions, and perform a Google Virus removal in minutes.

Best Watch in The World Video Clip Review Best & Cheapest Acer Netbook

Posted in McAfee Total Protection | Tagged , , | Leave a comment

Free AVG Virus Protector – A Thorough Review Of The AVG Virus Protector

Posted on มีนาคม 12, 2012 by pitdeal

Is a free avg virus protector effective at keeping your computer safe from harmful viruses. Of course, nowadays as the risk for getting a computer virus is always on the rise due to unscrupulous internet users, the need for a virus protector is greater than ever. AVG free antivirus is just one kind of protector you can download, and here is a review of it to help you determine if it is the best option for your PC.

So first of all, how can you get a virus? The most typical methods are by downloading software applications off the internet, particularly from insecure websites. If you aren’t sure about a website, try not to download anything off of there if at all possible.

Also, emails are a big method of spreading viruses, so always be careful about opening an email in which you don’t recognize the sender. Of course, you can take all the precautions in the world, but you still run the risk of getting a virus simply by doing any of the above activities. The bottom line is, if you want to be sure you keep your computer safe, you need a free virus protector.

The avg free virus scan is made by a company called Grisoft, and generally gets excellent reviews in its’ effectiveness at protecting operating systems. It’s always proven very effective at getting rid of viruses, and is always keeping you up to date on any new technological advances so that you can download the latest version, very important when combating viruses.

As viruses become more and more sophisticated, it is very important that the viruses protection companies keep updating their software to get rid of the latest threats. AVG is one of the best at spotting new threats and updating their software accordingly.

So how does the free avg download compare with the Norton or McAfee? Very simply, it compares very favorably, because unlike those two, you don’t have to shell out any money to keep the software updated, a definite plus. Updating your software is obviously essential, and not having to pay will save you some serious cash down the road. Unfortunately, a way that a lot of anti virus companies get you is giving you the initial version free, knowing full well to stay up to date you will have to pay down the road. AVG doesn’t do this.

In addition, according to many who use them, the Norton and McAfee take up a tremendous amount of your computers resources, often times dramatically slowing down your computers performance.

The bottom line is, if you want a free virus software application to protect your computer, you can’ t beat the free avg virus protector. Simply go online and download one today, and you can virtually guarantee your computer will stay protected.

Study in Engineering

Posted in McAfee Total Protection | Tagged , , | Leave a comment

Completely Uninstall System Mechanic – Iolo System Mechanic Professional Version 8

Posted on มีนาคม 6, 2012 by pitdeal

Yesterday a friend told me that he was trying to install McAfee antivirus and it will not install and asked the Iolo System Mechanic to be removed completely. But the problem is that he could not find any file of the program in the programs list. So, what should he do, to make a thorough uninstall of this Iolo program? Here is the solution.

Step 1. Find the four files below, and right click to select “Delete” after select all of them by pressing left click of the mouse:

C:WINDOWSsystem32IncContxMenu.dll

C:WINDOWSsystem32Incinerator.dll

C:WINDOWSsystem32iolobtdfg.exe

C:WINDOWSsystem32smrgdf.exe

Step 2. Type in “regedit” to open the Registry Editor and expand the registry list to find and delete the following directories one by one:
HKEY_CURRENT_USERSoftwareiolo System Mechanic
HKEY_CURRENT_USERSoftwareiolo
HKEY_LOCAL-MACHINESOFTWAREiolo System Mechanic
HKEY_LOCAL-MACHINESOFTWAREiolo Installed Products
HKEY_LOCAL-MACHINESOFTWAREiolo Incinerator
HKEY_LOCAL-MACHINESOFTWAREiolo

Step 3, Reboot your computer and download the McAfee antivirus again to see whether the conflict still exist on your computer. If it do exist, then you may need to contact the support of Iolo for further assistance or download the Iolo uninstaller from their official website.

However, it is never an easy case to conduct this manual process to fully remove all dynamically created configuration data and other application-related information of Iolo System Mechanic Professional Version 8 for ordinary computer users. And the uninstallers which come with software products often do not perform a complete uninstall. But what can we do ro make it removed completely?

World of Civil Engineering

Posted in McAfee Total Protection | Tagged , , , , , | Leave a comment

Top 10 Computer Virus Protection Reviews

Posted on มีนาคม 5, 2012 by pitdeal

Below are my top 10 computer virus protection reviews:

1. Bit Defender - This newly updated version of Bit Defender for 2008 has a new Gaming mode to ensure protection while not allowing pop-ups during game playing. They still offer all the services that they have been known for such as privacy protection and web scanning. It was awarded the top spot in the computer virus protection reviews because it is easy to use and install; it’s overall effectiveness, can be updated regularly, and has great support.

2. Kaspersky – Kaspersky has received top ratings for the same above-mentioned aspects such as effectiveness and support. This software has received many awards from top organizations. It is one of the most advanced products available on the market today; it would be an ideal choice to protect your computer.

3. ESET Nod32- This is said to be a simple, but very thorough security protection solution. They scored highest on effectiveness, support, and easy installation. In 2008, the ESET Nod32 received major updates while maintaining the high standard of security protection it has always provided.

4. AVG Anti-Virus- This year two previously separate products were merged with their award winning antivirus software to ensure improved overall protection for your home computer systems. They have also improved their scanning engine which should cut down on time taken to complete a virus and spyware scan. They also reported an overall decrease in overall system resource usage.

5. F Secure Antivirus- The security protection suites offered by F-Secure are used by both home computer users and large corporations on their massive networks. They strive to ensure that the internet user understands general online security safety measures and precautions, along with the potential threat caused by an inadequate security setup. Overall F-Secure offers an excellent package.

6. Trend Micro- Although this software may cause a slight decrease in performance of some basic home PCs,Trend guarantee that the security level provided by their software will more than make up for any slight decrease in performance that may be experienced. This software is aimed directly at the home internet user rather than larger corporations and receives high scores in all areas. The lowest score is attributed to the help/support section. Trend Micro is used by many people and is a viable security solution.

7. McAfee VirusScan - McAfee is a leading antivirus software provider. This software now comes equipped with extra features including an email scanner. It is not the best security option in my opinion but very popular none the less.

8. Norton Antivirus- Norton Antivirus is a widely known antivirus scanner and has been around for many years. It is the choice of many computer manufacturers who install it as part of their normal PC or laptop setup. The 2008 version is equipped with antivirus protection as well as anti-spyware detection. It is not one of my favorites as in my personal testing I have found it to be a resource hog and some end users have found it difficult to remove from their systems. Symantec are a well respected security software provider and constantly strive to update and improve the software they offer to their customers.

9. CA Antivirus- If you are looking to only detect and remove viruses on your computer then this may an option you would want to consider. This is the primary function of this product and it does not contain additional detection capabilities.

10. Norman Antivirus and Antispyware- This software is good at detecting spyware and viruses that may be lurking on your home computer. Again some users have reported a slight decrease in computer performance as a result of installing Norman AV.

The idea behind writing the top 10 computer virus protection reviews was to offer what I consider a “taster” if you like on what is available, how effective it is, and how easy it is to use. Armed with this information my hope is that you will be in a position to more easily choose a security solution that fits with your individual needs and level of security required.

If you feel that you need more specific information on any of the top 10 then just head over to the company website or type (name of software) “computer virus protection reviews” into your search engine of choice.

Best buy LCDTV and HDTV deals

Posted in McAfee Total Protection | Tagged , , | Leave a comment