You have an idea for an article about information security?

Submit articles to shortinfosec _at_ gmail dot com.

Please include author name, brief bio and a link to your blog/site
All published articles will bear full reference to the original author, including a link to your blog.

Welcome to the downloads page. Here you can browse and download all template documents and blueprints published by Shortinfosec

Compiled tools (win32 exe)

• Ratproxy 1.51

• Skipfish 1.29b
  

Policies and Procedures Templates (PDF)

• Information Security Policy
  
• Corporate Firewall Policy
• Business Continuity Plan for Brick & Mortar Businesses
• Software Acceptance Testing Log

Tutorial Samples

• Computer Forensics Helix_Evidence_Collection_Sample_Logs.zip
• Verification sums:
• SHA1SUM c7d189a78a715fd96127677d39d5ace1d5854ea5
• MD5SUM 9b61fad0cf4418175cb7e387c6962c49

http://www.urbancool.net/
http://www.actionprintinginc.com/
http://www.amcsecurity.com/
http://www.queel.com/
http://www.e2assist.com/
http://health-beauty-fitness.huachaojune.com/
http://www.katysprinklersystems.com/
http://www.houstonsidingcompany.net/
http://www.granitecountertopshouston.com/
http://www.welloiledpc.com/
http://www.catanich.com/
http://www.topfreemusicdownloadsite.com/
http://www.topfreeantivirussoftware.com/
http://www.myonlinedream.net/
http://www.1v-webdesign.com/
http://www.avrentcar.com/
http://www.autoleague.co.uk/

http://www.paintershouston.com/
http://www.katycontracting.com/
http://popup-toolkit.com/
http://www.webdonk.com/
http://www.domalot.net/
http://www.hobbytoolshop.co.uk/
http://www.jewel-toolcraft.co.uk/
http://www.web-crafts.co.uk/
http://www.wheatsheafonline.co.uk/
http://www.cheap-flower-delivery.com/
http://www.proteinsupplementsplus.com/
http://www.bladkey.co.uk/
http://www.popupstock.com/
http://www.tukangdesign.com/
http://www.dtriplers.com/
http://www.tworoomschool.com/
http://www.picnicworld.net/
http://www.affiliateranker.com/directory/
http://www.wildwoodworkshop.com/
http://medbookcity.googlepages.com/
http://www.tamcosurveillance.com/
http://www.webhorizons.it/
http://www.hostingperte.it/
http://blog.yam.com/ecoswayhk724_yblog

http://www.lusciousaromas.com/
http://www.amcsecurity.com/
http://4einc.cjb.net/
http://www.sharpinfosystems.com/
http://www.bharatinformation.com/
http://miamicarpetcleaning.com/
http://www.shopitonline.com/19910
http://www.officeecia.com.br/
http://www.deletespyware-adware.com/
http://guwahatitoday.com/
http://www.flooroption.com/
http://www.moveisoffice.com.br/
http://bra-viktminskning.se/
http://www.domaindnseye.com/
https://www.atomhealthmart.com/
http://www.digitehost.com.br/
http://www.freelivegames.net/
http://www.limochicago.com/
http://www.jaykitchens.co.uk/
http://www.internet-empire.com/
http://www.universallawyers.com/
http://www.mltek.co.uk/
http://www.triams.com/
http://www.yqaresearch.com/

Author: Bozidar Spirovski

• Occupation: Information Security Expert
• CISSP #301565
• MCSA, MCP ID# 2448347
• Age: 32

• Send comments, requests or general inquiry to shortinfosec _at_ gmail dot com
• Visit my LinkedIn profile at
  http://www.linkedin.com/in/spirovskibozidar

Link Page

My Link Markets
http://www.linkmarket.net/
http://www.simplylinking.com/

Eicon networks
http://www.eiconworks.com/

Secure computing
http://www.scdefense.com/

Packeteer network traffic monitoring
http://www.shaperworks.com/

Security Sites
http://www.cryptonline.org/
http://www.norton-soft.com/

Good Speakers
http://www.ambiense.com/


Adjusters Sites
http://www.docudamage.com/
http://www.texaspublicadjuster.com/

Software Development
http://www.perl-express.com/
http://www.beginner-sql-tutorial.com/


Mobile broadband technology business analysis
http://www.mobilebroadbandonline.co.uk/

Miscellaneous
http://www.appstyler.com/
http://www.paritysystems.org/
http://www.mag-corp.com/
http://www.limochicago.com/
http://www.globalracingschools.com/


A good Microsoft Excel Tutorial
http://www.exceltutorial.in/


http://www.webinade.com/

Jewelery and misc
http://www.sierramtncandles.com/
http://www.missadela.co.uk/

Content Policy

• All tutorials, solutions and opinions stated on the blog should be credited only to the author, and do not reflect the position nor are in relation to the author's employer.
• All examples and scenarios, unless referring to publicly available information are of fictional nature and have no intention to be related real situations in any company.
• All personal information and names presented on this site, unless referring to publicly available information are of fictional nature and cannot to be related real persons.
• All tutorials, solutions and opinions are of an informative purpose and should be used as a guideline only. Specific implementation level solutions must be prepared per individual case.
• Any sponsored articles will be clearly marked with the name of the sponsor. When writing sponsored articles, we reserve the full right to publish objective opinions and/or reviews, including identification of poor performance or negative issues encountered during the writing of the article.
  

Privacy Policy
This site does not collect any information from a visitors' computer other then the following:

• 1st 3 octets of the IP address
• Name of ISP to whom the IP class is assigned to
• Operating System Version
  
• Browser Type and Version
• Screen Resolution
• Referral Information
• Entry page
• Exit page
• Visit time

• This site does not collect personal information and does not require user registration.
• Any personal or contact information submitted by the visitor to the site's owner via the contact e-mail address will be used only in mutual communication and for a periodic newsletter with opt-out option.
• Personal or contact information will not be sold, transferred or used for commercial promotion.
• The comments are publicly accessible - Any personal or contact information submitted by the visitor on the a comments page is not protected by the owner of this site.

These are our Information Security Posts Published on Shortinfosec

Corporate Security Process

• Hunting for hackers - Google fraud style
• Corporate Security - Are the hackers winning?
• The call records theft - security of batch processing
• Real and Bizarre Information Security Situations
• Be Aware of Security Risks of USB Flash Drives
• Tutorial - Measures for minimizing Spear Phishing Attacks
• Is Skype a good Corporate Tool?
• Citibank PIN Heist - Sources of Security Breach
• Personal Data Protection - Anonymizing John Doe
• 8 Tips for Securing from the Security experts
• GPS Fleet Tracking - Risks or Benefits?
• Information theft - Minimize targets of opportunity
• Internet Social Engineering - Avoid Con Tricks
• 3 Rules to Avoid Problems due to Changes in Development
• Nobody's safe - Google's personal data stolen
• 4 Controls to Avoid Risks of Fully Trusting a System
• 3 Controls to Secure Corporate Off Computers
• Control Delegated Responsibility
• Caveats of strong perimeter security
• Portrait of Hackers
• 8 Steps to Better Securing Your Job Application
• Information Disposal Procedure
• Security Concerns Cloud “Cloud Computing”
• Securing an Application Backend - always forgotten
• Dissecting Social Engineering - Free Product Scam
• Tutorial - Secure Web Based Job Application
• Email security - leaks in corporate e-mails
• Google Voice - No Privacy Remains?
• 3 Things no book about hacking will ever tell you
• 5 Minute Security Assessment
• 5 biggest mistakes of information security
  

Business Continuity and Disaster Recovery

• Business Continuity Plan for Blogs
• Business Continuity Plan for Brick & Mortar Businesses
• Example Business Continuity Plan For Online Business
• Business Continuity Analysis - Communication During Power Failure
• High Availability - Clusters have Issues
• Know the Difference - Backup vs. Archive
• iPhone Failed - Disaster Recovery Practical Insight
• Google's Ratproxy Web Security Tool for Windows
  

Web Services Security

• Web Site that is not Easy to hack - Part 2 HOWTO - the web site attacks
• Web Site that is not that easy to hack - Part 1 HOWTO - the bare necessities
• Checking web site security - the quick approach
• Strategic Choice - Proper Selection of Web Hosting
• Protecting from Meddling Web Applications
• Tutorial - Using Ratproxy for Web Site Vulnerability Analysis
• Tutorial: Making a Web Server
• Creating Your Own Web Server
  

Network security

• Template to Regulate your Firewall Configurations
• Obtaining a valid MAC address to bypass WiFi MAC Restriction
• Example - Bypassing WiFi MAC Address Restriction
• 5 Rules to Home Wi-Fi Security
• Template - Corporate Information Security Policy
• San Francisco WAN Lockout - Pointing Fingers at Everyone Responsible
• Network Access Control - A Solution with Problems
• Example - SMTP message spoofing
• Tutorial - Mail Header Analysis for Spoof Protection
• DHCP Security - The most overlooked service on the network
• Whisperbot - No thanks, I'll use e-mail
• Whisperbot analysis - Revisited
  

System Security

• Custom Encryption - No Thank You!
• System Hardening Process Checklist
• WMI Scanning - Excellent Security Tool
• Controlling Firefox Through Active Directory
• Creating secure CD/DVD media for transport using Truecrypt
• TrueCrypt Full Disk Encryption Review
• Check Your DNS Zone Transfer Status
• Stopping a Corporate IT Infrastructure in a Single Blow - are you safe?
  
• Tutorial - A Poor Man's Secure USB
• No Privacy - Saw You Cheating on Image Search
• When Will Your Mobile Phone get Hacked?
• 5 rules to Protecting Information on your Laptop
• Hardware Security Module for Dummies
• Keep Your Security Systems Patched
• 3 Rules to Prevent Backup Headaches
• Risk of losing backup media - real example
• 6 steps to securing your backup media
• Cracking a TrueCrypt Container
• Tutorial - Hidden Operating System with Truecrypt
• Quick and Basic Security Assessment for Databases
• Cloud Backup - A gamble on several levels
  
  

Security in Software Solutions

• Security risks and measures in software development
• Security challenges in software development
• Creating Good Software - Align expectations and development
• Application security - too much function brings problems
• Information Risks when Branching Software Versions
• 3 rules to keep attention to detail in Software Development
• Measures for Improving Data Integrity through Application Version Control
• Software Response Evaluation Methodology
  

Physical Security

• The Cost of Datacenter Physical Security Blueprint
• Datacenter Physical Security Blueprint
• Dead-man Door Blueprint

Forensics and Information Investigations

• Scalpel - File Carving from Partially Wiped Evidence Disk
  
• Understanding Penetration Testing Methodology
  
• Hiding Information in Plain Sight - Steganography
• New Helix3 Forensic CD - Welcome
• Thrown in the Fire - Database Corruption Investigation
• Competition - Computer Forensic Investigation
• Competition Results - Computer Forensic Investigation
• Tutorial - Computer Forensics Evidence Collection
• Tutorial - Computer Forensics Process for Begginners
• Security Information Gathering - Brief Example
• BackTrack 4 Penetration Test Distro - First Glance
• Creating BackTrack4 Pentest Virtual Machine
  

http://www.security-sandiego.com/
http://www.smsolar.net/
http://www.itcourses.org/
http://www.eyespyli.com/
http://www.protec-alarm.com/
http://www.solarblu.net
Free Website Directory

http://www.commercialmagnet.com/
http://www.usaers.com/
http://www.how-to-write-a-cover-letter.com/
http://www.intechspecial.com/
http://www.game3how.com/
http://www.flooroption.com/
http://www.uk-cheapest.co.uk/
http://www.computersecuritycameras.com/
http://realestate.lush-sensations.co.uk/
http://www.trinitycommercial.com/
http://www.preferredtimeshare.com/tahoegb.htm
http://www.preferredtimeshare.com/
http://www.hotel-goldstar-nice.com/
http://www.graficsunltd.com/
http://www.edge9.net/
http://www.atomsplash.com/
http://jes.mysexhealth.co.uk/
http://www.zenytlabs.com/