Security Management Strategies for the CIOAccess "Benefits of encryption: Improving your enterprise IT security structure"
This article is part of the October 2004 issue of Help! Evaluating AV solutions and tech support
Despite ample warnings and publicity, the annual Def Con hacker conference always catches a fair number of new victims for its "Wall of Shame"--a compilation of people who expose their passwords and credentials to other attendees. If you use unencrypted POP3 or IMAP to check your e-mail, HTTP to access a Web app, FTP for a file transfer or Telnet for remote access, you too could end up on this list. Worse, you could end up on some hacker's to-do-list, with more dire consequences. Whether you're talking about a compromised host or wide-open wireless networks, eavesdropping is a serious security issue. Hackers only need to control one host on a LAN or VLAN to sniff packets and compromise your network. They can even do this on a switched network using tools like ettercap or arpspoof, which trick hosts into sending traffic to the wrong destination. Consider this: Every packet you send across the Internet passes through a number of routers. Hackers can compromise and reconfigure these hops to route traffic through their machines. Attackers don't even need to ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Antivirus vendor review 2004: Is AV customer support dying?
by Ed Skoudis, CISSP
Ed Skoudis subjects five of the leading antivirus vendors to customer support scenarios. Learn how well each of the AV vendors responded to its customers' needs.
-
The self-defending network: Is it real technology or market speak?
by Eric Cole, Contributor
Cisco and other security vendors are touting the "self-defending" network. Is it real technology or market-speak?
-
Antivirus vendor review 2004: Is AV customer support dying?
by Ed Skoudis, CISSP
-
-
The downside of cybercrime investigation and prosecution
by Carole Fennelly, Contributing Writer
Prosecuting cybercrime puts your organization -- and your security -- on the hot seat.
-
Preventing spyware and third-party attacks
by David Geer, Contributor
Is your IT infrastructure prepared for spyware? In this feature, learn how to prepare your enterprise for spyware and how best to avoid these third-party attacks.
-
The downside of cybercrime investigation and prosecution
by Carole Fennelly, Contributing Writer
-
Columns
-
Buying security software: The devil's in the details
by Lawrence Walsh
When purchasing new security software, be sure to check references and quality controls first. You don't want to be stuck if something goes wrong.
-
Identifying VoIP phone security risks, attacks
by Marcus Ranum, Contributor
If the VoIP phone keeps ringing, it's probably spam.
-
The security appliance market: Just a myth?
by Pete Lindstrom, Contributor
Vendors often package their appliances to sell through their company, it makes no sense for them to stock pile into a marketplace. Pete Lindstrom explains.
-
Benefits of encryption: Improving your enterprise IT security structure
by Jay Beale, Contributor
Learn the benefits of encryption and how it can be one of the only true secure ways to protect your enterprise.
-
Application Vulnerability Development Language: Why is it important for security?
by Andrew Briney
Network security is like a U.N. meeting without the upside-down headphones, writes Editorial Director Andy Briney in this column.
-
Buying security software: The devil's in the details
by Lawrence Walsh
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...