Stelar Global Inc. ( Spams

Stelar Global Inc, formerly Ecom Infotech (I) Ltd. sent spam out in a Word document. This spam submitted by Les Bell via the FunSec mail list.

From:     "Ecom Infotech (I) Ltd." (
To:       "Info" (info[at]
Subject:  Enterprise Security Management
Date:     24/04/2009 10:09 PM

Dear IT Head, 

What do you do when the logging is turned off ?
How soon you will know?
Does that create a blind spot?

Let's see a typical low and slow attack:

 Attack step:                      Attacker action:                         Action revealed in:                   
 1. Probe                          Runs port scans seeking targets with     Log data                              
                                   known vulnerabilities.                                                         
 2. ID entry point                 Identifies a target system with a known  Log data                              
 3. Access                         Brute-forces access to the system with   Log data                              
                                   multiple failed logins preceding the                                           
                                   successful login.                                                              
 4. Admin privilege                Escalates to Admin/Root or created a new Asset data                            
                                   account with Admin privilege.                                                  
 5. Config change                  Disables logging.                        Configuration data                    
 6. Exploit vulnerability          Creates a buffer overflow that spikes    Vulnerability & Performance data      
                                   performance by exploiting vulnerability.                                       
 7. Rogue app                      Installs a back door to the system.      Asset data                            
 8. Data theft                     Steals confidential data.                Flow data    


SIM Co-relate Log, Asset ,  Configuration,  Vulnerability,

Performance and Network flow data   in a single integrated

Platform   brining actionable intelligence.

Attackers  employ  "low  and slow" attacks designed to evade detection from
existing  defenses  like IPS and device security. Timely detection of these
"low  and  slow"  attacks  is elusive for log management systems because it
requires  the  real-time  collection and correlation of multiple sources of
data.  Specifically,  log, asset, configuration, vulnerability, performance
and  network  flow data each contribute to identifying different aspects of
an attack.

Can we help you ? We offer one of the most cost effective solutions

(Embedded image moved to file: pic08431.gif)

We also offer the foll services/ end to end solutions:

1.     COBIT, ISO 27001/ 20000, BS25999 Framework Implementation:
Compliance with COBIT, ITIL or ISMS best practices implementation.

2.      IT Audit and other related Assurance services. We are certified IT

3.     Enterprise Identity Management:  Complete security based solutions
for Identity and Access Management, Single Sign On solutions and Federated
Identity Management in a SOA or Distributed Environment.

4.     Privileged Users' Monitoring Solutions. ?Reports suggest that 70%
Frauds were caused by Insiders.

5.      Business Continuity Management and Resilience Services- Are you
proactively prepared for unplanned outages?

 Should you be interested in our services, please drop an email to For more details visit

Best Regards
Ashwin K Chaudary

main page ATTRITION feedback