Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Known as a resource-deprivation attack, Internet data sent in a certain way could cause servers to crash under an artificial avalanche of data. Security consultant BindView Corp. has announced that a widespread flaw in the way that servers handle Internet traffic . . .
Almost a third of UK companies experience a complete network crash at least once every 12 weeks, according to a new study. A quarter of companies say they've lost critical data because of virus attacks, and 16 per cent say that, . . .
Incident handling is a generalized term that refers to the response by a person or organization to an attack. An organized and careful reaction to an incident can mean the difference between complete recovery and total disaster. This paper will provide . . .
Both IPsec and NAT have been with us for some time, but making them play together has been hard work. To IP gurus, NAT (Network Address Translation) is an ugly kludge because it changes the way IP works at a fundamental . . .
The freely shared, open source, one-directory-fits-all model of the new peer-to-peer network scheme -- made popular by the rapid deployment of Napster and its descendants -- has given rise to a fresh wave of security concerns, some of them weirdly unique. . . .
In the age of connectivity, security relies on a bunch of disconnected technologies: antivirus, firewalls, intrusion detection, systems management, access controls, encryption, etc. The biggest challenge for an application vendor like webMethods is to make these various layers of protection work . . .
Over the past year, we've been keeping a close eye on what has been hitting the news, and what hasn't, in the area of computer crime. Whether you obtain your security statistics from Web defacement mirrors, such as attrition. org, or . . .
Employees are the biggest threat to network security - and they don't even know it. Unauthorised equipment attached to a company network can, according to Robin Dahlberg, UK MD of Internet Security Systems, compromise the best efforts of a network . . .
Employees are the biggest threat to network security - and they don't even know it. Unauthorised equipment attached to a company network can, according to Robin Dahlberg, UK MD of Internet Security Systems, compromise the best efforts of a network manager . . .
In the wake of the hack into Microsoft's network, many security administrators have turned their attention to what some believe is the greatest security challenge facing corporations: teleworkers. Network administrator at US firm SR Equipment Craig LaHote is . . .
Two separate initiatives led by Netegrity Inc. and Securant Technologies Inc. are looking to develop an XML standard for moving security information--including authentication, authorization and user profiles--across disparate online trading systems.. . .
It doesn't take long to figure out the security problem with these port technologies: If a port lets data flow out, it also lets data flow in. A port is essentially an opening into your computer, and it can be hacked. . . .
Businesses around the world are sitting on a legal powder keg by failing to adequately protect their servers from hacker intrusion. Nick Lockett, ecommerce lawyer at Sidley & Austin, said that sites which were used by hackers to launch distributed denial . . .
Lately, reactions to non-intrusive probes and network activity that is merely unexpected are becoming increasingly hostile; a result from increasing amounts of incidents and security threats. From my perspective of security, overreactions to activities not crossing authorization and legal boundaries, are . . .
This is a good article by Dave Dittrich, author of much of the general documentation/reports we have about DDoS. "DDoS was only the beginning. In the future, automated threats will continue to outstrip our ability to . . .
The Internet Bill Presentment and Payment app will power the shift from traditional billing to seamless electronic transactions. In this article, I'll investigate the parties and processes involved in Internet billing services for e-commerce. I'll also examine the importance of standards . . .
Most of us take DNS servers for granted. Here, in a continuing series on attacking and defending your own machines, I discuss how people attack DNS servers and what you can do to better your security. I answer these questions: How . . .
One trick favored by hunters since prehistoric times still proves useful in the world of digital networks: bait. Security specialists often construct systems that appear vulnerable to attack, but actually offer no access to valuable data, administrative controls, or other computers. . . .
Attempting to distance itself from a spam controversy, PSINet cut off service to an admitted sender of unsolicited commercial email and pledged to amend its spam policy and educate its sales force. PSINet came under fire from anti-spam organizations after CNET . . .
The only sure way to lock down a PC is to disconnect it from any network and never load a program or a document file that supports macros. That is rather impractical especially when our goal is to . . .