The Network Security. OrgThe Network Security. OrgNetwork Security, Wireless Security, Browser Security, Internet Security News and Articles. Articles
Mapping the Russian Business Network
2007-10-15 14:56:00 Today’s Washington Post carries my story about the the Russian Business Network, an entity based in St. Petersburg that provides Web hosting services that cater exclusively to cyber criminals. From the story: "The Russian Business Network sells Web site hosting to people engaged in criminal activity, the security experts say. Groups operating through the company’s ... More About: Network Security , Malware , Phishing
How to Stop Snarfing and Other Common Switch Hacks
2007-10-15 14:53:00 ARP poisoning, SNMP snarfing, and "fuzzing" are common hacks perpetrated on Ethernet switch gear. Cisco networking expert Jimmy Ray Purser explains how to guard against these hacks.The only thing I enjoy more than seeing my mother-in-law head back to Ohio is hacking Ethernet switches. I do a presentation on hacking switch gear that seems to ... More About: Hacks , Network Security , Switch , Common , Stop
How to Stop Snarfing and Other Common Switch Hacks
2007-10-15 14:53:00 ARP poisoning, SNMP snarfing, and "fuzzing" are common hacks perpetrated on Ethernet switch gear. Cisco networking expert Jimmy Ray Purser explains how to guard against these hacks.The only thing I enjoy more than seeing my mother-in-law head back to Ohio is hacking Ethernet switches. I do a presentation on hacking switch gear that seems to ... More About: Hacks , Network Security , Switch , Common , Stop
Hackers Attack Apps While Still in Development
2007-10-15 14:49:00 Everybody’s talking about the need to write more secure applications. But what if the bad guys sabotage the code during the development process? Researchers long have known about the potential for infection or a breach during the software-build process using open-source tools — there were cases in 2002 of hackers infecting OpenSSH, Sendmail, and IRC ... More About: Network Security , Application Security , Development , Hackers , Attack
Hackers Attack Apps While Still in Development
2007-10-15 14:49:00 Everybody’s talking about the need to write more secure applications. But what if the bad guys sabotage the code during the development process? Researchers long have known about the potential for infection or a breach during the software-build process using open-source tools — there were cases in 2002 of hackers infecting OpenSSH, Sendmail, and IRC ... More About: Network Security , Application Security , Development , Hackers , Attack
Critical Oracle patches coming next week
2007-10-15 14:46:00 Oracle Corp. will release security updates for its products next week fixing 51 vulnerabilities in its products. Included in the Critical Patch Update, set to be released Tuesday, will be critical updates for the company’s flagship Oracle Database. Twenty-seven database bugs will be fixed, but five of the bugs can be "exploited over a network ... More About: Network Security , Enterprise Security , Oracle , Patches , Week
Critical Oracle patches coming next week
2007-10-15 14:46:00 Oracle Corp. will release security updates for its products next week fixing 51 vulnerabilities in its products. Included in the Critical Patch Update, set to be released Tuesday, will be critical updates for the company’s flagship Oracle Database. Twenty-seven database bugs will be fixed, but five of the bugs can be "exploited over a network ... More About: Network Security , Enterprise Security , Oracle , Patches , Week
Security researcher warns about Citrix vulnerability
2007-10-15 14:43:00 The flaw could allow an attacker user-level access to execute remote commands on Citrix servers. A security consultancy has identified a vulnerability that could allow an attacker to gain "user access level on integrated remote Citrix servers." GnuCitizen, which identifies itself as a "cutting-edge think tank" and a "creative hacker organization," has posted a warning ... More About: Security , Vulnerability , Trix
Security researcher warns about Citrix vulnerability
2007-10-15 14:43:00 The flaw could allow an attacker user-level access to execute remote commands on Citrix servers. A security consultancy has identified a vulnerability that could allow an attacker to gain "user access level on integrated remote Citrix servers." GnuCitizen, which identifies itself as a "cutting-edge think tank" and a "creative hacker organization," has posted a warning ... More About: Security , Vulnerability , Trix
Of hackers and ego
2007-10-15 14:38:00 The world of computer security can often be a strange and compelling one. Many outsiders, or those with little knowledge of computers, just don?t understand the whole uproar over various issues, such as whether Microsoft Vista is more secure then Linux or Mac. It?s all moot as far as the general population is concerned. But, ... More About: Malware , Hackers
Of hackers and ego
2007-10-15 14:38:00 The world of computer security can often be a strange and compelling one. Many outsiders, or those with little knowledge of computers, just don?t understand the whole uproar over various issues, such as whether Microsoft Vista is more secure then Linux or Mac. It?s all moot as far as the general population is concerned. But, ... More About: Malware , Hackers
Some unanswered website vulnerability questions
2007-10-15 14:33:00 In the industry we discuss at great length the legal risks and ethical responsibilities of the person disclosing an issue, but not enough about the same when it comes to the business itself. I?ve had a hard time getting authoritative answers to some seemingly simple questions, so I figured I?d give the blog a try. ... More About: Website , Questions , Network Security , Enterprise Security , Vulnerability
Some unanswered website vulnerability questions
2007-10-15 14:33:00 In the industry we discuss at great length the legal risks and ethical responsibilities of the person disclosing an issue, but not enough about the same when it comes to the business itself. I?ve had a hard time getting authoritative answers to some seemingly simple questions, so I figured I?d give the blog a try. ... More About: Website , Questions , Network Security , Enterprise Security , Vulnerability
ARP Spoofing Malware
2007-10-15 14:30:00 ARP Spoofing is a technique that every security consultant will scare their clients with as a means to prove the point that nothing within the network is safe from eavesdropping. So what is it? ARP spoofing, also known as ARP poisoning, is a technique used to attack an Ethernet network. It allows an attacker to ... More About: Malware
ARP Spoofing Malware
2007-10-15 14:30:00 ARP Spoofing is a technique that every security consultant will scare their clients with as a means to prove the point that nothing within the network is safe from eavesdropping. So what is it? ARP spoofing, also known as ARP poisoning, is a technique used to attack an Ethernet network. It allows an attacker to ... More About: Malware
Common Denial of Service Attacks
2007-10-15 14:27:00 Denial of service attacks come in two types: Denial of Service attacks (DoS) and Distributed Denial of Service attacks (DDoS). A DoS attack is ‘an attack in which a third party purposely floods a network or website with traffic in order to prevent legitimate access (?Denial of Service?, 2007)’. A DDoS ‘occurs when multiple ... More About: Network Security , Enterprise Security , Common , Attacks
Common Denial of Service Attacks
2007-10-15 14:27:00 Denial of service attacks come in two types: Denial of Service attacks (DoS) and Distributed Denial of Service attacks (DDoS). A DoS attack is ‘an attack in which a third party purposely floods a network or website with traffic in order to prevent legitimate access (?Denial of Service?, 2007)’. A DDoS ‘occurs when multiple ... More About: Network Security , Enterprise Security , Common , Attacks
Securing your Linksys WRT54G
2007-10-15 14:20:00 Wireless networks are becoming increasingly common due to the ease and cost of deployment of the LAN using wireless technologies. Wireless networks provide different challenges than wired networks, especially in securing data in transit between the client and the wireless access point. The common wireless standards, provide mechanisms for securing wireless data, and despite the ... More About: Network Security , Linksys
Securing your Linksys WRT54G
2007-10-15 14:20:00 Wireless networks are becoming increasingly common due to the ease and cost of deployment of the LAN using wireless technologies. Wireless networks provide different challenges than wired networks, especially in securing data in transit between the client and the wireless access point. The common wireless standards, provide mechanisms for securing wireless data, and despite the ... More About: Network Security , Linksys
Protect Public Computers with Windows SteadyState Part 1
2007-10-07 08:59:00 If you have ever managed shared access computers, like computers in schools, public libraries, Internet cafes, kiosk machines, etc, you probably know how hard it is to keep the computers running in the long run, as well as keeping the security level high and up to date, without too much work and ?hands-on?. What we ... More About: Windows , Computers , Network Security , Enterprise Security , Public
Protect Public Computers with Windows SteadyState Part 1
2007-10-07 08:59:00 If you have ever managed shared access computers, like computers in schools, public libraries, Internet cafes, kiosk machines, etc, you probably know how hard it is to keep the computers running in the long run, as well as keeping the security level high and up to date, without too much work and ?hands-on?. What we ... More About: Windows , Computers , Network Security , Enterprise Security , Public
The top 10 reasons Web sites get hacked
2007-10-07 08:57:00 Web security is at the top of customers? minds after many well-publicized personal data breaches, but the people who actually build Web applications aren?t paying much attention to security, experts say. They?re totally ignoring it,? says IT consultant Joel Snyder. ?When you go to your Web site design team, what you?re looking for is people ... More About: Network Security , Web Sites , Sites , Reasons , Hacked
How to Trace a DDOS Attack
2007-10-07 08:53:00 At most any time of the day, there’s a distributed denial-of-service (DDOS) attack underway somewhere on the Internet. Yes, it’s still true, despite reports that some ISPs have experienced fewer DDOS attacks overall during the last six months. It’s a matter of quality, not quantity: "When DDOSes do occur, they are done with much greater ... More About: Network Security , Enterprise Security , Attack , Atta , Ddos
FullDisk Encryption Is Partial Protection Analysts Say
2007-10-07 08:48:00 Full-disk and file-based encryption should be combined to best prevent data leaks, according to security analysts and vendors. It seems to be in the news about once a month?another laptop disappears containing thousands of pieces of corporate or personal data. Now the legal department wants to know whether IT can confirm that some or all ... More About: Encryption , Network Security , Enterprise Security , Crypt , Anal
Defend your network from idle scanning
2007-10-03 08:39:00 If your organization’s intrusion detection system (IDS) identifies a scan of your network, and you just block that IP address, you likely haven’t addressed the real threat to your network. Black hats employ several stealth scanning techniques, and one of those threats is the idle scan. Idle scanning is a procedure that involves scanning TCP ... More About: Network Security , Enterprise Security , Scanning , Network , Intrusion Detection
Think your jobs tough Try protecting Net access for the U.S. Army
2007-10-03 08:35:00 For most large companies, an attack that brings down the corporate network means millions of dollars in lost revenue and unhappy customers. But if the net defenders of the U.S. Army see their network go down or their defenses broken, the stakes are significantly higher; the lives of soldiers fighting in Iraq and Afghanistan are ... More About: Jobs , Network Security , Data Security , Administration
Six ways to fight back against botnets
2007-10-03 08:31:00 1. Hire a Web-filtering service. Web-filtering services are one of the best ways to fight bots. These services scan for Web sites exhibiting unusual behavior or known malicious activity and block those sites from users. Websense, Cyveillance and FaceTime Communications are examples. All monitor the Internet in real time to find Web sites ... More About: Enterprise Security , Fight , Identity Theft , Back , Botnets
Beware the Default Password
2007-10-03 08:28:00 During the course of a recent security audit I was rather surprised to find a critical system still running with a default password. The default password has long been the bug bear of many the security admin. At the same time it has been the savior of many of us at one stage or another, ... More About: Network Security , Password , Administration , Beware
Enforce Data Security Rules
2007-10-03 08:25:00 When asked at a recent hearing of the General Assembly’s finance committee why she didn’t come forth right away with details about the theft of a laptop containing confidential taxpayer information, state Commissioner of Revenue Services Pam Law testified that she was not really good with the press. "That’s not my style," she said. More About: Security , Network Security , Data Security , Data , Rules
Passive Network Analysis
More articles from this author:2007-09-30 09:06:00 In sports, it’s pretty much accepted wisdom that home teams have the advantage; that’s why teams with winning records on the road do so well in the playoffs. But for some reason we rarely think about "the home field advantage" when we look at defending our networks. After all, the best practice in architecting a ... More About: Network Security , Analysis , Network , Network Analysis , Passi 1, 2, 3, 4, 5, 6, 7 |
 |
|
 |
