Tips

Tips

• How to implement an effective risk management team

  In this installment of the Risk Management Guide, Shon Harris describes the roles and responsibilities of an information risk management team.  Continue Reading

• Information risk management: Defining the scope, methodology and tools

  In this installment of the Risk Management Guide, Shon Harris explains the importance of defining the scope of the IRM team's responsibilities, the difference between qualitative and quantitative risk analysis and the tools used to carry out risk ...  Continue Reading

• How to deal with risk

  In this installment of the Risk Management Guide, Shon Harris explains the four ways to deal with identified risk: transfer it, avoid it, reduce it or accept it.  Continue Reading

• How to conduct a risk analysis

  In this installment of the Risk Management Guide, Shon Harris provides step-by-step instructions on conducting a risk analysis.  Continue Reading

• How to define an acceptable level of risk

  Even though management is responsible for defining an organization's acceptable level of risk, the security practitioner should understand the process and be able to illustrate to management how underlining security threats can negatively affect ...  Continue Reading

• Understanding risk

  In this installment of the Risk Management Guide, contributor Shon Harris explains what risk is and clarifies the differences between risk and vulnerability management.  Continue Reading

• Biometrics: Best practices, future trends

  Biometrics products are improving, but they still require careful consideration and planning before implementation. In this tip, ID and access management expert Joel Dubin reviews some best practices and pitfalls to watch out for.  Continue Reading

• How to write an information risk management policy

  In this installment of the Risk Management Guide, Shon Harris describes the contents of a risk management policy and provides a sample policy template.  Continue Reading

• Defining adequate security controls

  Because of the changing nature of technology, the language in the Sarbanes-Oxley Act is purposefully vague. This article explores the meaning of adequate security controls and what is required for SOX compliance.  Continue Reading

• Designing a DMZ using iptables

  In this tip, excerpted from ITKnowledge Exchange, security practitioners share strategies used to design a demilitarized zone using iptables.  Continue Reading

• Ten dos and don'ts for secure coding

  Security practitioners should understand how developers introduce security vulnerabilities into applications and work to support the developers in improving code quality and security. Encouragement and support for improvement must be a fundamental ...  Continue Reading

• Best practices for pen testing Web applications

  Performing a Web application penetration test can gauge how well your Web application can withstand an attack. In this tip, platform security expert Michael Cobb provides best practices for performing Web application pen test.  Continue Reading

• Protect your business from a Google hack

  Learn how to use advanced operators, special searching techniques offered by Google that enable advanced queries, to discover if your company's sensitive security information is exposed on the Internet before a black hat does. This tip offers a ...  Continue Reading

• What's new in the revision of ISO 17799

  SearchSecurity expert Michael Cobb outlines the latest changes to the ISO 17799 standard.  Continue Reading

• Automate SQL injection testing

  Manual testing for SQL injection requires much effort with little guarantee that you'll find every vulnerability. Instead, run automated SQL injection tests. In this tip, security guru Kevin Beaver shows you how.  Continue Reading

• Checklist: 11 things to do after a hack

  Your network's been cracked, what do you do next? Contributor Jonathan Hassell recommends following these eleven steps to limit damage and preserve evidence.  Continue Reading

• Cheat sheet: Access management solutions and their pros and cons

  A cheat sheet of the most common access solutions with a brief description, and their risks and pros and cons to help you choose the solution that is right for your organization.  Continue Reading

• Simplifying Nessus security scans with a spreadsheet model

  In this tip, expert George Wrenn explains how to divide networks into small, manageable IP spaces and maintain Nessus data with a spreadsheet model.  Continue Reading

• Nessus vulnerability assessment with the SANS Top 20

  Using the SANS Top 20 in conjunction with Nessus can help you eliminate exposures that give unauthorized privileged access to vulnerable hosts.  Continue Reading

• An overview of the risk management process

  In this installment of the Risk Management Guide, Shon Harris provides a 10,000-foot view of the risk management process.  Continue Reading

• How to use IPsec filtering rules to filter network traffic

  Learn how to control what enters and exits your PCs by using IPsec filtering rules to filter particular protocol and port combinations for both inbound and outbound network traffic.  Continue Reading

• RSS: The next malware target?

  A recent report from Trend Micro names RSS as the next likely target for bot worm attacks and predicts feed hijackings will be prevalent with the release of IE 7. In this tip, security expert Mike Chapple explains how RSS could be exploited, and ...  Continue Reading

• Why form fields aren't a good place to hide sensitive information

  Web security guru Michael Cobb, takes an in-depth look at the dangers of HIDDEN form fields, how attackers use them to gain unauthorized entry or hijack sessions, and most importantly, how to secure the information sent in these fields.  Continue Reading

• The 5 A's of functional SAN security

  This tip examines why admins should follow the 5 A's of SAN security: Authentication, access, audits, alarms and availability, to keep their SAN secure.  Continue Reading

• Service-level agreement advantages and disadvantages

  Learn about the advantages and disadvantages of service-level agreements.  Continue Reading

• How to prevent phishing scams and protect customers

  In this tip, Web security guru, Nalneesh Gaur examines how hackers are using phishing scams to exploit financial sectors of the industry, why you should care and what you can do to prevent these attacks.  Continue Reading

• Best practices for managing secure Web server configurations

  In this tip, Michael Cobb, our Web security guru takes an in-depth look at ways to manage securing configurations of multiple Web servers. He explains the process from frequency to documentation and replication.  Continue Reading

• The pros and cons of migrating to Firefox

  Making the switch from Internet Explorer to Firefox isn't a security cure-all. Here are some factors to consider before you change Web browsers.  Continue Reading

• Educate users about security awareness

  User education is one of the hardest security layers for administrators to implement. This article by contributor Tony Bradley provides the top ten things users should know about information security.  Continue Reading

• Block and reroute denial-of-service attacks

  Prevent denial-of-service and distributed denial-of-service attacks from taking down your network by blocking and rerouting DDoS and DoS traffic using honeypots, subnets and intrusion detection and prevention systems.  Continue Reading

• Securing Web apps against authenticated users

  Improve Web site security by securing Web applications from authenticated users and avoiding client-side authentication.  Continue Reading

• IPsec and SSL VPNs: Solving remote access problems

  Learn how to solve remote access problems in this Information Security Decisions presentation by security expert Joel Snyder.  Continue Reading

• How to secure session tokens

  Dos and don'ts for protecting session IDs for users of e-commerce Web sites.  Continue Reading

• How to build a secure network from the ground up

  Receive peer advice on what steps are crucial when building a secure network from the ground up. Also learn what resources are available to guide you through this process.  Continue Reading

• Protect your Web site against path traversal attacks

  How to protect your Web site against path traversal attacks.  Continue Reading

• Auditing firewall activity

  This Firewall Architecture Tutorial tip shows how completing a firewall audit of activity can help in the management of valuable firewall data.  Continue Reading

• How to choose a firewall

  Despite the development and evolution of security technologies, the firewall remains a vital component of any network architecture, and today's organizations have myriad options to choose from. This tip outlines five basic questions you should ask ...  Continue Reading

• Placing systems in a firewall topology

  In this Firewall Architecture Tutorial tip, you will learn a firewall topology for placing firewall systems, such as bastion host, screened subnet and multi-homed firewalls.  Continue Reading

• Choosing the right firewall topology: Bastion host, screened subnet or dual firewalls

  An overview of the three most common firewall topologies, including diagrams of a bastion host, screened subnet and dual firewall architectures.  Continue Reading

• Firewall Architecture Tutorial

  In this Firewall Architecture Tutorial you will learn all aspects of firewall implementation such as how to choose the right type of firewall for your organization, how to choose a firewall topology and how to audit firewall activity.  Continue Reading

• How to prevent the risks of client-side caching

  Problems of client-side caching and tips for developers on using secure cache-control directives.  Continue Reading

• Sizing up e-mail appliances

  Information Security magazine tests four e-mail appliances designed to clear the way for safe messaging. Here's how they measured up.  Continue Reading

• Hercules 4.0 Enterprise Vulnerability Management Suite

  Information Security magazine's contributing editor, James C. Foster , reviews Hercules 4.0 Enterprise Vulnerability Management Suite from Citadel Security Software.  Continue Reading

• SMTP policies help reduce the risk of unauthorized mail servers

  SMTP policies can help protect systems from rogue e-mail servers that clog the network with viruses, malware and spam.  Continue Reading

• Using secure MIME (S/MIME) for securing email

  Secure MIME (S/MIME) and digital certificates offer channel professionals a low-cost way to improve their customers' email security. This tip explains how to implement S/MIME and digital certificates for email encryption.  Continue Reading

• Step-by-Step Guide: Best practices for security patch management

  This step-by-step guide offers best practices on how to deploy a security patch and provides the tools you will need to mitigate the risk of a compromised computer.  Continue Reading

• Security patch testing and deployment phase

  Learn what conditions should be met in the security patch testing phase prior to deployment. Also learn how to deploy a security patch and what methods, tools to use to ensure a predicable rollout.  Continue Reading

• Security patch validation and verification

  Learn about the verification and review phase of the security patch deployment cycle. Learn how these phases help ensure the organizations security patch management procedure is proactive.  Continue Reading

• Web security benchmarks

  Learn how to increase your security posture and what resources are available to security admininstrators who want to quickly ramp up their posture of their protected systems.  Continue Reading

• Security awareness training: How to educate employees about spyware

  Educated end users are a valuable defense in the fight against spyware. Learn how to conduct effective security awareness training and create spyware policies.  Continue Reading

• Acceptable use policies will minimize email risks

  Learn why setting comprehensive email acceptable use policies can help minimize email risks and secure your email applications.  Continue Reading

• Improper error handling

  This tip explains what improper error handling is, how it leads to a variety of application attacks, and what programmers can do to secure their Web applications.  Continue Reading

• Avoid the hazards of unvalidated Web application input

  Learn how unvalidate Web application input works and what programmers can do to secure their Web applications.  Continue Reading

• Phishing: The business risks and strategies for mitigating them

  Understand the business risks posed by phishing attacks and strategies for mitigating them.  Continue Reading

• How to perform a bug sweep

  Learn why many corporations have started to perform bug sweeps or Technical Security Counter Measure (TSCM) operations, and five basic technologies used by TSCM operators.  Continue Reading

• IIS vs. Apache: Which is the right security choice?

  From vulnerabilities to administrator and developer skills, this tip analyzes the risks and benefits to weigh when selecting the right Web server for your organization.  Continue Reading

• Technical college vs. university

  Get peer advice on the pros and cons of attending a technical college vs. a university.  Continue Reading

• Using TLS encryption

  Learn how the TLS protocol can help add an extra layer of security to your e-mail infrastructure, and five steps to implementing TLS on your server.  Continue Reading

• A five-point strategy for secure remote access

  Systems with remote access are not only more difficult to secure, they pose a greater risk to the network than systems that sit behind the corporate firewall. Here are best practices for securing remote access endpoints.  Continue Reading

• How to detect and prevent keylogger attacks

  Learn five tactics for protecting your systems against keylogger attacks.  Continue Reading

• How to limit false positives in IPSes

  Learn five tactics for reducing false positives in intrusion-prevention systems.  Continue Reading

• How to reduce spim

  Learn three tips for reducing unsolicited instant messages.  Continue Reading

• Get ready for IPv6: Five security issues to consider

  Learn about the potential hazards of migrating to IPv6 and how to ensure a smooth transition without jeopardizing your company's security.  Continue Reading

• How to reduce risks with URL filtering

  Learn how to protect your network from threats by controlling the URLs that enter and leave it.  Continue Reading

• Five essentials of a patch management solution

  Learn the key criteria you need to consider when purchasing a patch management solution to ensure it is effective.  Continue Reading

• Demand good proposals: Tips for writing an RFP

  Learn five guidelines that will improve prospects for proposals that actually respond directly to your requirements.  Continue Reading

• Limiting the risk and liability of federated identities

  You'll learn the legal issues involved in federated identity and how to best manage them.  Continue Reading

• How to automatically update Snort rules

  Learn how Oinkmaster can help you automatically update your Snort rules.  Continue Reading

• Popular VLAN attacks and how to avoid them

  Learn how to secure a VLAN from popular attacks such as the VLAN hopping attack.  Continue Reading

• Top five risks of Web-based e-mail

  Learn five specific Web-based e-mail risks and a design strategy for coping with them  Continue Reading

• Layered access control: Six top defenses that work

  Six top strategies and best practices for building layered security in networks.  Continue Reading

• Who's responsible for security? Everyone!

  Learn how to decentralize security responsibility in your organization.  Continue Reading

• Finding an OS for Snort IDS sensors

  JP Vossen offers his advice on choosing an OS for Snort sensors.  Continue Reading

• Where to place IDS network sensors

  JP Vossen explains where to place IDS sensors.  Continue Reading

• How to determine network interface cards for IDS sensors

  In this tip, JP Vossen offers advice about choosing and configuring interfaces for an IDS sensor.  Continue Reading

• Where to find Snort IDS rules

  In this tip, JP Vossen points out the four best places to find Snort rules.  Continue Reading

• How to configure Snort variables

  Learn how to define Snort's configuration variables.  Continue Reading

• Using IDS rules to test Snort

  Here are several methods for testing Snort over the wire to ensure it's working properly in your environment.  Continue Reading

• How to handle network design with switches and segments

  Expert JP Vossen explains how to handle switches and segments in conjunction with network-based IDS.  Continue Reading

• Why Snort makes IDS worth the time and effort

  Open source Snort is a free and powerful alternative to commercial intrusion-detection systems.  Continue Reading

• Modifying and writing custom Snort IDS rules

  Learn more about altering Snort rules.  Continue Reading

• How to identify and monitor network ports after intrusion detection

  What should your next step be after finding an unfamiliar source or destination port on an IDS alert or firewall log? JP Vossen takes you through the process of port analysis.  Continue Reading

• Adware, rootkits and worms: Translating malware speak

  Learn basic translations for common malware terms, including adware, rootkits and worms.  Continue Reading

• How to decipher the Oinkcode for Snort's VRT rules

  Learn how Snort end users can register and download free Snort rules using Oinkcode.  Continue Reading

• Segmenting a LAN to isolate malware

  The disadvantages of segmenting a LAN to isolate a worm or virus, and alternatives for keeping malware off a network.  Continue Reading

• Ten steps to a successful business impact analysis

  What is a business impact analysis, what are the benefits of a BIA and how to conduct one.  Continue Reading

• Beware of DNS blacklisting perils

  The pros and cons of using DNS blacklists for spam mitigation.  Continue Reading

• Introduction to SNMPv3's security functionality

  While SNMP is well established, inherent security gaps were only closed in the latest version of the network protocol, as explained here.  Continue Reading

• How to remove a Trojan downloader

  In this thread from the ITKnowledge Exchange, get tips and learn how to remove a Trojan downloader, how they install themselves, how they spread and how to avoid infecting other machines on a network.  Continue Reading

• Six essential security policies for outsourcing

  Kevin Beaver outlines six essential security policies for dealing with external service providers.  Continue Reading

• How to tell if you've been hacked: Signs of a compromised system

  In this final section in our hacker techniques and tactics series, you will learn how to determine if a hacker has breached your system.  Continue Reading

• Sample e-mail policy template and checklist of concerns

  Kevin Beaver provides a simple template approach for writing e-mail security policies and a checklist of concerns.  Continue Reading

• Wireless security basics: Authentication, encryption for access points

  This section of our hacker techniques and tactics series focuses on implementing wireless security basics to prevent hacker compromise.  Continue Reading

• Effectively enforcing e-mail policies

  In this tip, our policy expert explains how to establish effective e-mail policy enforcement without having to rule with an iron first.  Continue Reading

• Outsourcing IT services: Is it worth the security risk?

  Kevin Beaver examines the risks to consider when contemplating outsourcing your IT services.  Continue Reading

• Roberta Bragg's 10 Windows hardening tips in 10 minutes

  A Windows security expert helps you harden your systems in ten simple steps.  Continue Reading

• Three techniques for measuring information systems risk

  Improve your ability to measure information systems risk with these three techniques.  Continue Reading

• Improving your access request process with system authorization

  This installment in our series on hacker techniques and tactics focuses on streamlining inefficient application and data access requests with system authorization.  Continue Reading

• An introduction to SSH2

  Learn about the differences between SSH1 and SSH2 and why you should consider upgrading.  Continue Reading

• Routing protocol security

  Here are some of the most common attacks directed at routing infrastructures and the steps you can take to mitigate risk.  Continue Reading