The Network Security. OrgThe Network Security. OrgNetwork Security, Wireless Security, Browser Security, Internet Security News and Articles. Articles
The Spy in Your Server Room
2007-11-06 06:28:00 How many times have you passed an unknown person in the hallway at work, held open a keycard-protected door for a stranger or let an office guest wander unaccompanied to the rest room? It may seem harmless enough, but the staff of TraceSecurity is banking on this type of human error to help them gain ... More About: Network Security , Enterprise Security , Server , Administration , Room
The Spy in Your Server Room
2007-11-06 06:28:00 How many times have you passed an unknown person in the hallway at work, held open a keycard-protected door for a stranger or let an office guest wander unaccompanied to the rest room? It may seem harmless enough, but the staff of TraceSecurity is banking on this type of human error to help them gain ... More About: Network Security , Enterprise Security , Server , Administration , Room
Yet Another Way to Evade NIDS
2007-11-06 06:25:00 Anonymous proxy services are online applications that enable users to surf the Web with enhanced privacy. These applications act as an SSL proxy between the user and the Web site to be visited, thus masking the IP address and providing additional privacy features, such as referrer hiding, script removal, cookies removal, and URL encoding. Proxify ... More About: Malware
Yet Another Way to Evade NIDS
2007-11-06 06:25:00 Anonymous proxy services are online applications that enable users to surf the Web with enhanced privacy. These applications act as an SSL proxy between the user and the Web site to be visited, thus masking the IP address and providing additional privacy features, such as referrer hiding, script removal, cookies removal, and URL encoding. Proxify ... More About: Malware
Security Training: Whose Responsibility Is It
2007-11-06 06:21:00 Who else other than the CIO? So why aren’t CIOs doing more about it? Mark Twain is reported to have famously remarked: "Everybody talks about the weather. But nobody does anything about it." I was reminded of that quip when I read a news story posted by my colleague K.C. Jones about the increased awareness ... More About: Security , Network Security , Enterprise Security , Training , Raining
Security Training: Whose Responsibility Is It
2007-11-06 06:21:00 Who else other than the CIO? So why aren’t CIOs doing more about it? Mark Twain is reported to have famously remarked: "Everybody talks about the weather. But nobody does anything about it." I was reminded of that quip when I read a news story posted by my colleague K.C. Jones about the increased awareness ... More About: Security , Network Security , Enterprise Security , Training , TRAI
Password policy Length vs. Complexity
2007-11-03 09:07:00 One of the many topics I like to cover in detail when teaching Essentials of Hacking and Ultimate Hacking is password brute forcing and cracking. I usually start off by letting the students come up with what they think is a strong password policy and later, we analyze common implementations &1 attacks against them. Inevitably, ... More About: Network Security , Enterprise Security , Policy , Password
Password policy Length vs. Complexity
2007-11-03 09:07:00 One of the many topics I like to cover in detail when teaching Essentials of Hacking and Ultimate Hacking is password brute forcing and cracking. I usually start off by letting the students come up with what they think is a strong password policy and later, we analyze common implementations &1 attacks against them. Inevitably, ... More About: Network Security , Enterprise Security , Policy , Password , Lexi
Free Beta Anti XSS Tool from Microsoft
2007-11-02 14:46:00 Not long ago, Microsoft was the chief butt of security jokes in the IT world. It?s safe to say that they no longer wear the crown - in fact they?ve moved to being a company often pointed to as ?getting it right.? And that?s coming from someone typing this post from his Ubuntu Linux laptop. Technorati ... More About: Network Security , Free , Beta , Tool
Free Beta Anti XSS Tool from Microsoft
2007-11-02 14:46:00 Not long ago, Microsoft was the chief butt of security jokes in the IT world. It?s safe to say that they no longer wear the crown - in fact they?ve moved to being a company often pointed to as ?getting it right.? And that?s coming from someone typing this post from his Ubuntu Linux laptop. More About: Network Security , Free , Beta , Tool
Website Security Seals Get a Boost
2007-11-02 14:31:00 Some security experts have dismissed Website seals such as Hacker Safe and ControlScan as more marketing ploy than security, and hackers have fueled the debate by exposing cross-site scripting vulnerabilities on sites proudly emblazoned with seals from Hacker Safe and other security seal providers. (See Hackers Reveal Vulnerable Websites and Are ‘Sealed’ Websites Any Safer?.) Technorati ... More About: Security , Network Security , Boost
Website Security Seals Get a Boost
2007-11-02 14:31:00 Some security experts have dismissed Website seals such as Hacker Safe and ControlScan as more marketing ploy than security, and hackers have fueled the debate by exposing cross-site scripting vulnerabilities on sites proudly emblazoned with seals from Hacker Safe and other security seal providers. (See Hackers Reveal Vulnerable Websites and Are ‘Sealed’ Websites Any Safer?.) More About: Security , Network Security , Boost
Why VoIP is the next target for spammers
2007-11-02 14:24:00 Industry experts believe that attacks over services such as Skype are moving from proof of concept to becoming a real threat In what looks like a highly developed piece of irony, hackers have proven that Voice over internet Telephony (VoIP) accounts are prone to the nuisance of voice spam - by attacking the university where ... More About: Firewall , Network Security , Voip , Target , Spammers
Why VoIP is the next target for spammers
2007-11-02 14:24:00 Industry experts believe that attacks over services such as Skype are moving from proof of concept to becoming a real threat In what looks like a highly developed piece of irony, hackers have proven that Voice over internet Telephony (VoIP) accounts are prone to the nuisance of voice spam - by attacking the university where ... More About: Firewall , Network Security , Voip , Target , Spammers
Catching up with a famous fraudster
2007-11-02 14:17:00 Played by Leonardo DeCaprio in the Steven Spielberg-directed film Catch Me If You Can, one-time fraudster Frank Abagnale knows a thing or two about security systems. During his time on the wrong side of the law, Abagnale posed as an airline pilot, a lawyer and a doctor. These days Abagnale is firmly on the right ... More About: Network Security , Enterprise Security , Identity Theft , Famous
Metagoofil 1.2 Metadata Extractor Tool
2007-11-02 14:08:00 Metagoofil is a tool for written in Python for extracting the metadata from public documents (pdf,doc,xls,ppt) available in the target websites. This information could be useful because you can get valid usernames, or people names, for using later in brute force password attacks (vpn, ftp, webapps etc.) More About: Network Security , Enterprise Security , Tool , Metadata , Extract
What Not to Do After a Security Breach
2007-11-02 14:00:00 Step number one after a security breach: Don’t immediately bring in the outside forensics team — get your attorney up to speed on the attack first. And don’t assume just because you had a break-in that you have to disclose it publicly — it all depends on whether data covered under regulatory mandates was exposed. ... More About: Security , Network Security , Enterprise Security , Forensics , Intrusion Detection
Password Cracking Chip Causes Security Concerns
2007-11-02 13:56:00 A technique for cracking computer passwords using inexpensive off-the-shelf computer graphics hardware is causing a stir in the computer security community. Elcomsoft, a software company based in Moscow, Russia, has filed a US patent for the technique. It takes advantage of the "massively parallel processing" capabilities of a graphics processing unit (GPU) - the processor ... More About: Security , Network Security , Enterprise Security , Password , Cracking
How Hackers Are Different from the Rest of Us
2007-10-28 07:47:00 Hackers who come to hacker conference, like ToorCon 9, which wraps up today, don’t see computing the way the rest of us do. Now, clearly, these guys aren’t true black hats, even if they came to see the attack side. The real bad hackers don’t register in advance for such conventions - tho they may ... More About: Network Security , Hackers , Rest , Diff
Forgot Your Password? Just Crack It
2007-10-28 07:46:00 ElcomSoft on Monday said that it had filed to patent for a way to decrease the amount of time required to recover forgotten passwords, not to mention withheld passwords, by a factor of 25. The technique uses the graphics processing unit (GPU) on a computer in addition to its CPU. More About: Password , Crack , Network Access Protection
Protecting Your Home Computer from Internet Threats
2007-10-28 07:43:00 Improperly configured home PCs are one of the biggest risks to the Internet . At any given time there are hundreds of thousands or possibly millions of home PCs infected with viruses, worms, adware, spybots, or spambots. These users are causing a large volume of malicious traffic, which at the very least is a nuisance, and ... More About: Computer , Home , Threats , Threat
Free Software Tests for Bot Infections
2007-10-28 07:40:00 PineApp has released a free zombie test that can instantly discover whether an organization’s computer network might be an unwitting spamming machine, a “zombie” or ‘bot’ that can send thousands of infected spam messages to other networks without its knowledge. More About: Software , Malware , Free , Free Software , Infections
Techies take on spam zombies
2007-10-28 07:37:00 Computer scientists in Menlo Park are releasing a free diagnostic program today to help network administrators find PCs infected with an insidious new type of virus that has already tainted millions of computers and used them to generate billions of spam e-mails. Since this malicious program, variously called Peacomm or the Storm Worm, appeared in ... More About: Spam , Network Security , Zombies
Installing fulldisk encryption
2007-10-28 07:28:00 Will full-disk encryption be hard to implement? Maybe not. It’s often not as bad as you think. "If you have a distribution tool in place, encryption software is just another package you send out," said John Girard, vice president and distinguished analyst at Gartner. He recommended giving users a certain time frame to perform the ... More About: Encryption , Network Security , Crypt
Beware of hackers targeting storage systems
2007-10-28 07:24:00 Corporate storage systems and networks are an attractive target for hackers looking to steal sensitive data or launch computer attacks, Alan Lustiger, security architect at TD Ameritrade Inc., told an audience at Computerworld’s Storage Networking World user conference here yesterday. In particular, he warned IT executives that network-attached storage (NAS) systems are a most attractive ... More About: Network Security , Enterprise Security , Hackers , Systems
How to detect computer and email monitoring or spying software
2007-10-15 15:06:00 As an IT Pro, I routinely monitor employee?s computers and emails. It?s essential in a work environment for administrative purposes as well as for security. Monitoring email, for example, allows you to block attachments that could contain a virus or spyware. The only time I have to connect to a user?s computer and do work ... More About: Software , Email , Computer , Spying
How to detect computer and email monitoring or spying software
2007-10-15 15:06:00 As an IT Pro, I routinely monitor employee?s computers and emails. It?s essential in a work environment for administrative purposes as well as for security. Monitoring email, for example, allows you to block attachments that could contain a virus or spyware. The only time I have to connect to a user?s computer and do work ... More About: Software , Email , Computer , Spying
From Botnet Tracking to Intrusion Detection
2007-10-15 15:01:00 The following is an excerpt from the book Virtual Honeypots: From Botnet Tracking to Intrusion Detection . In this section of Chapter 11:Tracking Botnets (.pdf), authors Niels Provos and Thorsten Holz explain how virtual honeypots can be used in the real world to investigate botnets and their behaviour. Something that is interesting, but rarely seen is ...
From Botnet Tracking to Intrusion Detection
2007-10-15 15:01:00 The following is an excerpt from the book Virtual Honeypots: From Botnet Tracking to Intrusion Detection . In this section of Chapter 11:Tracking Botnets (.pdf), authors Niels Provos and Thorsten Holz explain how virtual honeypots can be used in the real world to investigate botnets and their behaviour. Something that is interesting, but rarely seen is ...
Mapping the Russian Business Network
More articles from this author:2007-10-15 14:56:00 Today’s Washington Post carries my story about the the Russian Business Network, an entity based in St. Petersburg that provides Web hosting services that cater exclusively to cyber criminals. From the story: "The Russian Business Network sells Web site hosting to people engaged in criminal activity, the security experts say. Groups operating through the company’s ... More About: Network Security , Malware , Phishing 1, 2, 3, 4, 5, 6, 7 |
 |
|
 |
