Risk
7/30/2012
12:51 PM
50%
50%

NIST Updates Computer Security Guides

Guidelines focus on wireless security and protecting mobile devices from intrusion.

10 New Mobile Government Apps
10 New Mobile Government Apps
(click image for larger view and for slideshow)
The National Institute of Standards and Technology has released updated guidance on how federal agencies and businesses can deal with network attacks and malware.

The advice comes in the form of two publications that have been revised to reflect the latest in security best practices: NIST's Guide to Intrusion Detection and Prevention Systems and Guide to Malware Incident Prevention and Handling for Desktop and Laptops. The agency is seeking public comments on the draft publications before releasing them in final form.

This is the first revision to the intrusion detection and prevention system (IDPS) guide since its original release in February 2007. The most substantive changes are in the areas of mobile devices and wireless networking, including the emergence of the 802.11n wireless standard.

"Wireless technology is used so much more than it used to be, and there are many more wireless threats now," said Karen Scarfone, a guest researcher at NIST and co-author of the revised Guide to Intrusion Detection and Prevention Systems.

[ For more on NIST's updated security guidelines, see Uncle Sam Wants To Secure Your Smartphone. ]

In other areas, intrusion detection hasn't changed much, according to Scarfone. In her research, she said, some sources said IDPSs aren't "quite as valuable as they used to be," raising questions of whether they need to improve or are the right tools at all.

The guide covers wireless, network-based, and host-based intrusion detection, as well as network behavior analysis, architecture, detection methodologies, and security capabilities. "They'll monitor IP addresses, protocols--it could even be a geographic location--to try to assess whether activity is benign or malicious," Scarfone said. The deadline for filing comments on the draft IDPS guide is August 31.

NIST also revised its Guide to Malware Incident Prevention and Handling for Desktops and Laptops, which has been updated to correspond with a refreshed version of its Computer Security Incident Handling Guide, expected to be issued in final form later this summer.

Scarfone, who co-authored both guides, said the malware incident guide was updated "to take today's threats into account." Whereas malware in the past tended to be fast-spreading and easy to spot, it now spreads more slowly, eventually leading to exfiltration of sensitive data, she said.

Earlier this month, NIST issued new guidelines for securing mobile devices.

The Office of Management and Budget demands that federal agencies tap into a more efficient IT delivery model. The new Shared Services Mandate issue of InformationWeek Government explains how they're doing it. Also in this issue: Uncle Sam should develop an IT savings dashboard that shows the returns on its multibillion-dollar IT investment. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7266
Published: 2015-02-01
Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for CVE-2...

CVE-2014-7269
Published: 2015-02-01
ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376....

CVE-2014-7270
Published: 2015-02-01
Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earl...

CVE-2014-8630
Published: 2015-02-01
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shel...

CVE-2014-9200
Published: 2015-02-01
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X8...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.