Access "Benefits of encryption: Improving your enterprise IT security structure"
This article is part of the October 2004 issue of Help! Evaluating AV solutions and tech support
Despite ample warnings and publicity, the annual Def Con hacker conference always catches a fair number of new victims for its "Wall of Shame"--a compilation of people who expose their passwords and credentials to other attendees. If you use unencrypted POP3 or IMAP to check your e-mail, HTTP to access a Web app, FTP for a file transfer or Telnet for remote access, you too could end up on this list. Worse, you could end up on some hacker's to-do-list, with more dire consequences. Whether you're talking about a compromised host or wide-open wireless networks, eavesdropping is a serious security issue. Hackers only need to control one host on a LAN or VLAN to sniff packets and compromise your network. They can even do this on a switched network using tools like ettercap or arpspoof, which trick hosts into sending traffic to the wrong destination. Consider this: Every packet you send across the Internet passes through a number of routers. Hackers can compromise and reconfigure these hops to route traffic through their machines. Attackers don't even need to ... Access >>>
Premium Content for Free.
Antivirus vendor review 2004: Is AV customer support dying?
by Ed Skoudis, CISSP
Ed Skoudis subjects five of the leading antivirus vendors to customer support scenarios. Learn how well each of the AV vendors responded to its customers' needs.
The self-defending network: Is it real technology or market speak?
by Eric Cole, Contributor
Cisco and other security vendors are touting the "self-defending" network. Is it real technology or market-speak?
- Antivirus vendor review 2004: Is AV customer support dying? by Ed Skoudis, CISSP
The downside of cybercrime investigation and prosecution
by Carole Fennelly, Contributing Writer
Prosecuting cybercrime puts your organization -- and your security -- on the hot seat.
Preventing spyware and third-party attacks
by David Geer, Contributor
Is your IT infrastructure prepared for spyware? In this feature, learn how to prepare your enterprise for spyware and how best to avoid these third-party attacks.
- The downside of cybercrime investigation and prosecution by Carole Fennelly, Contributing Writer
Buying security software: The devil's in the details
by Lawrence Walsh
When purchasing new security software, be sure to check references and quality controls first. You don't want to be stuck if something goes wrong.
Identifying VoIP phone security risks, attacks
by Marcus J. Ranum, Contributor
If the VoIP phone keeps ringing, it's probably spam.
The security appliance market: Just a myth?
by Pete Lindstrom, Contributor
Vendors often package their appliances to sell through their company, it makes no sense for them to stock pile into a marketplace. Pete Lindstrom explains.
Benefits of encryption: Improving your enterprise IT security structure
by Jay Beale, Contributor
Learn the benefits of encryption and how it can be one of the only true secure ways to protect your enterprise.
Application Vulnerability Development Language: Why is it important for security?
by Andrew Briney
Network security is like a U.N. meeting without the upside-down headphones, writes Editorial Director Andy Briney in this column.
- Buying security software: The devil's in the details by Lawrence Walsh
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...