Manage

IPv6 security and network protocols security

• What are the top network security techniques for modern companies?

  Protecting the enterprise network remains integral to overall IT security. Here are the top network security techniques enterprises are using to protect data. Continue Reading

• How does BGP hijacking work and what are the risks?

  The lack of security protections in BGP means that route hijacking can be easy, especially for organized crime or state-backed threat actors. Here are ways to deal with it. Continue Reading

• Will DNS Flag Day affect you? Infoblox's Cricket Liu explains

  What is DNS Flag Day? That's when old and broken DNS servers will stop working, improving DNS performance and safety for all. Infoblox's chief DNS architect Cricket Liu explains. Continue Reading

• Is network traffic monitoring still relevant today?

  An increase in DNS protocol variants has led to a higher demand for network traffic monitoring. The SANS Institute's Johannes Ullrich explains what this means for enterprises. Continue Reading

• What to do when IPv4 and IPv6 policies disagree

  Unfortunately for enterprises, IPv4 and IPv6 policies don't always agree. Fernando Gont examines the differences between these two security policies, as well as some filtering rules. Continue Reading

• How to prepare for potential IPv6 DDoS attacks

  Enterprises learn how to prepare for IPv6 with DDoS attack tools. Michael Cobb further addresses the inevitable attacks and what users can do.Continue Reading

• How DNS TXT records can be used against enterprises

  A domain name system is a widely used protocol, but new research shows how threat actors can use DNS TXT records for cyberattacks. Nick Lewis explains this new DNS threat.Continue Reading

• IPv6 addresses: Stability concerns and usage advice

  Enterprises can deploy IPv6 addresses to improve privacy and security, but there are stability and usage considerations. Expert Fernando Gont explains what they are.Continue Reading

• The security pros and cons of using a free FTP tool

  A free FTP tool can help move enterprise files to a managed file transfer service, but there are security factors to consider. Expert Judith Myerson explains what they are.Continue Reading

• How to use DNS reverse mapping to scan IPv6 addresses

  Enterprises looking to perform IPv6 address scans can use DNS reverse mapping techniques. In part one of this tip, expert Fernando Gont explains how the process works.Continue Reading

• How to handle out-of-band management for network infrastructure

  Out-of-band management can be used for handling network infrastructure. Expert Judith Myerson explains the benefits of out-of-band management and how it can be implemented.Continue Reading

• Putting IPv6 vulnerabilities under the microscope

  Examining IPv6 vulnerabilities prior to deployment is crucial for enterprises. Expert Judith Myerson explains the risks of older gear, unpatched IPv6 ND flaws and other issues.Continue Reading

• How can enterprises mitigate IVR security risks?

  Interactive voice response systems can be used by attackers to hack into enterprises. Expert Nick Lewis explains the security risks of IVR systems and how to mitigate them.Continue Reading

• Improve SDN security with a proper risk management plan

  Enterprise SDN controllers can be vulnerable to attacks, but a proper risk management plan can improve SDN controller security. Judith Myerson explains how to get started.Continue Reading

• Certificate authorities are limited but new TLS versions can help

  SSL/TLS, long the cornerstone of Web security, has become a security vulnerability due to problems with certificate authorities. Learn what solutions the industry is pursuing.Continue Reading

• Are enterprise devices vulnerable to NAT-PMP security threats?

  Network Address Translation - Port Mapping Protocol implementations may cause vulnerabilities on networking devices. Expert Kevin Beaver offers pointers for testing and mitigating such risks.Continue Reading

• Should an OpenSSL-reliant product risk assessment be performed?

  Many organizations are still vulnerable to the Heartbleed flaw. Expert Kevin Beaver explores the merits of an OpenSSL-specific risk assessment.Continue Reading

• What are the security implications of multipath TCP?

  Multipath TCP could soon bring improved redundancy and uptime to a network near you, but what does it mean for network security? Expert Kevin Beaver explains.Continue Reading

• IPv6 extension headers and security: Analyzing the risk

  IPv6 security expert Fernando Gont explains why IPv6 extension headers can inadvertently subvert security controls or foster denial-of-service conditions.Continue Reading

• VoIP vulnerabilities: Can VoIP data exfiltration be prevented?

  Malicious actors can exfiltrate sensitive data over VoIP, creating a security hole for enterprises. Expert Kevin Beaver explains how this attack is carried out and how to protect against it.Continue Reading

• SHA-2 algorithm: The how and why of the transition

  Is it time to make the move to the SHA-2 algorithm? Application security expert Michael Cobb discusses and offers tips to ease the transition.Continue Reading

• Despite OpenSSL security issues, industry needs open source SSL

  SilverSky CTO Andrew Jaquith says despite the recent Heartbleed flaw, the industry will stick with OpenSSL over commercially licensed SSL products. Jaquith also opines on the aftermath of the Target breach.Continue Reading

• Gartner: Nascent SDN security controls pose sizable risk

  A Gartner analyst says SDN security issues abound because of lacking security controls, little interoperability and shaky management features.Continue Reading

• Third-party vendor management security best practices

  Third-party vendor management is important for avoiding incidents like the Target breach. Joseph Granneman offers four must-have security controls.Continue Reading

• Heartbleed response: Tech giants to fund OpenSSL, other projects

  A number of tech giants have pledged financial help to OpenSSL and other open source projects after the Heartbleed bug exposed numerous issues.Continue Reading

• Secure file transfer: Send large files fast, but keep your system safe

  FTP gets big files to colleagues and clients fast, but as the headlines remind us, the threat of electronic break-ins is real. This guide to secure file transfer shows how best to cure that sense of FTP insecurity.Continue Reading

• Four steps to taking the fear out of large file transfers

  Large file transfers don't have to be scary. Learn four key steps to keeping your network secure when big files exit your enterprise.Continue Reading

• Cisco TelePresence vulnerability: Mitigate default credentials issues

  Network security expert Brad Casey discusses how to mitigate the vulnerability found in Cisco's TelePresence system triggered by default credentials.Continue Reading

• Addressing the security vulnerabilities of IPMI-enabled systems

  The Intelligent Platform Management Interface (IPMI) protocol presents a number of security vulnerabilities. Uncover how to mitigate the risks.Continue Reading

• How Cisco's 'Application Centric Infrastructure' differs from SDN

  As Cisco rolls out a hardware-based alternative to software-defined networking approaches, what does it all mean for security?Continue Reading

• SHA-1 to SHA-2: The future of SSL and enterprise application security

  The future of SSL is SHA-2. Security expert Michael Cobb explains why SHA-1 poses an increasing danger and what the transition entails.Continue Reading

• Is FTP malware threatening network port security?

  A diligent enterprise must watch for FTP attacks over non-standard ports, says network security expert Brad Casey.Continue Reading

• How key MDM features affect mobile security policy management

  As MDM features become more robust, enterprises must not only look for mature products, but also evolve mobile security policies accordingly.Continue Reading

• Address IPv6 security before your time runs out

  Most networks have partial deployment of IPv6 often without IT realizing it. It’s time to take stock of the security implications before attackers do.Continue Reading

• How to implement firewall policy management with a 5-tuple firewall

  Matt Pascucci explains how to implement firewall policy management for 5-tuple firewalls when ports must be kept open for business reasons.Continue Reading

• BIOS management best practices: BIOS patches and BIOS updates

  Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates.Continue Reading

• Modern security management strategy requires security separation of duties

  Contributor Matthew Pascucci argues that enterprises need security separation of duties to ensure an effective, modern security management strategy.Continue Reading

• Breaches prompt call for certificate authority architecture alternatives

  The breaches of certificate authorities fuel renewed debate for Internet security alternatives.Continue Reading

• VoIP security best practices: Securing communication in the workplace

  VoIP communications can be a great money-saver, but without solid VoIP security best practices, it can introduce new risks.Continue Reading

• IPv6 connectivity: Innovations address IPv6 security concerns

  Researchers at Virginia Tech have created a tool called Moving Target IPv6 Defense in order to address looming IPv6 security issues.Continue Reading

• Cloud migration requires network retooling

  Learn what is required for cloud migration, including retooling of network design and security controls such as encryption and DLP.Continue Reading

• Better methods needed to discover network configuration flaws

  Many network security professionals take the wrong approach when testing their networks, according to one prominent security expert.Continue Reading

• Incident response team best practices

  Do you know how to maximize your incident response management? Expert Lenny Zeltser discuses incident response best practices for policies, maturity and teams in this interivew.Continue Reading

• Secure VoIP tutorial: Understanding VoIP security best practices

  More organizations are choosing to implement VoIP telephony in the enterprise for its cost savings. However, securing the technology comes with its own price tag. This secure VoIP tutorial is a compilation of resources that review VoIP security best...Continue Reading

• FTP security best practices for the enterprise

  FTP is easy and commonly used in the enterprise, but is it secure? Anand Sastry discusses its security shortcomings, best practices for securing FTP in the enterprise and FTP alternatives that may be even more secure.Continue Reading

• HTTP vs. HTTPS: Is digital SSL certificate cost hurting Web security?

  Learn why a digital SSL certificate could be the reason preventing many users from utilizing HTTPS.Continue Reading

• Joining security information management systems with identity management systems boosts security

  Integrating security information management systems with identity management systems ties policy violations and vulnerabilities to user activityContinue Reading

• Can secure FTP services protect sensitive data from hackers?

  Does secure FTP services protect against hackers and attacks? In this expert response, Michael Cobb explains why using a secure FTP service is vital for handling sensitive data transfers.Continue Reading

• How to test IPv6 infrastructures

  In this expert response, Michael Cobb explains why you should definitely test your IPv6 infrastructure sometime this year.Continue Reading

• DNSSEC deployments gain momentum since Kaminsky DNS bug

  DNSSEC brings PKI to the Domain Name System and prevents dangerous cache poisoning attacks. Implementation difficulties and political battles, however, keep it from going mainstream.Continue Reading

• What is the best operating system for an FTP server implementation?

  When it comes to recommending an operating system for a task such as hosting an FTP server, expert Michael Cobb says it depends on what in-house expertise you have.Continue Reading

• Can DNS be used to support encryption?

  Expert Michael Cobb says it's more likely that encryption will be used to support DNS than the other way around.Continue Reading

• Are open recursive DNS servers inherently insecure?

  Recursion was meant to make the Internet run better, but expert Michael Cobb explains why the willingness of malicious users to abuse open recursive DNS servers has made it part of numerous ongoing threats.Continue Reading

• How to protect DNS servers

  The DNS database is the world's largest distributed database, but unfortunately, DNS was not designed with security in mind. Application security expert Michael Cobb explains how to keep a DNS server from being hijacked.Continue Reading

• Cisco issues CallManager security update

  Security flaws in Cisco CallManager and Unified Communications Manager could be exploited for cross-site scripting and SQL injection attacks, but a security update is available.Continue Reading

• How does SSL 'sit' between the network layer and application layer?

  SSL is neither a network layer protocol nor an application layer protocol. In this SearchSecurity.com Q&A, Michael Cobb explains how SSL "sits" between both layers.Continue Reading

• How to ensure that an SSL connection protects sensitive Web data

  In this expert Q&A, application security pro Michael Cobb explains how to secure sensitive Web site data that is sent across the Internet.Continue Reading

• Is the SANS Top 20 still useful?

  This week in Security Blog Log: Some experts ponder whether the SANS Institute's Top 20 vulnerability list is as valuable than it once was. Others weigh in on the VoIP threat.Continue Reading

• If email attachments are sent via SSL will they be encrypted?

  This application security Ask the Expert Q&A explains what happens to traffic that travels over an SSL connection and details how to keep email messages and attachments secure as they travel to and from email clients and SMTP servers.Continue Reading

• How do we create a restrictive ruleset to manage our TCP ports?

  Learn how implementing stateful inspection firewalls can help network administrators keep tabs on TCP connections in this network security Ask the Expert Q&A.Continue Reading

• Secure Communications

  SSH Communications Security's SSH TectiaContinue Reading

• The pros and cons of FTP over SSL

  Compare and contrast the pros and cons of having hosts send PGP-encrypted files to an existing FTP site against building an ad hoc FTP server using SSL, in this Ask the Expert Q&AContinue Reading

• How FTPS differs from TLS

  Take an indepth look at FTP over SSL, how it works and how it differs from TLS and other protocolsContinue Reading

• The future of Telnet and FTP

  In this Ask the Expert Q&A, our application security expert discusses what he believes what will happen to the Telnet and FTP application layer protocols as the industry prepares for the future.Continue Reading

• Ping: Phil Zimmerman

  Phil ZimmermanContinue Reading

• Snapping on SNMPv3

  The ubiquitous management protocol is more secure, but upgrading isn't simple.Continue Reading

• SSHv2: Safe & Secure

  The overhauled encryption protocol helps harden networks.Continue Reading

• Rising demand for IP address management appliances

  Because DNS is becoming a larger attack vector, appliances that manage IP addresses will grow more prominent, Burton Group said.Continue Reading

• Identifying VoIP phone security risks, attacks

  If the VoIP phone keeps ringing, it's probably spam.Continue Reading

• The self-defending network: Is it real technology or market speak?

  Cisco and other security vendors are touting the "self-defending" network. Is it real technology or market-speak?Continue Reading

• Using control change management to improve attack resistance

  Learn how control change management can free your enterprise from the "widget mentality" -- and ensure better attack resistance.Continue Reading

• Proactive security: Make offense your best defense

  Information Security editorial director Andrew Briney outlines three measures that will help enterprises turn their reactive security into proactive security.Continue Reading

• IPSec best practices to secure IP-based storage systems

  Learn the security challenges associated with IP-based storage systems and uncover IPSec best practices to help ensure system safety without sacrificing performance.Continue Reading

• VoIP network security protocols: Is VoIP secure?

  Is your network equal to the task? Are you willing to risk exposing data and voice on the Internet?Continue Reading

• VoIP security: Real-world VoIP implementation best practices

  If you want VoIP security, the pros say do your homework and roll up your sleeves during VoIP implementations.Continue Reading

• Trustworthy computing: Don't compromise security for convenience

  While past actions may prove differently, Microsoft Chairman Bill Gates knows the key to trustworthy computing isn't just about finding and fixing bugs.Continue Reading

• Q&A: Cracking the information security paradigm with Ross Anderson

  Author and cryptography maven Ross Anderson discusses assumptions, admonishes heavy spending and suggests improvements within the information security paradigm.Continue Reading

• Securing Wireless

  Wireless LANs are all the rage -- enterprises are deploying them in record numbers. But, as with most emerging technology, WLAN security is being forsaken for WLAN speed.
  
  In a recent Information Security magazine survey, 94% of respondents ...Continue Reading