Network Security

663 Items

Sort by Date | Title

Tracking Avian Flu and Mad Cow: Is RFID Bringing Safer Food to a Store Near You?: Jun 23, 2006; With threats of Mad Cow and bird flu rattling our food chain, can Radio Frequency Identification (RFID) ensure a meal without epidemiological regrets? With rather a lot riding on these little transceivers, Laurie Rowell posits that it might be wise to take a good, hard look at this "tech du jour" that's supposed to save our supper.

Keeping Your Data Safe with a RAID 1 Setup: Jun 16, 2006; Kulvir Bhogal shows you how you can build a low-cost RAID 1 setup to protect yourself against hard drive data loss.

Troubleshooting Cisco Secure ACS on Windows: Jun 16, 2006; Cisco Secure Access Control Server, which is known as CS ACS, fills the server-side requirement of the Authentication, Authorization, and Accounting (AAA) client server equation. For many security administrators, the robust and powerful AAA engine, along with CS ACS's ability to flexibly integrate with a number of external user databases, makes the CS ACS software the first and sometimes only choice for an AAA server-side solution. This chapter explores CS ACS in detail and walks you through troubleshooting steps. The chapter focuses on the approach required to troubleshoot any issue efficiently, either with the CS ACS software itself or with the whole AAA process.

Penetration Testing and Network Defense: Performing Host Reconnaissance: Jun 2, 2006; Malicious hackers also value reconnaissance as the first step in an effective attack. For them, seeing what is on the "other side of the hill" is crucial to knowing what type of attack to launch. Although penetration testers might not always have the luxury of time that a malicious hacker might have, they do recognize the value of reconnaissance. This chapter will help you develop network reconnaissance skills to help you protect your network from intrusion.

Intrusion Prevention: Signatures and Actions: May 26, 2006; Attack signatures have been around for long enough that the definition should be universally understood, but that's not the case. Simply put, an IPS signature is any distinctive characteristic that identifies something. Using this definition, all IPS products use signatures of some kind, regardless of what the product descriptions claim. To find something and stop it, you must be able to identify it, and for you to identify it, it must display a distinct characteristic. This chapter introduces you to the concept of signatures.

SSH Issues: Does Installing SSH Enable More Exploits Than it Solves?: May 26, 2006; SSH, the wonder tool of the security set, is misused by your users more easily and more often than you may think. John Traenkenschuh points out how well-intentioned administrators are using SSH to create gaping holes in their own security, and what you can do about it.

Paid Paranoia: Hiring Security Experts: May 12, 2006; Paranoid about your company's level of security? You should be. Professional recruiter Bryan Dilts shows you how to determine what level of security you need and how to find the right security expert for your business.

Will Cell Phones be Responsible for the Next Internet Worm?: Apr 28, 2006; The mobile devices you know and love are great for productivity, but they have completely changed the vulnerability state of our networks. Norm Laudermilch tells you why you should be afraid, very afraid.

Home Network Router Security Secrets: Apr 7, 2006; Ever delve inside your home network routers and use the hidden security settings that can lock down a network nice and tight? Most people never do. Andy Walker reveals 10 secrets on how to easily access your router's security settings.

A Student-Hacker Showdown at the Collegiate Cyber Defense Competition: Mar 31, 2006; Students-turned-IT managers faced off against experienced hackers at the Mid-Atlantic Regional Collegiate Cyber Defense Competition. Seth Fogie witnessed this real-world competition and reports on its unexpected twists, turns, and even drama.

Analyzing the Crossover Virus: The First PC to Windows Handheld Cross-infector: Mar 8, 2006; "Airborne" mobile viruses have been increasing in complexity at a surprising pace. In this article, Cyrus Peikari analyzes the new Crossover Trojan, which is the first malware that simultaneously infects both Windows PCs and Windows Mobile handheld devices.

Preventing State-Based Attacks of Web Applications: Feb 24, 2006; The concept of state, or the ability to remember information as a user travels from page to page within a site, is an important one for Web testers. Developers of Web applications must take it upon themselves to code state information so they can enforce rules about page access and session management. This chapter contains a series of attacks that will help determine if your Web application does this important task correctly and securely.

Pane Relief: Rooting Around for Rootkits: Jan 27, 2006; As if your computer didn't give you enough cause for concern, now there's rootkits, nasty programs designed to hide away on your system and conceal software that takes control invisibly. Rick Cook explains what you need to know about these electronic cockroaches, how to find them, and what to do when you discover that you've been infested.

Measuring the Effectiveness of Application Security Policies: Jan 13, 2006; Just because a package has few REPORTED vulnerabilities, that doesn't mean that it actually HAS few vulnerabilities, or address the severity of the holes that are reported. In this article Chisnall argues the true measure of security is what happens once a vulnerability is found.

Cisco ASA Security Contexts: Dec 16, 2005; The virtual firewall methodology enables a physical firewall to be partitioned into multiple standalone firewalls. Each standalone firewall acts and behaves as an independent entity with its own configuration, interfaces, security policies, routing table, and administrators. In Cisco ASA, these virtual firewalls are known as security contexts. This chapter covers security contexts in detail.

Why You Need to Conduct Risk Assessment: Dec 16, 2005; With industry compliancy and information security laws and mandates being introduced in the past four years, the need for conducting a vulnerability and risk assessment is now paramount. This chapter helps you understand the need for risk assessment, and why stopping security problems before they start is vital to your business.

Microsoft Security Assessment Tool: Can It Make Your Organization More Secure?: Dec 9, 2005; The Microsoft Security Assessment Tool (MSAT) claims to analyze whether your existing network security architecture meets some of the common industry best practices. Zubair Alexander assesses the assessor, reporting on the strengths and weaknesses in this free utility.

The Changing Face of Data Protection: Dec 9, 2005; The explosion of corporate data in the 1990s, coupled with new data storage technology such as networked storage, has made the accumulation and management of large amounts of data a corporate priority. The ability to protect this data is paramount, and this chapter will give you an idea of how data protection has changed and grown in the past few years.

Corporate Governance, Business Continuity Planning, and Disaster Recovery: Dec 1, 2005; To protect business stakeholders, corporate governance focuses a sharp eye on all measures and systems within the organization to ensure compliance with laws, regulations, and standards. Michelle Johnston Sollicito points out the many required aspects of a proper business continuity plan and shows you where to look for holes in your process.