Linux Network Security - Page 30

Discover Network Security News

Interview with Kenny Paterson, Professor of Information Security at Royal Holloway, University of Lo

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Information Security Group at Royal Holloway is one of the world's largest academic research groups in information security, with about 15 permanent academic staff, 50 PhD students and a thriving masters programme. They carry out research in many areas of the subject, including network security. That is one of Kenny Paterson's areas of specialism, and he teaches their masters course on the topic, and carries out research in the area.

Benjamin D. Thomas
Jun 14, 2006

The top five ways to prevent IP spoofing

The term "spoofing" is generally regarded as slang, but refers to the act of fooling -- that is, presenting a false truth in a credible way. There are several different types of spoofing that occur, but most relevant to networking is the IP spoof. Most types of spoofing have a common theme: a nefarious user transmits packets with an IP address, indicating that the packets are originating from another trusted machine.

Brittany Day
Jun 09, 2006

Researchers eye machines to analyze malware

The reverse engineer--better known amongst security researchers by his nom de plume, Halvar Flake-- created an automated system for classifying software into groups, a process he believes for which machines are much better suited. Research using the system has underscore the sometimes-arbitrary decisions humans make in classifying malicious programs, he said.

Brittany Day
Jun 08, 2006

Social Engineering, The USB Way

We recently got hired by a credit union to assess the security of its network. The client asked that we really push hard on the social engineering button. In the past, they'd had problems with employees sharing passwords and giving up information easily. Leveraging our effort in the report was a way to drive the message home to the employees. The client also indicated that USB drives were a concern, since they were an easy way for employees to steal information, as well as bring in potential vulnerabilities such as viruses and Trojans. Several other clients have raised the same concern, yet few have done much to protect themselves from a rogue USB drive plugging into their network. I wanted to see if we could tempt someone into plugging one into their employer's network.

Brittany Day
Jun 07, 2006

UTM - Preparing for New Generation of Security Threats

Securing networks has rapidly taken center stage among most enterprises as the threat from increasingly sophisticated attacks becomes more complex and costly to manage. According to the research group IDC, enterprises worldwide spent an estimated $32.6Bn in 2005 on network security but are still faced with an ever-changing landscape of new security threats. Traditional network defense solutions such as firewalls and intrusion prevention devices must be supplemented by secure content management devices in order to block the full range of sophisticated attacks including viruses, spyware, spam and phishing.

Anthony Pell
Jun 06, 2006

The Games Hackers Play

This clash has nothing to do with the simulated battles on Gindis, Eternal Duel, Mobstar or any of the more hip gaming sites. No, this one's for real. The villains in this combat are criminal hackers and phishing scammers, and their targets: unsuspecting on-line gamers. And while the battlefield may be cyber space, there's nothing virtual about the damage wrought by these scams. The "loot" is lucrative game points that hackers steal and then sell at a profit.

Brittany Day
Jun 02, 2006

Most sites ready for SSL progress

Despite the enormous success of SSL for securing web traffic, there has been little technical change in the way that SSL is used for secure HTTP in the ten years since SSL version 3 was introduced. Although it has been around since 1996, most browsers have continued to make connections compatible with the older SSL version 2 protocol. But now the major browser developers are aiming to drop SSL v2 completely; export-grade encryption ciphers are also to be dropped. SSL version 2 was supported by Netscape 1.0, back in 1994, and it was made obsolete by SSL version 3, published in 1996. But while SSL version 3 was soon widely supported — and over 97% of HTTPS sites also support its successor, TLS — most browsers have continued to make SSL-v2-compatible connections, in order to stay compatible.

Benjamin D. Thomas
Jun 02, 2006

Security expert recommends 'Net diversity

What do you see as the top three information security threats that are most likely to hit U.S.-based multinationals? One of the biggest threats we have right now is deployment of resources intended either to save on cost or enhance features without thinking through the consequences. VoIP and wireless fall in this category. They have failure modes that are very different than what they are replacing and are not well understood. Perceived cost advantages are driving these technologies, but that is overcoming the caution that should be in place. That's a threat not in the sense of a particular attack, but it is a systemic problem that leads to weakness in security posture and therefore may lead to attacks.

Benjamin D. Thomas
May 31, 2006

Execs Express Top Security Concerns

When it comes to protecting corporate assets there seems to be little security managers don't worry about. That the impression of security executives attending this week's Converge '06 conference - also known as security vendor Courion's annual customer meeting.

Brittany Day
May 30, 2006

Network auditing on a shoestring

What do you do when the auditors are breathing down your neck, wanting to see an exhaustive report on the Windows network security of a 2,000-user network across eight sites? That's easy. Break out a text editor and start writing some Perl. That's what my colleague Matt Prigge and I did when we were tasked with locating every share available on a network and documenting who had access to their files. At first blush, it was a Herculean effort. When we started coding and the pieces began to fall into place, however, it became much simpler.

Benjamin D. Thomas
May 30, 2006

Follow the Appiant way to a more secure network…

Hardly a day goes by that we don't hear new information about some company getting themselves hacked. Sure they all have firewalls, but HOW are the hackers getting in? I was hired to perform an application security audit for a local university. They wanted to make sure that they didn't become part of the growing statistics.

Brittany Day
May 29, 2006

Linux: Setup a transparent proxy with Squid in three easy steps

Yesterday I got chance to play with Squid and iptables. The job was to setup Squid proxy as a transparent server. Main benefit of setting transparent proxy is you do not have to setup up individual browsers to work with proxies.

Brittany Day
May 29, 2006

Security Management From One Platform

Managing network security gets harder every day as the number and types of threats multiply. Security is also a double-edged sword, and an incorrectly implemented or mismanaged security policy can prevent network commerce and stand in the way of the mission of the enterprise.

Brittany Day
May 28, 2006

Detecting And Preventing HTTP Response Splitting And HTTP Request Smuggling Attacks At The TCP Level

This technical note describes a detection/prevention technique that works in many cases both with HTTP Response Splitting and with HTTP Request Smuggling. This technique makes use of implicit information found in the TCP stream, namely the segmentation into packets and the TCP PSH bit.In HTTP Response Splitting, the proposed technique needs to be applied at the proxy server, the one closest to the web server, and to the response stream. In HTTP Request Smuggling, this technique needs to be applied at the entity closest to the attacked proxy server/device (i.e. implemented in another proxy server, or the web server itself), and to the request stream (note, however, that this second server may be off the premises of the organization wherein the web server is, see also "Can HTTP Request Smuggling be blocked by Web Application Firewalls?".

Benjamin D. Thomas
May 26, 2006

Security 101 - Don't Roll Your Own

As hackers and cyber-thieves become increasingly sophisticated, I often wonder why some organizations still think it's a good idea to bypass expert help and develop their own (vulnerable) systems.

Brittany Day
May 24, 2006

Ten Tips for Managing Passwords

Passwords are fatally flawed, it's true, but for now they are the best option for many companies. But almost everybody could be managing them more effectively. In all likelihood passwords will remain a problem until the very day they are replaced by technologies such as biometrics, which is the direction the industry appears to be heading. However, until that day comes, below are some tips for fostering a culture of secure and more effective password management.

Brittany Day
May 20, 2006

Security Analyzers Target Vulnerabilities

Protocol abuse targets vulnerabilities in many types of devices and applications, from firewalls, VoIP controllers and VPN gateways to intrusion-prevention systems and other perimeter defense. Despite the considerable investments made in security infrastructure, many vulnerabilities remain undetected. To alleviate protocol abuse, a new class of product - the security analyzer - can help IT departments assess the security of IP-based products, service or applications. A security analyzer utilizes a rigorous process, complete with an audit trail and remediation scripts, to find and fix vulnerabilities before deploying systems and software into production networks.

Brittany Day
May 18, 2006

The Ultimate Net Monitoring Tool

The equipment that technician Mark Klein learned was installed in the National Security Agency's "secret room" inside AT&T's San Francisco switching office isn't some sinister Big Brother box designed solely to help governments eavesdrop on citizens' internet communications. Rather, it's a powerful commercial network-analysis product with all sorts of valuable uses for network operators. It just happens to be capable of doing things that make it one of the best internet spy tools around.

Brittany Day
May 17, 2006

The Changing Face of Network Security Threats

Network administrators face many threats from both inside and outside the walls of their infrastructure. This paper discusses the risks that everyone faces along with ways to mitigate the exposure and resulting damage from such an attack. It will also focus on new devices being produced to provide increased security. Despite their slipping market share in router sales to Juniper, Cisco remains the largest provider of Routers, which are used to provide the backbone for the majority of companies today [10]. Because of the large role Cisco routers play in the infrastructure of the internet and the nature of the protocols these routers use; it has placed a large target on them from hackers wanting to exploit these vulnerabilities.

Benjamin D. Thomas
May 17, 2006

Password Hell (Part 2): Companies Must Get It Right...Now

Failure to properly instil a culture of effective password management in a company could land its directors in jail, while wading through alternatives to "fatally flawed" passwords is a process mired in "fear, uncertainty and doubt" according to experts on all sides of the debate. The only given is that the need to get it right is now more pressing than ever, according to one top lawyer. David Naylor, partner at law firm Field Fisher Waterhouse, said companies need to ensure they have strict policies in place regarding password management and said best practice would be to incorporate these as requirements in the company's contractual arrangements with employees and third-parties with access to the company systems.

Brittany Day
May 16, 2006

Linux Network Security - Page 30

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Enhancing Network Security with Linux Proxy Servers

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance