Problem solve
Get help with specific problems with your technologies, process and projects.
Problem solve
Get help with specific problems with your technologies, process and projects.
Simplify defense-in-depth security with redundant security controls
Synergistic and redundant security controls are a more effective and more realistic defense-in-depth strategy than cashing out on a single line of protection. Continue Reading
Reduce Windows command line scripting risks with least privilege
JP Vossen explains and demonstrates how least privilege can be used to prevent attackers from gaining administrative access when using Windows command line scripting. Continue Reading
Four steps to sound security vulnerability management
If you're bedeviled by swarms of alerts, you can take control by practicing good security vulnerability management with these four steps. Continue Reading
-
How security market needs transformed Network Flight Recorder
Marcus Ranum's Network Flight Recorder was poised as a forensics tool when the market demanded IDSes -- so it adapted accordingly. Continue Reading
Workstation vs. server side security
The differences between AES and DES
Common authentication mechanism for LDAP and IMAP
User authentication mechanisms for Web applications
Certs that don't require experience
Encrypting passwords using COBOL
-
How a virus scanner works
The dangers of open port 139
Enterprise wireless security threats and responses
Prepare your organization for potential wireless security threats by knowing how to respond to each type of issue.Continue Reading
Gateway filtering and server hardening: Security sans user complaints
Incremental changes, including gateway filtering and server hardening, will lead to a tighter security model without provoking too much user backlash.Continue Reading
Enterprise access management products are important, but not easy
Enterprise access management products offer solutions that are anything but plug-and-play. But with enough time and elbow grease, they can become a critical part of your Web access infrastructure.Continue Reading
Network security case study: Inside the Cleveland Clinic
Using a SIM system to monitor information in a DMZ, the Cleveland Clinic provides a network security case study from which others can learn.Continue Reading
Breaking unwanted TCP connections by modifying your route table
This tip will tell you how to inexpensively block unwanted TCP connections.Continue Reading
How to secure a wireless LAN
Periods processing on DoD systems
Risks associated with Reverse-Proxy
Security associated with layers of the OSI model
Sample security policy for end users, part one
Here is the first part of a sample security policy for end users, which can be customized to fit your needs.Continue Reading
The PATRIOT Act and Carnivore: Reasons for concern?
Stephen Mencik introduces the controversial PATRIOT Act and FBI surveillance tool, Carnivore.Continue Reading
Sample security policy for end users, part six
This is the sixth part of a sample security policy for end users that can be customized to fit your needs.Continue Reading
Introduction: How to strengthen authentication procedures
A discussion of strong authentication procedures.Continue Reading
Using NAT rules to map to DMZ
Role and placement of a DMZ on a network
Dedicated vs. host-based firewalls
Firewall protection for remote users
Hardware requirements for implementing a firewall
Scripture-based passwords
Learn how you can use the Bible as a source for passwords in this tip.Continue Reading
Non-dictionary passwords users can remember
Here's a tip for generating creative passwords.Continue Reading
Firewall standards
Passwords with symbols and numbers
This simple tip allows users to secure the password of their choice.Continue Reading
Implementing runtime process integrity checking for Unix & Linux
Theme-related passwords
User Mark Waugh offers this tip for encouraging safe passwords.Continue Reading
Password variations for multiple accounts
Learn to create password variations for multiple accounts with this tip.Continue Reading
Acronym-based passwords
SearchSecurity user Keith Langmead offers this tip for creating secure passwords using acronyms.Continue Reading
User-friendly and secure passwords
This tip offers two methods for creating secure and user-friendly passwords.Continue Reading
Mnemonic-based passwords
SearchSecurity member Mark Farrar offers an alternative method for creating passwords.Continue Reading
Bypassing the firewall
E-mail security issues
Here are some basic precautions to take to keep e-mail secure.Continue Reading
Security standards for outsourcing agreements
Protecting a Web server from external attack
The placement of security solutions on a network
When to use PKI
Firewalls: How to choose what's right for you
A Forrester analyst outlines types of firewalls on the market and deployment strategies for large and small organizations.Continue Reading
Pattern-based passwords: Easy to remember non-dictionary-based passwords
Here is a tip on how to generate passwords that are not found in the dictionary and are easy to remember.Continue Reading
Frame relay vs. VPNs
Turning off port 1080
Bucket Brigade
This week's Word of the Week is bucket brigade.Continue Reading
Preventative measures for improving data security
When it comes to security, a network administrator's job is never done.Continue Reading
Evolution of the firewall
Viruses & CMOS
SonicWall: Solid as a rock
In this edition of David Strom's Security Tool Shed, David analyzes firewall appliance SonicWall.Continue Reading
Identifying and removing Back Orifice
The difference between a virus and a worm
Generic PKI CA threat model
Listing Kerberos tickets
Use the klist utility to list all tickets in a user's ticket file.Continue Reading
Dynamic Host Configuration Protocol and security
Disabling the option to save a password on Internet Explorer
Employees: Your best defense, or your greatest vulnerability
SearchSecurity advisor Neal O'Farrell addresses employee education in this edition of the Executive Security Briefing.Continue Reading
The difference between a VPN box and Firewall VPN
What makes a good firewall
Implementing SSH
Third party security tools
If security features in Solaris alone aren't enough, try some of these 3rd party tools to secure your systems.Continue Reading
Partition to harden Unix servers
Partitioning can help secure Unix servers. This tip discusses the process.Continue Reading
Netcat: A security jack of all trades?
In this edition of Strom's Security Tool Shed, David Strom evaluates Netcat.Continue Reading
The risks of deploying distributed firewalls
Securing the intranet
Think an internal intranet is secure? This tip details some security issues of intranets.Continue Reading
Eliminate all VBS worms and viruses
SearchSecurity advisor tells Windows users how to eliminate the threat of executing a VBS attachment to an email.Continue Reading
Is Encrypt-o-matic MoJo (powerful magic) or snake oil?
This is for the "Big Iron" folks out there. No, not Heavy Metal. Big Iron!Continue Reading
PKI breaches
Parasite: The word for malware in the new millennium
Read about how one user finds malware to be more parasitic in its behavior than it is under any previous descriptor.Continue Reading
Why not to bother renaming the administrator account
Vulnerabilities in network systems
Application servers feed successful e-commerce
Security architecture for e-business
This tip explores the infrastructure you must put in place for safe e-business.Continue Reading
Firewall configuration
Legal issues associated with logon banners
The pros and cons of using a honeypot
SAP Security: Authentication and single sign-on
Learn about authenticating users for SAP applications in this tip.Continue Reading
Developing security applications with Java
How single sign-on works
Developing a network security policy
The difference between IPSEC and PPTP
Basic security issues
Split tunneling in a VPN environment & the security of 3DES encryption
Preventing unauthorized downloads
Mainframe vs. client server
Where to terminate a VPN
Chief Privacy Officer: High profile, but limited demand
This is a job snapshot of a Chief Privacy Officer.Continue Reading
Web browser buttons
Securing your e-business
This tip is excerpted from an online event that took place this year with Tony Spinelli from esecurityonline.com.Continue Reading
E-business security basics
Author Daniel Amor discusses the components of electronic business security.Continue Reading
Participants in the policy development process
Security considerations when creating a new user account
Security methods vs. technologies
Data integrity and PKI
Sharpen up on your knowledge of data integrity and PKI.Continue Reading
Procedures in preventing threats to information security