Author: Kameron

Welcome to the COBIT ™ Open Guide

This website is an open source initiative often referred to as a “wiki”. It is intended to document COBIT ™ in plain English, including implementation issues.

“Open” in this context means that everyone can be involved in the process. You can edit existing pages to improve them, or even add new pages. See the QwikiSyntax page for details on how to achieve this.

Hopefully together we can create the best COBIT support resource.

What is COBIT ™?
COBIT stands for Control Objectives for Information and Related Technology. It is an open IT control and security standard with 6 elements: a summary, governance guidelines, control objectives, COBIT framework, audit guidelines, and implementation toolkit.

COBIT ™ FAQ
We are currently preparing a COBIT FAQ.

COBIT projects
We are implementing a number of sub-projects in support of COBIT ™. This includes the above FAQs, a set of implementation notes, the development of COBIT-specific security recommendations, an introduction to COSO, and the COBIT article library.

External resources and support
User Community and Forum: COBIT Forums
Resources and Support: COBIT Toolkit
COBIT co-owner: ITGI

different
Contact: We can be contacted on the website via our contact page.

Dear participants! Everyone who has contributed to this site is encouraged to provide their contact details on our contributor page.

Thanks to Safemode.Org for hosting this site.

Brand awareness: COBIT is a registered trademark of ISACA and the IT Governance Institute.

fyodor

> Have you been in “hacker” groups before? And what are you doing there
> Was NMAP so successful before?

Before Nmap, I worked on several other security resources. As
“Exploit the World” (which still exists, but is too outdated). My
the previous page was called “Fedor’s Theater”. Before that I was
mostly active on (602) local BBS.

> How many computers do you have at home now?

Well, in order to develop network exploration tools like Nmap, you need
It is important that I have a decent network at home. At least this
I continue to buy new boxes under the pretext :). We’ll see
I currently have the following computers:

5 Linux boxes (amy; db; hopeless; playground; zardoz)
1 box of FreeBSD version 3.0 (Liberty)
1 box of OpenBSD 2.5 (vectra)
4 Solaris boxes (one IPC, SLC, ELC and Sparc2)
2 HP Envizex X Terms of Service
1 HP 382 Workstation (currently out of service)

With this network, I don’t need to heat the apartment :).

> What operating systems do you work with and which one do you like best?

As you can see from the above list, I prefer Linux :). But I think
* BSDs are good too. And Solaris also has its good points. I have
never really liked IRIX, HP-UX, Windows or VMS.

> What interests you outside of the IT world?

I love rock climbing, hiking, shooting and jogging. I appreciate
Travel and explore uncharted cities.

I also spend a lot of time reading books (science fiction; computer science
Crime), newspapers (New York Times; WSJ), magazines (Scientific
Americans, Barrons) and others.

> What would you call the second best port scanner?
> in stock?

I always thought the classic scanner strobe [1] was the good part
Software. Another excellent (more recent) scanner is Antirez hping2 [2].

[1] http://www.insecure.org/nmap/scanners/strobe-1.03.tgz
[2] http://www.kyuzz.org/antirez/hping/

 

> Are there other projects you are working on?

I am currently working on several. Besides the improvements to nmap, I
I am working on an important addition to my website that will
announced shortly. I am also working on several other projects: nsock,
ncrack and sd. I’m not a fan of perfumery, so I’ll keep the details.
until they are finished.

> What do you like best and want to share?
> Bookmark?

I have many different interests on the Internet, but here are mine
Favorite sites:

[ Safety ]

Unsicher.org of course :). Hackernews.com;
Technotronic.com; Tons of mailing lists.

[New]

www.nytimes.com; www.lwn.net; www.slashdot.org;
www.advogato.org; www.wsj.com; Mailing lists

[Invest]

citation.yahoo.com; www.barrons.com; www.smartmmoney.com

> Did you help eeye with the nmap port? What if it was faster;)?

I helped a little to understand the internal structure of nmap.
But I didn’t help port it to Windows as such. And no
Be careful, it is not faster than the UNIX version :). If ever NmapNT
becomes competitive in this regard, I immediately move on to my
Profile and start optimizing 🙂

To learn more about Fedor, be sure to visit his website!

http://www.insecure.org

and shame on you if you haven’t been here yet:

http://www.insecure.org/nmap

An Open Guide to Computer Forensics!

This site is a community initiative. It should be built openly by volunteers. If you have knowledge in this area, you can enrich your knowledge by editing an existing page or creating new pages. It’s easy to help, but please visit our How to Contribute page for more information.

What is Computer Forensics?
Computer forensics, sometimes referred to as digital forensics, is often described as “the storage, retrieval and analysis of information stored on computers or electronic media.” It often involves digital evidence issues from an important legal perspective and is sometimes seen as a four-step process.

Open guides projects
We are currently carrying out a number of projects: mainly, the creation of knowledge bases on various aspects of computer forensics:
– General FAQ on Computer Forensics
– Information and medical legal advice on specific technologies, primarily: PC Forensics; CCP Forensics; Network Forensics
– List of opinions and medical and legal advice
– Development of general first aid procedures

External resources and support
Some of the most important purposes of forensic science are:

User group: for mutual support and interaction in computer forensics.

Resources: introduction, checklists, procedures … computer forensics toolkit

SWGDE: Scientific Working Group on Digital Evidence

Authors and contacts
If you have contributed to this collaboration, you are prompted to enter your contact details on our member list page.

If you would like to contact the administration, please do so using the details on the comments page. Finally, we would like to thank Safemode for providing us with accommodation.

iso-17799

Welcome to the ISO 27001 and ISO 27002 Open Guide!

This site is an “open” community initiative known as the “Wiki” and is dedicated to documenting ISO27002 (ISO17799) and ISO27001, including implementation and certification issues. This is a public site, which means that YOU can contribute and help. You are free to improve existing pages and create additional ones (see QwikiSyntax for more on this). We hope that together we can come up with a definitive guide to standards.

What are ISO 27001 and ISO 27002?
These are the main international information security standards published by ISO. The ISO 27002 standard was formerly known as ISO 17799 and was renamed in 2007. It is closely related to ISO 27001. The first is a code of conduct for information security management (see ISO 27002 Content) and the second is an information specification. security management (see content of ISO 27001).

ISO27002 Frequently Asked Questions
We are currently preparing an FAQ (see ISO17799 FAQ).

Certification is currently available in accordance with ISO 27001 (formerly BS7799-2, originally published by BSI) and issued by an accredited certification body. In accordance with the global standard, the number of certified companies with agencies around the world is increasing. The list of issued certificates is maintained by ISO 27001 and ISO 27002 Central, although we are currently creating our own (see below).

Public projects ISO 27000 underway
This is a series of projects supporting ISO 27001 and 27002 standards. It includes:
– a collection of useful tips and tricks for implementation
– creation of an ISO27002-oriented safety standard
– certification guide
– and a collection of articles related to the ISO IEC 17799 standard
– our voluntary list of ISO 27001 certifications

Welcome To The ISO 27001 And ISO 27002 Open Guide!

 

This site is a public ‘open’ initiative, known as a ‘wiki’, and is designed to document ISO27002 (ISO17799) and ISO27001, inclusive of implementation and certification issues. It is a public access site, meaning that YOU can contribute and assist. You are free and able to improve existing pages, and create additional pages (see QwikiSyntax for details on how to do this). We hope that together we can create the definitive guide to the standards.

What Are ISO 27001 and ISO 27002?
These are the major international information security standards, published by ISO. ISO 27002 was formerly known as ISO 17799, having been renamed in 2007. It is closely related to ISO 27001. The former of these is a code of practice for information security management (see the Contents of ISO 27002), whilst the latter is a specification for information security management (see the Contents of ISO 27001).

The ISO27002 FAQ
We are currently building an FAQ (see ISO17799 FAQ).

Certification
Certification is currently available against ISO 27001 (formerly BS7799-2, originally published by BSI) and is granted through an Accredited Certification Body. As a worldwide standard, the number of certified entities is increasing, with representation across the world. A list of certifications issued is maintained by ISO 27001 & ISO 27002 Central, although we are currently building our own (see below).

On-Going Public ISO 27000 Projects
This is a series of projects to support ISO 27001 and 27002. It includes:
— a collection of useful Hints and Tips for implementation
— the creation of a set of ISO27002 aligned Security Policies
— a Guide To Certification
— and a collection of ISO IEC 17799 Related Papers
— our voluntary list of ISO 27001 Certifications

Contributors
If you have contributed to this initiative, please feel free to add your details to our Contributors Page. We also have entry points for the open guide in a growing number of Foreign Langauges.

Contact
Please feel free to contact us, via our Contact Page. We would like to thank everyone who has contributed thus far, as well as Safemode for providing our hosting.