Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
This article describes how to configure a PC running FreeBSD to serve as an access point (AP) for your wireless network. This FreeBSD access point does not need to be a server or desktop machine. Indeed, many people recommend using an . . .
Most of the customers of Edinburgh business ISP edNET were left without Internet services yesterday after it experienced a serious distributed denial of service (DDoS) attack. edNET began to experience what it described in an email to users as a "catastrophic network failure" at around 8am yesterday.. . .
Network Security has become an important part of today's IT staffs. However, there is a small part of it that needs to be a part of everybody's understanding that works with computers that attach to the Internet. I will review some . . .
In the first of a two-part series looking at security issues facing wireless Lan technology, David Ludlow looks into the lengths that crackers will go to when they are trying to infiltrate your network. We've all seen the reports and news . . .
The biggest single threat to your IT operation is someone you probably know by name. Think about it. Who knows better how to penetrate your systems--a hacker or someone down the hall who already has access to your systems? . . .
Argh. Thanks to Chris Longo for pointing out the bad link. Fixed. The popular article by Duane Dunston featured on LinuxSecurity.com recently has now been made available in the form of PDF, due to requests from users. "This is a practical step by step guide showing how to use Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, and Ngrep, and others. It also provides a discussion of how and why we should monitor network traffic.". . .
Data contained in XML tags needs to be secured in transit over the Internet, just like any other transaction. SSL and HTTPS are sufficient for most transactions, and companies routinely add their own further encryption for the stuff that really needs . . .
... how secure is this technology? What kinds of problems will IT staff encounter? One type of problem gaining national attention is called "war driving," in which a hacker can use a laptop computer to drive around and, like tuning in radio stations, can seek out personal information on wireless networks.. . .
A nice resource of links to articles on wireless networking security. "LAN 802.11 benefits and applications have recently gained enthusiastic acceptance in workplaces where mobility is essential. Concurrently, however, WLAN security has been compromised and where security is most critical, WiFi . . .
The sad truth is that if you keep sensitive files on any Web server, you are inviting people to view or copy those files. And not just Web servers, either. FTP servers can also be indexed by automated scanning tools, similar to Web indexing robots. The worst offenders so far have been e-commerce sites, where it is common to find database files with credit card info.. . .
According to underground culture, the staple diet of hackers is Jolt cola and Ramen noodles. But the food could be could be picked up for free after hackers discovered a gaping security hole in the network of noodle house Wagamama. vnunet.com . . .
Should you be concerned about wireless security? Yes, at least according to Chris O'Ferrell, chief technology officer of wireless technology company Netsec. He says you should ask any organization you see using a wireless network--including your bank, the airports you visit, . . .
If you're an IT security practitioner, a phalanx of intricately aligned defense mechanisms are at your disposal. Your perimeter defense strategy comprises firewalls, routers and intrusion-detection systems. You're running intrusion-prevention software on key machines, with host-based intrusion-detection systems watching their backs. . . .
In this introduction to protecting your computers from intrusion, the author discusses concepts of computer security. Selecting good passwords, using firewalls, and other security concepts are introduced. If your computer is not connected to any other computers and doesn't have . . .
There is no doubt that the Internet has brought unparalleled connectivity to computers, especially in the last few years. But ironically, this very advantage has also been the bane of hundreds of corporations, all of which critically depend on these connections . . .
A group of security researchers has discovered a simple attack that enables them to intercept Internet traffic moving over a wireless network using gear that can be picked up at any electronics store and an easily downloadable piece of freeware. The . . .
A flaw in a software-compression library used in all versions of Linux could leave the lion's share of systems based on the open-source operating system open to attack, said sources in the security community on Monday. Several other operating systems that . . .
A team of Penn State and Iowa State researchers has tested and rated three "smart" classification methods capable of detecting the telltale patterns of entry and misuse left by the typical computer network intruder. They found that one, called "rough sets," . . .
So what has this taught us? Once again, the lesson is Security in Depth. Different teachers, different textbook, same lesson. More and more wireless networks are being deployed everyday, but I don't think that there is a corresponding increase in security . . .
For those who think switched Ethernet environments are sniff-proof, the author offers this warning. Switches may be difficult to sniff, but they are certainly not immune. As is clear from the above sections, one method of sniffing in a switched environment is using ARP spoofing, and the machine that will most probably be ARP spoofed is the gateway.. . .