Another year has come and gone. As with each New Year, we reflect on the previous one and try to learn from both the good and bad events. In the world of information security, 2005 was a blur of identity theft scares, Microsoft updates, browser wars, compliance challenges and intrusion defenses -- to say the least. Based on your clicks, we've gathered our top five tips, news articles and learning tools from 2005. Find out what was hot and what you may have missed.
Top five tips of 2005
1. Roberta Bragg's 10 Windows hardening tips in 10 minutes
Our hottest tip of the year looks inside Roberta Bragg's book, "Hardening Windows Systems," and teaches you 10 things you can do immediately to harden your Windows networks.
2. How to remove a Trojan downloader
As Trojans become increasingly smarter, it gets harder to detect and eliminate them. In this tip, your peers offer advice on the best methods for ridding systems of these infectious intruders.
3. Choosing the right firewall topology: Bastion host, screened subnet or dual firewalls
The question of where to place firewalls within a network architecture is a common one. This tip reviews the three most common firewall configurations and helps you determine which option is best for your organization.
4. Where's the Firefox security button?
In 2005, we saw a lot of questions regarding the security of Firefox. Our most popular tip on the browser reviews its security options and compares them to those in Internet Explorer.
5. Keeping SOX 404 under control(s)
In the aftermath of the Sarbanes-Oxley deadline, information security professionals still found themselves stumbling over the vagueness of section 404. This tip outlines the policies organizations need to comply with SOX 404.
Top five news stories of 2005
1. Security no match for theater lovers
An informal street survey proved people would reveal anything -- even if it meant giving up their identity -- for even the smallest reward.
2. CISSP among highest paying certifications
A report from salary researchers at Foote Partners LLC, showed that CISSP certifications have grown in value. Find out what other certified security skills gained or lost value.
3. Linux lags Windows in new security report
Read what one controversial research paper found when it looked at the two popular platforms' track record on vulnerabilities and fixes.
4. What's all the fuss about WSUS?
When Microsoft released their new Windows Server Update Services (WSUS) in June, security professionals took opposing views on whether or not it was an improvement over the existing Software Update Service (SUS).
5. Security researcher causes furor by releasing flaw in Cisco Systems IOS
Michael Lynn's exposure of a potential vulnerability in Cisco Systems' routers at the Black Hat Briefings in July caused a major uproar and security pros quickly took sides. Find out how it all began.
Top five learning tools of 2005
1. Web Security School Entrance Exam
Are you Web security savvy? Our Web Security School Entrance Exam proved to be our toughest challenge yet. Test your knowledge of IIS and find out if you need to go to Web Security School.
2. Snort Technical Guide
While a favorite among security practitioners, the open source intrusion detection tool can be challenging to use. This technical guide aims to ease the complexities of using Snort.
3. Quiz: Vulnerability management
Vulnerability assessments and penetration tests are monumental tasks, and security practitioners need to know when one is more suitable than the other and how it will mitigate threats. Test your knowledge of the vulnerability management process with this quiz.
4. Quiz: Playing with fire(walls)
Your firewall is a vital tool in your network security arsenal. Take our quiz to find out if you're using it to its utmost advantage.
5. SearchSecurity.com's E-mail Security School
Learn how to lock down your e-mail systems, from the essentials to spam and virus defense, and policy control. Each of the three lessons consists of a webcast, technical paper and quiz created by our guest instructor, Joel Snyder.