Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• Microsoft PatchGuard: Locking down the kernel, or locking out security?

  With Microsoft's release of Windows Vista, the software giant locked down the kernel and forced independent security vendors to change the way that they provide antivirus services. So is the OS safer from attacks as a result? Contributor Tony ... Continue Reading

• Should iPhone email be sent without SSL encryption?

  SSL encrypts all of the communication between your iPhone and your mail server. Network security expert Mike Chapple explains how important that feature really is. Continue Reading

• Worst practices: Learning from bad security tips

  In this tip, information security threats expert Ed Skoudis exposes some bad security practices, highlights the common and dangerous misconceptions held by security personnel, and offers insight on how corporations can learn from others' mistakes. Continue Reading

• The ins and outs of database encryption

  While pundits and gurus may say the "easy" data protection option is for an enterprise to encrypt its entire database, the truth is it's much harder than many realize. In this tip, database security expert Rich Mogull examines the two primary use ... Continue Reading

• What are the possible benefits of microchip implants and RFID tags for employees?

  Though it may seem like a good idea to mark employees in high risk areas with implants or RFID tags, there are some serious security concerns to take into account. Continue Reading

• GLBA risk assessment steps to success

  GLBA requires financial firms to protect their data from anticipated risks. How can those risks be determined? Follow these steps to perform a risk assessment at your financial organization.Continue Reading

• Worst practices: Bad security incidents to avoid

  Some of information security's worst practices are just best practices ignored. And those guilty of today's big infosec mistakes range from chief security officers to network firewall managers to security staffs at giant financial firms and ...Continue Reading

• Which is a more secure data access technology: SPAN or TAP?

  When monitoring traffic on a network, which is the best tool to use? Network security expert Mike Chapple gives advice.Continue Reading

• Which operating system can best secure an FTP site?

  In this expert Q&A, platform security expert Michael Cobb explains how a secure FTP protocol can improve websites and Web services.Continue Reading

• Should a domain controller be placed within the DMZ?

  When creating an Active Directory network, is it necessary to place domain controllers in the DMZ? Network security expert Mike Chapple explains.Continue Reading

• What are the dangers of cross-site request forgery attacks (CSRF)?

  Ed Skoudis defines the threats posed by cross-site request forgery attacks (CSRF), and explains how they are similar and different from cross-site scripting attacks.Continue Reading

• Testing for client-side vulnerabilities

  Client-side vulnerabilities have become a common target of attacks. Financial organizations must keep up by assessing their exposure to such threats. This tip offers three methods for testing your exposure.Continue Reading

• What ports should be opened and closed when IPsec filters are used?

  In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to set up separate branch IPsec filters that connect with a head office.Continue Reading

• Is Triple DES a more secure encryption scheme than DUKPT?

  Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions.Continue Reading

• Failure mode and effects analysis: Process and system risk assessment

  Information security pros are always trying to assess which systems and processes pose the greatest risk to an organization. In this tip, Gideon T. Rasmussen explains how the failure mode and effects analysis (FMEA) methodology can help quantify the...Continue Reading

• If one server in a DMZ network gets attacked from outside, will the other servers be corrupted?

  An attack to a DMZ server is a big security risk. But does it necessarily mean that other servers are infected? Network security expert Mike Chapple weighs in.Continue Reading

• Google hacking exposes a world of security flaws

  In this tip, contributor Scott Sidel examines Goolag, a open source security tool that assists security pros in finding flaws in websites through Google hacking.Continue Reading

• What is the purpose of RFID identification?

  RFID identification can be used to keep track of everything from credit cards to livestock. But what security risks are involved?Continue Reading

• Encryption methods for financial organizations

  Extreme encryption often comes with penalties. So how do you determine what type of encryption to use? Storage expert Deni Connor explores three methods in this tip.Continue Reading

• Intrusion detection system deployment recommendations

  Before you take the time and effort to deploy an IDS, consider this advice.Continue Reading

• Phased NAC deployment for compliance and policy enforcement

  Thinking about NAC? You're not alone. Many organizations are taking a new look at the latest generation of network access control tools, with the hopes of mapping security policy requirements to technical controls. For those about to take the NAC ...Continue Reading

• How to secure an FTP connection

  Network security expert Mike Chapple offers three tips that enable an FTP connection without opening up an enterprise to security risks.Continue Reading

• Web scanning and reporting best practices

  Implementing a solid Web scanning routine is a key way to avoid corporate Web application attacks. And with industry requirements such as PCI DSS, performing vulnerability scans are also required to stay compliant. In this tip, contributor Joel ...Continue Reading

• DMVPN configuration: Should a firewall be between router and Internet?

  Cisco's Dynamic Multipoint VPN (DMVPN) product allows the configuration of site-to-site VPNs across WAN connections. Security expert Mike Chapple explains how a firewall fits into this particular network setup.Continue Reading

• Two-tier distributed systems vs. three-tier distributed systems

  Mike Rothman discusses the pros and cons of using two-tier distribution systems vs. thee-tier distributed systems.Continue Reading

• Is centralized logging worth all the effort?

  Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure.Continue Reading

• What are the pros and cons of shaping P2P packets?

  Packet shaping, a technique used to control computer network traffic, really isn't a security issue; it's a policy matter, says network expert Mike Chapple. Learn why, in this SearchSecurity.com Q&A.Continue Reading

• Does SOX provision email archiving?

  Although SOX may lack specificity regarding certain controls, it does have clear mandates for email retention.Continue Reading

• Built-in Windows commands to determine if a system has been hacked

  In this tip, contributor Ed Skoudis identifies five of the most useful Windows command-line tools for machine analysis and discusses how they can assist administrators in determining if a machine has been hacked.Continue Reading

• How would you meet PCI requirement 2.3 when it comes to terminal service or RDP sessions?

  What's the best way to comply with PCI DSS without having to create a secure IPsec tunnel with every connection to critical systems? Security management expert Mike Rothman gives his advice.Continue Reading

• What techniques are being used to hack smart cards?

  Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers.Continue Reading

• How secure is online banking today?

  Most banks take the security of their online services seriously. In this expert Q&A, Michael Cobb explains why online banking is relatively safe -- with the exception of one particular mistake.Continue Reading

• How to protect DNS servers

  The DNS database is the world's largest distributed database, but unfortunately, DNS was not designed with security in mind. Application security expert Michael Cobb explains how to keep a DNS server from being hijacked.Continue Reading

• How should the ipseccmd.exe tool be used in Windows Vista?

  Ipseccmd is a command-line tool for displaying and managing IPsec policy and filtering rules. Expert Michael Cobb explains how to get the scripting utility to work with Vista.Continue Reading

• Are encrypted Microsoft Word files safer in transit than PDF files?

  In this expert Q&A, Michael Cobb demonstrates how a misconfigured firewall makes it easy for some Microsft Word and PDF files to be sniffed in transit.Continue Reading

• Data loss prevention (DLP) tools: The new way to prevent identity theft?

  Despite advances in perimeter technologies, data theft has become common in today's enterprises. To protect their confidential information, some security professionals are turning to an emerging technology category: data loss prevention. But don't ...Continue Reading

• How would you define the responsibilities of a data custodian in a bank?

  Data security is incredibly important for financial institutions, and it's the data custodian's job to make sure that data is safe. Security management expert Mike Rothman explains more.Continue Reading

• Can Trojans and other malware exploit split-tunnel VPNs?

  The beauty of split tunneling is that an enterprise doesn't need to provide the general Internet access point for a VPN user. Mike Chapple, however, also explains why split-tunnel VPNs provide a false sense of security.Continue Reading

• Can a firewall alone effectively block port-scanning activity?

  In this expert response, Mike Chapple reveals which product is the best line of defense against port scanning threats.Continue Reading

• Should an intrusion detection system (IDS) be written using Java?

  There's no reason that you couldn't implement intrusion detection functionality in any higher-level programming language, Java included. Network security expert Mike Chapple, however, explains why Java may not be the best choice.Continue Reading

• Exploit research: Keeping tabs on the hacker underground

  Protecting an organization against malicious hackers is a constant challenge, especially when attack methods are constantly evolving. But, according to information security threats expert Ed Skoudis, there are effective methods security pros can use...Continue Reading

• The forensics mindset: Making life easier for investigators

  Eventually every enterprise suffers an incident, and a little preparation now can make all the difference when an event occurs. In this tip, contributor Mike Rothman explains why thinking like an investigator can help security pros develop a ...Continue Reading

• How to lock down USB devices

  USB devices, thumb drives, flash drives -- whatever you call them, portable media present a significant challenge for enterprises, as they enable easier data transport for mobile workers, but are often the cause for catastrophic data leaks. In this ...Continue Reading

• What are the risks of connecting a Web service to an external system via SSL?

  Security pro Joel Dubin discusses the risks associated with SSL connections, and offers advice on how to avoid them.Continue Reading

• What are the dangers of using radio frequency identification (RFID) tags?

  In this expert response, Joel Dubin discusses the dangers associated with radio frequency identification (RFID) tags, and how users can protect themselves.Continue Reading

• Biometrics vs. biostatistics

  In this expert response, Joel Dubin examines the differences between biometrics and biostatistics.Continue Reading

• Basel II's impact on information security

  Managing risk is a constant pain point at financial institutions. Regulations, like Basel II, can help. This tip explains how.Continue Reading

• How to store and secure credit card numbers on the LAN

  How do small companies typically store credit card numbers on their LANs? Joel Dubin comments.Continue Reading

• Preventing employees from using a proxy to visit blocked sites

  P2P blocking can be difficult; smart blocking tools can help.Continue Reading

• What software development practices prevent input validation attacks?

  Improper input validation leads to numerous kinds of attacks, including cross-site scripting, SQL injection and command injection. In this expert Q&A, Michael Cobb reviews the most important application development practices.Continue Reading

• How are biometric signatures more than a fingerprint scanner?

  How secure are biometric signatures, and what's the best way to keep them from being defeated? Identity and access management expert Joel Dubin explains.Continue Reading

• Data loss prevention from the inside out

  Corporate information loss can often be credited to a company's internal organization, or lack thereof. In other words, in order to prevent data leakage, corporations must not only eliminate external threats, but also internal processes that could ...Continue Reading

• What can be done to block adult images in search engine results?

  What steps can be taken to ensure that children cannot access pornographic images through Google on their school's internet connection? Mike Rothman explains the options and the inherent difficulties.Continue Reading

• Challenges behind operational integration of security and network management

  The integration of security and network operations holds a great deal of promise thanks to today's security information management technology, but there are a number of hurdles to overcome when it's time to flip the switch. Sasan Hamidi outlines the...Continue Reading

• Open source vs. commercial network access control (NAC) products

  There are now a number of free and open source network access control (NAC) products, but how do they stack up against the commercial options? Network professional Mike Chapple reviews the free alternatives, but also warns readers that a "stepping ...Continue Reading

• A security checklist: How to build a solid DMZ

  As part of his monthly response to readers, Mike Chapple provides a list of security add-ons that no DMZ should be without.Continue Reading

• What to consider before opening a port

  Recently, a reader asked network expert Mike Chapple, "What would be the security implications of opening six ports through a firewall?" Chapple reviews what questions need to be addressed before an organization exposes any network ports.Continue Reading

• How to apply ISO 27002 to PCI DSS compliance

  The Payment Card Industry Data Security Standard may be fairly straightforward, but it's lacking in defining the processes that will ultimately lead to PCI DSS compliance. In this tip, expert Richard Mackey explains why the ISO 27002 can not only ...Continue Reading

• How to prevent hack attacks against smart card systems.

  What are smart cards, and how can the security of a smart card itself be maintained?Continue Reading

• IT GRC: Combining disciplines for better enterprise security

  IT governance, risk management and compliance (GRC) is a growing area of information security that isn't clearly defined. In this tip, Forrester Research's Khalid Kark defines the components of IT GRC and offers advice on how CISOs and organizations...Continue Reading

• Secure file copying with WinSCP

  In his latest Downloads column, Scott Sidel examines WinSCP, an open source SFTP and FTP client for Windows. Sidel explains how the tool's optional interfaces, multiple secure authentication mechanisms and strong security features make it a ...Continue Reading

• Social engineering attacks: What we can learn from Kevin Mitnick

  This article provides examples of how to strengthen your organization against social engineering.Continue Reading

• Your physical security budget: Who pays and how much?

  In many organizations, the cost of data center security is a shared expense -- or at least it should be. How much then should you be spending on security and how much of that should be picked up by other business units?Continue Reading

• Security awareness training: Stay in, or go out?

  So you've decided you need security awareness training. Now what? In this tip, Joel Dubin offers a primer on in-house vs. outsourced security awareness training, and guidelines to help an organization decide which choice is best for its needs.Continue Reading

• Ten hacker tricks to exploit SQL Server systems

  SQL Server hackers have a medley of tricks and tools to gain access to your database systems. Learn their techniques and test SQL Server security before they do.Continue Reading

• Firewall redundancy: Deployment scenarios and benefits

  There are, however, several good reasons to deploy multiple firewalls in your organization. Let's take a look at a few scenarios.Continue Reading

• Types of confidential information

  CISSP Thomas Peltier offers guidance on what your information classification policy should address.Continue Reading

• Data leakage detection and prevention

  While corporate data loss is not a new concern, newer technologies are emerging to help combat the threat. In this tip, Joel Dubin advises how to reduce data leaks, reviews products that can identify network vulnerabilities and keep mobile device ...Continue Reading

• Five steps to building information risk management frameworks

  Implementing a successful enterprise risk management plan can be an overwhelming and harrowing process. In order to make the process work, many aspects need to examined, and all business areas need to be hands on. In this tip, contributor Khalid ...Continue Reading

• Cleansing an infected mail server

  Learn five measures you can take to when cleaning up a massive email virus infectionContinue Reading

• Storage vulnerabilities you can't afford to miss

  In this tip, Keavin Beaver identifies eight common storage security vulnerabilites that are often overlooked and examines why network admins should develop a layered security strategy to protect sensitive data.Continue Reading

• Developing a patch management policy for third-party applications

  Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from ...Continue Reading

• Phone phishing: The role of VoIP in phishing attacks

  Learn how attackers are using the widespread deployment of low-cost VoIP to leverage phishing attacks and how to protect the enterprise.Continue Reading

• What are the pros and cons of using stand-alone authentication that is not Active Directory-based?

  Password managment tools other than Active Directory are available, though they may not be the best access control coordinators.Continue Reading

• How can birth certificate fraud and passport fraud be prevented?

  Best practices for preventing birth certificate and passport fraud from expert Mike Rothman.Continue Reading

• Information protection: Using Windows Rights Management Services to secure data

  Keeping confidential information under wraps is paramount in any business, but finding the right mix of tools or techniques is a common challenge. In this tip, contributor Tony Bradley explains how Windows Rights Management Services (WRMS) can help ...Continue Reading

• Does Teredo present security risks to the enterprise?

  Teredo allows internal networks to transition to IPv6, interconnecting them through their NAT devices and across the IPv4 Internet. Ed Skoudis explains why this function isn't as innocent as it seems.Continue Reading

• What security risks do enterprise honeypots pose?

  Honeypots can provide a great deal of insight into an environment's attack activity. However, before implementing them, there are some significant issues that require careful consideration and planning.Continue Reading

• How effective are phishing links that refer to FTP sites?

  The vast majority of phishing emails still include HTTP links, but there has been a recent smattering that refer to FTP sites. In this SearchSecurity.com Q&A, Ed Skoudis explains how to be ready for the malicious messages.Continue Reading

• Should a Java Runtime Environment (JRE) be kept up to date?

  Critical security flaws are often discovered in Java Runtime Environment implementations. Unfortunately, most users don't apply any appropriate patches. Ed Skoudis reveals the security risks posed by a vulnerable JRE.Continue Reading

• Thinking fast-flux: New bait for advanced phishing tactics

  Bot herders haven't made millions of dollars by relying on yesterday's botnet techniques. In fact, the bad guys have found an innovative new way to leverage thousands of drone machines; it's called fast flux, and it makes even the largest botnets ...Continue Reading

• How to conduct an efficient and thorough employee access review

  In order to meet HIPAA and SOX compliance requirements, an employee access review is necessary.Continue Reading

• Will one failed drive corrupt the rest of a RAID-5 array?

  In this expert Q&A, Michael Cobb explains when it is appropriate to keep a RAID-5 array's failed drive online.Continue Reading

• What security issues can arise from unsynchronized system clocks?

  Network administrators don't always pay enough attention to the issues of system clock accuracy and time synchronization. Michael Cobb explains why that can lead to security problems.Continue Reading

• What precautions should be taken if biometric data is compromised?

  In this Q&A, Joel Dubin discusses what precautions to take if corporate biometric data is stolen.Continue Reading

• Is it against HIPAA regulations to display client names?

  Security management expert Mike Rothman discusses the terms of HIPAA, specifically if it is a violation of the act to publicly display client names.Continue Reading

• Getting started on a career in penetration testing

  In this expert response, Mike Rothman offers insight on how to start a career in penetration testing.Continue Reading

• What is Spycar?

  Spycar, still available for free, tests a machine against 17 daggressive spyware-like behaviors. Information security threat expert Ed Skoudis explains the tool and gives a preview of Spycar 2.Continue Reading

• How to prevent hackers from accessing your router security password

  In this Q&A, Joel Dubin unveils the best practices for protecting a router security password from compromise.Continue Reading

• Lessons learned from TJX: Best practices for enterprise wireless encryption

  The TJX data breach revealed all too well the weaknesses of the Wired Equivalent Privacy security model. The retailer's well-documented compromise of more than 94 million credit card numbers proved that intruders can easily take advantage of ...Continue Reading

• Partner access: Balancing security and availability

  Granting business partners access to corporate systems and data is essential to keep business processes on track, but doing so insecurely could mean exposing your enterprise to a plethora of insider threats. In this tip, contributor Joel Dubin ...Continue Reading

• How does identity propagation work?

  In this expert Q&A, Joel Dubin defines identity propagation and explains how it works.Continue Reading

• What is the best way to comply with PCI DSS requirements 9 and 10?

  Security management expert Mike Rothman unveils how corporations can get compliant with PCI DSS guidelines, specifically requirements 9 and 10.Continue Reading

• Comparing proxy servers and packet-filtering firewalls

  In the world of security, judging proxy servers and packet-filtering firewalls together is like comparing apples and oranges. But that won't stop network security expert Mike Chapple from giving such comparisons a try.Continue Reading

• How can root and administrator privileges of different systems be delegated on one account?

  In this expert response, Joel Dubin discusses how corporations can manage "superuser" accounts by delegating root and administrator privileges.Continue Reading

• Preventing spam bots from hijacking an enterprise network

  According to security expert Michael Cobb, the likelihood of your enterprise being compromised by a botnet is not a question of if, but when. In this Messaging Security School tip, Cobb discusses how spammers use botnets to corrupt enterprise ...Continue Reading

• Will FTP ever be a secure way to transfer files?

  A SearchSecurity.com member asks our network security expert Mike Chapple: Is the File Transfer Protocol a secure way to transfer files? As one of his many monthly responses to readers, Chapple reveals a better alternative to FTP.Continue Reading

• Applying PCI DSS to Web application security

  With millions of online credit card transactions taking place each day, Web application security is a critical issue for any enterprise. In this tip, contributor Diana Kelley reviews the key PCI DSS sub-requirements for Web applications, and ...Continue Reading

• Email authentication showdown: IP-based vs. signature-based

  Email has long been a favorite method for malicious hackers looking to launch attacks, and one of the first steps in defending against vicious email threats lies in developing a strong email authentication strategy. In this tip, contributor Noah ...Continue Reading

• Getting the best bargain on network vulnerability scanning

  When it comes to enterprise network analysis, is it best to use a costly commercial vulnerability scanner or a less expensive open source product? In this week's tip, Mike Chapple explains which enterprise assets require the expensive stuff and ...Continue Reading