Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• How should the ipseccmd.exe tool be used in Windows Vista?

  Ipseccmd is a command-line tool for displaying and managing IPsec policy and filtering rules. Expert Michael Cobb explains how to get the scripting utility to work with Vista. Continue Reading

• Are encrypted Microsoft Word files safer in transit than PDF files?

  In this expert Q&A, Michael Cobb demonstrates how a misconfigured firewall makes it easy for some Microsft Word and PDF files to be sniffed in transit. Continue Reading

• How would you define the responsibilities of a data custodian in a bank?

  Data security is incredibly important for financial institutions, and it's the data custodian's job to make sure that data is safe. Security management expert Mike Rothman explains more. Continue Reading

• Can Trojans and other malware exploit split-tunnel VPNs?

  The beauty of split tunneling is that an enterprise doesn't need to provide the general Internet access point for a VPN user. Mike Chapple, however, also explains why split-tunnel VPNs provide a false sense of security. Continue Reading

• Can a firewall alone effectively block port-scanning activity?

  In this expert response, Mike Chapple reveals which product is the best line of defense against port scanning threats. Continue Reading

• Should an intrusion detection system (IDS) be written using Java?

  There's no reason that you couldn't implement intrusion detection functionality in any higher-level programming language, Java included. Network security expert Mike Chapple, however, explains why Java may not be the best choice.Continue Reading

• Exploit research: Keeping tabs on the hacker underground

  Protecting an organization against malicious hackers is a constant challenge, especially when attack methods are constantly evolving. But, according to information security threats expert Ed Skoudis, there are effective methods security pros can use...Continue Reading

• The forensics mindset: Making life easier for investigators

  Eventually every enterprise suffers an incident, and a little preparation now can make all the difference when an event occurs. In this tip, contributor Mike Rothman explains why thinking like an investigator can help security pros develop a ...Continue Reading

• How to lock down USB devices

  USB devices, thumb drives, flash drives -- whatever you call them, portable media present a significant challenge for enterprises, as they enable easier data transport for mobile workers, but are often the cause for catastrophic data leaks. In this ...Continue Reading

• What are the risks of connecting a Web service to an external system via SSL?

  Security pro Joel Dubin discusses the risks associated with SSL connections, and offers advice on how to avoid them.Continue Reading

• What are the dangers of using radio frequency identification (RFID) tags?

  In this expert response, Joel Dubin discusses the dangers associated with radio frequency identification (RFID) tags, and how users can protect themselves.Continue Reading

• Biometrics vs. biostatistics

  In this expert response, Joel Dubin examines the differences between biometrics and biostatistics.Continue Reading

• Basel II's impact on information security

  Managing risk is a constant pain point at financial institutions. Regulations, like Basel II, can help. This tip explains how.Continue Reading

• Preventing employees from using a proxy to visit blocked sites

  P2P blocking can be difficult; smart blocking tools can help.Continue Reading

• What software development practices prevent input validation attacks?

  Improper input validation leads to numerous kinds of attacks, including cross-site scripting, SQL injection and command injection. In this expert Q&A, Michael Cobb reviews the most important application development practices.Continue Reading

• What can be done to block adult images in search engine results?

  What steps can be taken to ensure that children cannot access pornographic images through Google on their school's internet connection? Mike Rothman explains the options and the inherent difficulties.Continue Reading

• Challenges behind operational integration of security and network management

  The integration of security and network operations holds a great deal of promise thanks to today's security information management technology, but there are a number of hurdles to overcome when it's time to flip the switch. Sasan Hamidi outlines the...Continue Reading

• Open source vs. commercial network access control (NAC) products

  There are now a number of free and open source network access control (NAC) products, but how do they stack up against the commercial options? Network professional Mike Chapple reviews the free alternatives, but also warns readers that a "stepping ...Continue Reading

• A security checklist: How to build a solid DMZ

  As part of his monthly response to readers, Mike Chapple provides a list of security add-ons that no DMZ should be without.Continue Reading

• What to consider before opening a port

  Recently, a reader asked network expert Mike Chapple, "What would be the security implications of opening six ports through a firewall?" Chapple reviews what questions need to be addressed before an organization exposes any network ports.Continue Reading

• How to apply ISO 27002 to PCI DSS compliance

  The Payment Card Industry Data Security Standard may be fairly straightforward, but it's lacking in defining the processes that will ultimately lead to PCI DSS compliance. In this tip, expert Richard Mackey explains why the ISO 27002 can not only ...Continue Reading

• How to prevent hack attacks against smart card systems.

  What are smart cards, and how can the security of a smart card itself be maintained?Continue Reading

• IT GRC: Combining disciplines for better enterprise security

  IT governance, risk management and compliance (GRC) is a growing area of information security that isn't clearly defined. In this tip, Forrester Research's Khalid Kark defines the components of IT GRC and offers advice on how CISOs and organizations...Continue Reading

• Secure file copying with WinSCP

  In his latest Downloads column, Scott Sidel examines WinSCP, an open source SFTP and FTP client for Windows. Sidel explains how the tool's optional interfaces, multiple secure authentication mechanisms and strong security features make it a ...Continue Reading

• Social engineering attacks: What we can learn from Kevin Mitnick

  This article provides examples of how to strengthen your organization against social engineering.Continue Reading

• Security awareness training: Stay in, or go out?

  So you've decided you need security awareness training. Now what? In this tip, Joel Dubin offers a primer on in-house vs. outsourced security awareness training, and guidelines to help an organization decide which choice is best for its needs.Continue Reading

• Your physical security budget: Who pays and how much?

  In many organizations, the cost of data center security is a shared expense -- or at least it should be. How much then should you be spending on security and how much of that should be picked up by other business units?Continue Reading

• Ten hacker tricks to exploit SQL Server systems

  SQL Server hackers have a medley of tricks and tools to gain access to your database systems. Learn their techniques and test SQL Server security before they do.Continue Reading

• Firewall redundancy: Deployment scenarios and benefits

  There are, however, several good reasons to deploy multiple firewalls in your organization. Let's take a look at a few scenarios.Continue Reading

• Types of confidential information

  CISSP Thomas Peltier offers guidance on what your information classification policy should address.Continue Reading

• Data leakage detection and prevention

  While corporate data loss is not a new concern, newer technologies are emerging to help combat the threat. In this tip, Joel Dubin advises how to reduce data leaks, reviews products that can identify network vulnerabilities and keep mobile device ...Continue Reading

• Five steps to building information risk management frameworks

  Implementing a successful enterprise risk management plan can be an overwhelming and harrowing process. In order to make the process work, many aspects need to examined, and all business areas need to be hands on. In this tip, contributor Khalid ...Continue Reading

• Developing a patch management policy for third-party applications

  Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from ...Continue Reading

• Phone phishing: The role of VoIP in phishing attacks

  Learn how attackers are using the widespread deployment of low-cost VoIP to leverage phishing attacks and how to protect the enterprise.Continue Reading

• Storage vulnerabilities you can't afford to miss

  In this tip, Keavin Beaver identifies eight common storage security vulnerabilites that are often overlooked and examines why network admins should develop a layered security strategy to protect sensitive data.Continue Reading

• Cleansing an infected mail server

  Learn five measures you can take to when cleaning up a massive email virus infectionContinue Reading

• What are the pros and cons of using stand-alone authentication that is not Active Directory-based?

  Password managment tools other than Active Directory are available, though they may not be the best access control coordinators.Continue Reading

• How can birth certificate fraud and passport fraud be prevented?

  Best practices for preventing birth certificate and passport fraud from expert Mike Rothman.Continue Reading

• Information protection: Using Windows Rights Management Services to secure data

  Keeping confidential information under wraps is paramount in any business, but finding the right mix of tools or techniques is a common challenge. In this tip, contributor Tony Bradley explains how Windows Rights Management Services (WRMS) can help ...Continue Reading

• Does Teredo present security risks to the enterprise?

  Teredo allows internal networks to transition to IPv6, interconnecting them through their NAT devices and across the IPv4 Internet. Ed Skoudis explains why this function isn't as innocent as it seems.Continue Reading

• What security risks do enterprise honeypots pose?

  Honeypots can provide a great deal of insight into an environment's attack activity. However, before implementing them, there are some significant issues that require careful consideration and planning.Continue Reading

• How effective are phishing links that refer to FTP sites?

  The vast majority of phishing emails still include HTTP links, but there has been a recent smattering that refer to FTP sites. In this SearchSecurity.com Q&A, Ed Skoudis explains how to be ready for the malicious messages.Continue Reading

• Should a Java Runtime Environment (JRE) be kept up to date?

  Critical security flaws are often discovered in Java Runtime Environment implementations. Unfortunately, most users don't apply any appropriate patches. Ed Skoudis reveals the security risks posed by a vulnerable JRE.Continue Reading

• Thinking fast-flux: New bait for advanced phishing tactics

  Bot herders haven't made millions of dollars by relying on yesterday's botnet techniques. In fact, the bad guys have found an innovative new way to leverage thousands of drone machines; it's called fast flux, and it makes even the largest botnets ...Continue Reading

• How to conduct an efficient and thorough employee access review

  In order to meet HIPAA and SOX compliance requirements, an employee access review is necessary.Continue Reading

• Will one failed drive corrupt the rest of a RAID-5 array?

  In this expert Q&A, Michael Cobb explains when it is appropriate to keep a RAID-5 array's failed drive online.Continue Reading

• What security issues can arise from unsynchronized system clocks?

  Network administrators don't always pay enough attention to the issues of system clock accuracy and time synchronization. Michael Cobb explains why that can lead to security problems.Continue Reading

• What precautions should be taken if biometric data is compromised?

  In this Q&A, Joel Dubin discusses what precautions to take if corporate biometric data is stolen.Continue Reading

• Is it against HIPAA regulations to display client names?

  Security management expert Mike Rothman discusses the terms of HIPAA, specifically if it is a violation of the act to publicly display client names.Continue Reading

• Getting started on a career in penetration testing

  In this expert response, Mike Rothman offers insight on how to start a career in penetration testing.Continue Reading

• What is Spycar?

  Spycar, still available for free, tests a machine against 17 daggressive spyware-like behaviors. Information security threat expert Ed Skoudis explains the tool and gives a preview of Spycar 2.Continue Reading

• How to prevent hackers from accessing your router security password

  In this Q&A, Joel Dubin unveils the best practices for protecting a router security password from compromise.Continue Reading

• Lessons learned from TJX: Best practices for enterprise wireless encryption

  The TJX data breach revealed all too well the weaknesses of the Wired Equivalent Privacy security model. The retailer's well-documented compromise of more than 94 million credit card numbers proved that intruders can easily take advantage of ...Continue Reading

• Partner access: Balancing security and availability

  Granting business partners access to corporate systems and data is essential to keep business processes on track, but doing so insecurely could mean exposing your enterprise to a plethora of insider threats. In this tip, contributor Joel Dubin ...Continue Reading

• How does identity propagation work?

  In this expert Q&A, Joel Dubin defines identity propagation and explains how it works.Continue Reading

• What is the best way to comply with PCI DSS requirements 9 and 10?

  Security management expert Mike Rothman unveils how corporations can get compliant with PCI DSS guidelines, specifically requirements 9 and 10.Continue Reading

• Comparing proxy servers and packet-filtering firewalls

  In the world of security, judging proxy servers and packet-filtering firewalls together is like comparing apples and oranges. But that won't stop network security expert Mike Chapple from giving such comparisons a try.Continue Reading

• How can root and administrator privileges of different systems be delegated on one account?

  In this expert response, Joel Dubin discusses how corporations can manage "superuser" accounts by delegating root and administrator privileges.Continue Reading

• Preventing spam bots from hijacking an enterprise network

  According to security expert Michael Cobb, the likelihood of your enterprise being compromised by a botnet is not a question of if, but when. In this Messaging Security School tip, Cobb discusses how spammers use botnets to corrupt enterprise ...Continue Reading

• Will FTP ever be a secure way to transfer files?

  A SearchSecurity.com member asks our network security expert Mike Chapple: Is the File Transfer Protocol a secure way to transfer files? As one of his many monthly responses to readers, Chapple reveals a better alternative to FTP.Continue Reading

• Applying PCI DSS to Web application security

  With millions of online credit card transactions taking place each day, Web application security is a critical issue for any enterprise. In this tip, contributor Diana Kelley reviews the key PCI DSS sub-requirements for Web applications, and ...Continue Reading

• Email authentication showdown: IP-based vs. signature-based

  Email has long been a favorite method for malicious hackers looking to launch attacks, and one of the first steps in defending against vicious email threats lies in developing a strong email authentication strategy. In this tip, contributor Noah ...Continue Reading

• Getting the best bargain on network vulnerability scanning

  When it comes to enterprise network analysis, is it best to use a costly commercial vulnerability scanner or a less expensive open source product? In this week's tip, Mike Chapple explains which enterprise assets require the expensive stuff and ...Continue Reading

• Is it a violation of HIPAA to collect consumer Social Security numbers?

  In this expert response, Mike Rothman discusses if collecting consumer SSNs is a HIPAA violation, and unveils how to handle employees that disregard corporate policies.Continue Reading

• Making the case for Web application vulnerability scanners

  If a Web application scanner can find common SQL injection flaws, cross-site scripting vulnerabilities, buffer overflows and dangerous backdoors, then why aren't more enterprises using them? In this tip, Michael Cobb not only examines where the ...Continue Reading

• What are the security risks of a corporate divestiture?

  Security management expert Mike Rothman discusses the data protection issues involved with a corporate divestiture .Continue Reading

• Will enabling Group Policy password settings affect existing user accounts?

  In this expert response, identity management and access control expert Joel Dubin discusses the affect that Active Directory Group Policy password settings can have on user accounts.Continue Reading

• Are challenge-response technologies the best way to stop spam?

  Challenge-response spam technology intercepts incoming emails and sends a challenge to the sender, asking him or her to confirm the message's validity. Though the antispam mechanism has gained popularity, there may be more secure alternatives, says ...Continue Reading

• Screencast: Snort -- Tactics for basic network analysis

  In this exclusive screencast step-by-step demo, Tom Bowers explains how the Snort open source IDS tool works and illustrates how it can help security pros assess network security.Continue Reading

• How to test an e-commerce Web site's security and privacy defenses

  Assessing the security of e-commerce sites means checking up on their associated servers, databases and applications. In this expert response, Michael Cobb explains where to start.Continue Reading

• Is it possible to identify a fake wireless access point?

  A network's identity is easy to fake. If you're looking for proof of a valid access point, Mike Chapple reveals some secure wireless options.Continue Reading

• Using fingerprint door locks in a network environment

  Identity management and access control expert Joel Dubin discusses fingerprint door lock technology, and unveils whether or not they can be controlled through a network.Continue Reading

• Why does Skype connect to so many servers?

  Skype is a peer-to-peer service that uses a distributed network of "supernodes" to facilitate communication throughout the world. But is it safe to have so many "volunteer" connections? Mike Chapple explains.Continue Reading

• Traditional single sign-on (SSO) products versus federated identities

  Identity management and access control expert Joel Dubin discusses the pros and cons of single sign-on products and federated identities.Continue Reading

• What are the dangers of Web-based remote access systems?

  Identity management and access control expert Joel Dubin discusses the security risk associated with using Web-based remote access systems, such as LogMeIn and GoToMyPC.Continue Reading

• Where did the biometric device come from?

  In this expert Q&A, security expert Joel Dubin discusses the history of the biometric device, more specifically the fingerprint reader and scanner.Continue Reading

• What are the best bot detection tools?

  Today, antimalware tools can detect hundreds of different bot variants using signature and heuristic techniques, but they aren't perfect. Ed Skoudis reveals some other options.Continue Reading

• Can fuzzing identify cross-site scripting (XSS) vulnerabilities?

  Fuzzing may find weaknesses in software, but the testing process can't find every flaw. Ed Skoudis explains what other tools are necessary when looking for cross-site scripting vulnerabilities.Continue Reading

• What is an ideal patch management process for small businesses?

  Patch management and testing can be a time-consuming and resource-hungry task. In this expert response, Michael Cobb demonstrates how to streamline the process.Continue Reading

• Can Snort stop application-layer attacks?

  Even though Snort can add an important layer of defense for applications, it won't fix the underlying problem of poorly written ones. Michael Cobb reveals a more efficient technique for patching up XSS and SQL injection vulnerabilities.Continue Reading

• Preparing for uniform resource identifier (URI) exploits

  URIs have always been a user-friendly way to recognize and access Web resources. By crafting malicious URLs and manipulating protocol handlers, however, attackers have devised new attacks that take advantage of the URI's locator functionality. Web ...Continue Reading

• What types of software can help a company perform a security risk assessment?

  Security management expert Mike Rothman unveils what kind of software is on the market to help assist a company in the risk assessment process.Continue Reading

• Is encrypting cookies a PCI DSS requirement?

  Security management expert Mike Rothman discusses whether or not storing sensitive information in the form of a cookie is considered a violation of PCI DSS.Continue Reading

• Complex password compliance requirements made simple

  In order to comply with a number of well-known industry regulations, it's necessary for enterprises to have stringent password management requirements in place. In this tip, expert Joel Dubin reviews the password requirements put forth by key ...Continue Reading

• How should sensitive customer data, such as driver's license information, be handled?

  In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license.Continue Reading

• Choosing from the top PKI products and vendors

  In this expert response, security pro Joel Dubin discusses the best ways to compare PKI products and vendors for enterprise implementation of PKI.Continue Reading

• Does single sign-on (SSO) improve security?

  In this expert response, security pro Joel Dubin discusses the impact that enterprise single sign-on (SSO) can have on a security program.Continue Reading

• What are the pros and cons of using keystroke dynamic-based authentication systems?

  In this SearchSecurity.com Q&A, security pro Joel Dubin discusses the positive and negative aspects of using keystroke dynamic-based authentication systems.Continue Reading

• What mistakes are made when implementing enterprise IAM systems?

  In this SearchSecurity.com Q&A, security expert Joel Dubin unveils the biggest mistakes made by corporations during identity and access management system implementation, and offers advice on how to avoid them.Continue Reading

• What are the best laptop data encryption options?

  When it comes to protecting laptops and hard drives, there are plenty of choices. In this expert Q&A, Michael Cobb lays out some data protection options. And they're not just software-based, either.Continue Reading

• How to keep personally identifiable information out of access logs

  Are there products available that can hide the internal IP addresses recorded in log files? Maybe not, but in this expert Q&A, Michael Cobb reveals which tools can prevent the transfer of personally identifiable information to third parties.Continue Reading

• Can the symmetric encryption algorithm for S/MIME messages be changed?

  Encryption algorithm requirements ensure a base level of interoperability among all S/MIME implementations. Email clients, however, can add additional algorithms, provided they correctly identify which algorithms a particular message uses. Expert ...Continue Reading

• What are the proper procedures for handling a potential insider threat?

  In this SearchSecuity.com Q&A, Mike Rothman discusses how corporations can avoid insider threats by forming an incident response plan and monitoring employee behavior.Continue Reading

• How to avoid dangling pointers: Tiny programming errors leave serious security vulnerabilities

  For years, many have said that there is no practical way to exploit a dangling pointer, a common application programming error. But these software bugs should no longer be thought of as simple quality-assurance problems. Michael Cobb explains how ...Continue Reading

• How expensive are IPsec VPN setup costs?

  Although IPsec VPN tunnels tend to be fairly low maintenance, their setup and maintenance costs can quickly mount, depending on an enterprise's equipment. In this expert Q&A, Mike Chapple reveals how much enterprises can expect to pay on a new ...Continue Reading

• Will iptables screen UDP traffic?

  UDP is a connectionless protocol that can't be screened using strict stateful inspection. However, most modern firewalls, including iptables, treat UDP in the same manner as a connection-oriented protocol. Mike Chapple explains the process in this ...Continue Reading

• Building malware defenses: From rootkits to bootkits

  There's an evolving form of malware on the scene that can silently and maliciously wreak havoc on operating systems. Meet the "bootkit" -- a rootkit variant reminiscent of the old-school boot sector virus. While software exists for rootkit detection...Continue Reading

• Enterprise risk management frameworks: Controls for people, processes, technology

  Once responsibilities and requirements are defined, the next stage in developing a successful risk management framework involves developing controls. As Khalid Kark explains, that includes developing a culture of security, using technology in the ...Continue Reading

• Will deploying VoIP on an 802.1x network create security problems?

  Voice over IP telephony is beginning to replace traditional PBX in the enterprise. In this expert Q&A, Mike Chapple explains how the popular VoIP technology has its own unique security implications.Continue Reading

• Should a router be placed between the firewall and DMZ?

  Modern firewalls have the ability to serve as a router, negating the need of another device on a network. There are exceptions to this router rule, however. Network security expert Mike Chapple explains.Continue Reading