Tips

Tips

• Battling image spam

  The threat environment is changing once again as spammers investigate new technologies in an effort to stay one step ahead of spam filters. Their latest technique: image spam. In this tip, Mike Chapple provides an example of image spam and explains ...  Continue Reading

• Four ways to isolate sensitive servers

  When the security issue arises, a discussion of isolating a sensitive server usually follows. While often impractical, learn four ways to isolate sensitive servers if the need becomes a necessity.  Continue Reading

• Network access control: Compliance enabler or detractor?

  No one technology is a regulatory compliance cure-all, but network access control (NAC) does have its benefits. In this article from Identity and Access Management Security School, guest instructor Mike Rothman outlines the pros and cons of ...  Continue Reading

• Authentication in the real world: Moving from strategy to implementation

  It's a common headache for security administrators. Management wants to roll out a strong authentication system across a heterogeneous IT environment. The biggest challenge is often effectively weaving an authentication plan into diverse directories...  Continue Reading

• Techniques for improving Nmap port scan times

  As we continue our series on using Nmap in the enterprise, SearchSecurity expert Michael Cobb provides commands that will help you adjust your Nmap scan times appropriately -- whether you want Nmap to run slow and quietly, fast and furious, or ...  Continue Reading

• Opera 9: Raising the bar in Web browser war

  In this tip, Michael Cobb reviews the new security features of Opera's latest browser Opera 9 and examines how they've upped the ante in the ongoing browser war.  Continue Reading

• Telecommuting security: Protecting sensitive data inside and out

  The rash of laptop thefts in recent months has brought telecommuting and remote access security to the forefront of many information security professionals' minds. In this tip, Joel Dubin examines the mistakes made in the VA data theft case and ...  Continue Reading

• Avoiding the scourge of DNS amplification attacks

  DNS amplification attacks can generate enough bogus traffic to blow almost anyone off the Internet. Learn how these packet flood attacks work and how to defend your organization.  Continue Reading

• Security and audit resources

  Security and audit resources  Continue Reading

• Introduction to internal IT audits for regulatory compliance

  Internal IT audits can assist an organization in its regulatory compliance efforts by identifying information security weaknesses prior to an external audit. This article serves as an introduction to internal audits for the security practitioner ...  Continue Reading

• Archives and data protection: The important differences

  While the two are both equally important, it's vital that you don't confuse archiving with data protection. Marc Staimer explains their differences.  Continue Reading

• CRLF injection attacks: How they work and what to do about them

  CRLF injection attacks may not be as popular as other application attacks, but they can be just as devastating. Learn how CRLF injection attacks are executed and how to defend your organization against these attacks.  Continue Reading

• Disaster recovery report card: Measuring your company's disaster recovery profile

  Disaster recovery planning is challenging because you don't know what you're planning for or how well your disaster recovery plan will hold up in the face of an emergency. Use this report card to measure your disaster recovery plan and identify ...  Continue Reading

• Nmap: Firewall configuration testing

  This tip, in our Nmap manual series, explains how Nmap can be used to test the effectiveness of a firewall configuration. Learn how to use the open source network mapper to better understand how your firewall handles uninvited traffic and to test ...  Continue Reading

• Email filtering tools and techniques

  Email filtering tools help organizations enforce acceptable use policies, filtering office email and blocking personal email traveling over the corporate network. This tip introduces the two classes of email filtering tools and how to choose the one...  Continue Reading

• Utilizing Active Directory to automate provisioning

  This article focuses on utilizing Active Directory and Group Policy to automate provisioning.  Continue Reading

• Keeping pace with emerging endpoint security technologies

  Vendors have responded to the de-perimeterization of corporate networks with products designed to perform "health checks" of connecting devices, permitting access based on the security status of the endpoint. This article provides an overview of ...  Continue Reading

• Five freeware tools for mitigating network vulnerabilities

  From Nmap to Snort, there are a variety of viable freeware tools available for information security professionals. In this tip, Michael Cobb reviews five freeware tools and explains why he believes they are the best tools in their space.  Continue Reading

• Application logging is critical in detecting hack attacks

  Now that networks are fairly well-protected, attackers are targeting application servers. In this tip, security expert Mike Chapple explains how implementing application layer logging is becoming a crucial addition to every organization's security ...  Continue Reading

• Security policies: Don't be an army of one

  Despite the increasing importance of security policies due to regulations like SOX and HIPAA, information security professionals are often left on their own to develop, implement and enforce information security policies and procedures. This ...  Continue Reading

• Nmap: More port scanning techniques

  In this fifth tip in our Nmap manual, SearchSecurity.com expert Michael Cobb looks at some of the Nmap port scanning techniques that exploit certain idiosyncrasies of specific platforms or protocols in order to better differentiate between open and ...  Continue Reading

• How to configure a server to prevent unauthorized network access

  Learn from other security practitioners as they share ways to configure a network so unauthorized users cannot access files, folders and other sensitive information.  Continue Reading

• PIX firewall configuration from scratch

  Learn how to configure passwords, IP addresses, network address translation (NAT) and basic firewall rules in this tip.  Continue Reading

• Nmap: How to scan ports and services

  Nmap is the ideal tool for performing a simple network inventory or vulnerability assessment. This article offers tips on how to use a Nmap  Continue Reading

• Keystroke dynamics makes BioPassword Internet Edition a viable authentication option

  BioPassword Internet Edition uses keystroke dynamics to authenticate users, eliminating the need for biometric hardware and token management.  Continue Reading

• FISMA essentials for information security practitioners

  This tip provides an overview of the Federal Information Security Management Act (FISMA) and what information security professionals need to do in order to comply.  Continue Reading

• Blocking Web anonymizers in the enterprise

  As Internet privacy concerns continue to proliferate, so does the use of Web anonymizers. While these tools can help you block employee access to certain Web sites, they are also beneficial in helping employees evade your efforts. In this tip, ...  Continue Reading

• An introduction to Active Directory Federation Services

  Brien M. Posey discusses key features of Microsofts's Active Directory Federation Services and how it works.  Continue Reading

• Security concerns of extended schema in Active Directory

  The Active Directory default schema can be changed if needed. The presence of third-party products that do this can complicate the issue, especially when security is concerned.  Continue Reading

• Strategic IT planning for compliance and beyond

  Regulatory compliance places demands on corporate businesses, but regulations like HIPAA, GLBA and SOX also provide an opportunity for strategic IT planning across the entire business. This article tells you how.  Continue Reading

• How to install and configure Nmap on Linux

  Get tips on how to install and configure Nmap on Linux in an enterprise network environment.  Continue Reading

• Preventing blind SQL injection attacks

  Most security professionals know what SQL injection attacks are and how to protect their Web applications against them. But, they may not know that their preventative measures may be leaving their applications open to blind SQL injection attacks. ...  Continue Reading

• Out-of-office messages: A security hazard?

  Automatically generated out-of-office messages, like the kind created by Microsoft Outlook, have come under scrutiny as a possible security hazard for a number of reasons. Should organizations prohibit the use of out-of-office messages? Serdar ...  Continue Reading

• Extranet security strategy considerations

  Extranets can be beneficial for conducting e-commerce, but if they aren't properly secured, they can pose serious risks to you, your business partners and customers. In this tip, our network security expert, Mike Chapple, provides four tactics for ...  Continue Reading

• IIS security: Configure Web server permissions for better access control

  Updating user access controls as business portfolios expand can help protect confidential data. Learn how to secure user access controls and keep your greatest asset under lock and key by configuring IIS Web server permissions, in this tip by ...  Continue Reading

• How to install and configure Nmap for Windows

  In this second installment of our Nmap Technical Manual, SearchSecurity expert Michael Cobb offers pointers on how to install and configure Nmap for Windows.  Continue Reading

• Skype: Its dangers and how to protect against them

  Skype may be free for end users but it could be costing your enterprise its security. This tip outlines the free VoIP solution's security risks and offers tips for keeping Skype off of the network.  Continue Reading

• SOX compliance: Building a directory services model for adequate access controls

  Using meta-directories for authentication and access control puts data at risk, but they can be useful in obtaining the granular control of service directories required for compliance.  Continue Reading

• Nmap: A valuable open source tool for network security

  Open source tool Nmap is a popular choice amongst hackers and security pros alike for network mapping, port-scanning and testing for network vulnerabilities.  Continue Reading

• How to recover your network after a security breach

  For SMBs that don't have a budget to invest in a full-scale network management system, recovering from a security breach requires more work from the IT staff than just pressing a few buttons. In this tip, Tom Lancaster pinpoints the five most ...  Continue Reading

• SSO: Strong authentication in enterprise deployments

  By understanding the right amount of protection required, security pros can ensure SSO improves productivity, saves money and, most importantly, protects corporate information.  Continue Reading

• How to protect your company against cybercrime

  Thanks to the Internet's inherent anonymity, widespread reach and disjointed law enforcement status, cybercriminals have a lot to gain -- and enterprises have a lot to lose. In this tip, SearchSecurity expert and malware guru Ed Skoudis describes ...  Continue Reading

• Access security with KoolSpan's SecurEdge

  Information Security magazine's technical editor Brent Huston reviews KoolSpan's SecurEdge.  Continue Reading

• NetChk Protect 5.5

  Information Security magazine's contributing editor, Wayne Rash , reviews Shavlik Technologies NetChk Protect 5.5  Continue Reading

• Regulatory compliance: Sun shines on SB-1386

  This case study reveals how Michelle Dennedy, Sun Microsystems chief privacy officer, tackled SB-1386 compliance by making it part of the corporate culture.  Continue Reading

• Compliance Q&A: Myths, mistakes and management advice

  Keeping organizations continuously compliant with multiple complex and ever-changing regulatory requirements remains a challenge for many infosec pros. But if they don't shape up now, it's only going to get worse. In this interview, Rebecca Herold, ...  Continue Reading

• HTTP attacks: Strategies for prevention

  Examine how hackers manipulate HTTP requests to solicit an attack, and learn various guidelines developers should follow to mitigate this threat.  Continue Reading

• Achieving network security with tomorrow's antivirus tools

  Learn about antivirus from an intelligence/technology perspective and offers best practices for simple file-type blocking, and the implementation of heuristic- and reputation-based antivirus tools.  Continue Reading

• The key technologies in a network perimeter intrusion defense strategy

  This article lays the groundwork for future discussions of intrusion defense. Joel Snyder introduces technologies that act as strong network perimeter defenses.  Continue Reading

• Pen testing your VPN

  Your VPN is a vital gateway into your network for your company's road warriors, telecommuters and other remote users. Unfortunately, it's also a gateway for the less-than-scrupulous predators prowling the Internet for access to your network. This ...  Continue Reading

• Ariel view: Vulnerability management (part 2)

  Vulnerability management tools provide a realistic picture of the enterprise, where vulnerabilities are viewed in the context of the IT landscape.  Continue Reading

• Google Desktop gets scarier

  As if the threats posed by Google Desktop weren't enough, Google's latest release is chock-full of new dangers -- especially to enterprises. In this tip, security guru Mike Chapple reviews Google Desktop 3 and its "Search Across Computers" feature, ...  Continue Reading

• How to conduct a risk analysis

  In this installment of the Risk Management Guide, Shon Harris provides step-by-step instructions on conducting a risk analysis.  Continue Reading

• How to define an acceptable level of risk

  Even though management is responsible for defining an organization's acceptable level of risk, the security practitioner should understand the process and be able to illustrate to management how underlining security threats can negatively affect ...  Continue Reading

• How to deal with risk

  In this installment of the Risk Management Guide, Shon Harris explains the four ways to deal with identified risk: transfer it, avoid it, reduce it or accept it.  Continue Reading

• Information risk management: Defining the scope, methodology and tools

  In this installment of the Risk Management Guide, Shon Harris explains the importance of defining the scope of the IRM team's responsibilities, the difference between qualitative and quantitative risk analysis and the tools used to carry out risk ...  Continue Reading

• Understanding risk

  In this installment of the Risk Management Guide, contributor Shon Harris explains what risk is and clarifies the differences between risk and vulnerability management.  Continue Reading

• How to implement an effective risk management team

  In this installment of the Risk Management Guide, Shon Harris describes the roles and responsibilities of an information risk management team.  Continue Reading

• Biometrics: Best practices, future trends

  Biometrics products are improving, but they still require careful consideration and planning before implementation. In this tip, ID and access management expert Joel Dubin reviews some best practices and pitfalls to watch out for.  Continue Reading

• How to write an information risk management policy

  In this installment of the Risk Management Guide, Shon Harris describes the contents of a risk management policy and provides a sample policy template.  Continue Reading

• Defining adequate security controls

  Because of the changing nature of technology, the language in the Sarbanes-Oxley Act is purposefully vague. This article explores the meaning of adequate security controls and what is required for SOX compliance.  Continue Reading

• Adding 'fudge' to your passwords

  Many end users easily have half a dozen passwords to access the various Web apps they need to do their jobs. With this tip, you can enforce strong password policies -- and allow your users to write down their passwords.  Continue Reading

• Advice from the pros: What infosec newbies need to know

  Security practitioners discuss what you should know about the security industry before embarking on an information security career.  Continue Reading

• Compliance guide for managers: Lessons learned and best decisions

  Compliance guide for managers: Lessons learned and best decisions  Continue Reading

• Designing a DMZ using iptables

  In this tip, excerpted from ITKnowledge Exchange, security practitioners share strategies used to design a demilitarized zone using iptables.  Continue Reading

• Become compliant -- without breaking the bank

  Re-use your existing tools to meet regulatory demands.  Continue Reading

• Become compliant – without breaking the bank, part 2

  Re-use your existing tools to meet regulatory demands.  Continue Reading

• Securing the internal Windows network

  Hardening your Windows network from the outside is a good idea but don't forget to watch out for internal threats. This to-do list shows how to secure your Windows network from within.  Continue Reading

• Creating secure passwords you don't have to remember

  It's easy to tell users to create strong passwords, but hard to get them to do it. And when they do, it's common to see them written on a sticky note attached to someone's monitor. So what's the answer? It might be an online application that ...  Continue Reading

• Spear phishing: Don't be a target

  Hackers are beginning to use targeted attacks to exploit network vulnerabilities. In this tip, Al Berg introduces a specific targeted attack, spear phishing, and provides tactics information security practitioners can use to protect their ...  Continue Reading

• Ten dos and don'ts for secure coding

  Security practitioners should understand how developers introduce security vulnerabilities into applications and work to support the developers in improving code quality and security. Encouragement and support for improvement must be a fundamental ...  Continue Reading

• Best practices for pen testing Web applications

  Performing a Web application penetration test can gauge how well your Web application can withstand an attack. In this tip, platform security expert Michael Cobb provides best practices for performing Web application pen test.  Continue Reading

• Know your wireless encryption options

  Understanding wireless encryption is essential to deploying a secure wireless network. Contributor Tony Bradley breaks down the different encryption methods and explains why some are better than others.  Continue Reading

• Protect your business from a Google hack

  Learn how to use advanced operators, special searching techniques offered by Google that enable advanced queries, to discover if your company's sensitive security information is exposed on the Internet before a black hat does. This tip offers a ...  Continue Reading

• Six steps to beating backup server hacks

  Are your backup servers also backdoor servers? If you're not specifically addressing their vulnerabilities, they just might be. In this tip, W. Curtis Preston looks at the security issues behind backup servers and offers a quick list of things you ...  Continue Reading

• What to do when you've been hacked

  Network hacking attacks are more common that most of us would like to admit. In the second installment of his series on managing secure networks, Michael Gregg looks at six questions you need to ask of your organization if you've been hacked, and ...  Continue Reading

• Checklist: What to do when you've been hacked

  Network hacking attacks are more common than most of us would like to admit. In this tip, SearchSecurity.com's network security Michael Gregg guru outlines six questions you should ask of your organization if you've been hacked, and provides ...  Continue Reading

• What's new in the revision of ISO 17799

  SearchSecurity expert Michael Cobb outlines the latest changes to the ISO 17799 standard.  Continue Reading

• 2006 Products of the Year: Intrusion prevention

  We asked. You answered. Here are our readers' choices for best intrusion prevention products of the year.  Continue Reading

• 2006 Products of the Year: Identity and access management

  Information Security magazine and SearchSecurity.com asked readers to select the best identity and access management products of 2006. Readers selected from Web SSO, provisioning, directories and password management tools. Find out which products ...  Continue Reading

• 2006 Products of the Year: Authentication

  Information Security and SearchSecurity surveyed readers to identify the best authentication products of 2006. The winners are . . .  Continue Reading

• 2006 Products of the Year: Wireless

  Information Security magazine and SearchSecurity.com asked their readers to chose the best wireless products. Here's what you told us.  Continue Reading

• 2006 Products of the Year: Emerging Technologies

  Information Security magazine and SearchSecurity.com readers chose the top three emerging technologies for 2006.  Continue Reading

• 2006 Products of the Year: Network security management

  Information Security magazine and SearchSecurity.com readers voted for their favorite network security management products. Here are the winners.  Continue Reading

• 2006 Products of the Year: Intrusion detection

  Information Security and SearchSecurity.com surveyed readers to identify the top three intrusion detection products of 2006.  Continue Reading

• 2006 Products of the Year: Antispyware

  Information Security and SearchSecurity readers selected the best desktop and gateway enterprise antispyware products of 2006.  Continue Reading

• 2006 Products of the Year: E-mail security

  Information Security magazine and SearchSecurity.com readers selected the top three e-mail security products of 2006.  Continue Reading

• 2006 Products of the Year: Remote access

  Information Security magazine and SearchSecurity.com surveyed their readers to identify the best products of 2006. Here are your choices for remote access solutions.  Continue Reading

• Automate SQL injection testing

  Manual testing for SQL injection requires much effort with little guarantee that you'll find every vulnerability. Instead, run automated SQL injection tests. In this tip, security guru Kevin Beaver shows you how.  Continue Reading

• Checklist: 11 things to do after a hack

  Your network's been cracked, what do you do next? Contributor Jonathan Hassell recommends following these eleven steps to limit damage and preserve evidence.  Continue Reading

• Cheat sheet: Access management solutions and their pros and cons

  A cheat sheet of the most common access solutions with a brief description, and their risks and pros and cons to help you choose the solution that is right for your organization.  Continue Reading

• Simplifying Nessus security scans with a spreadsheet model

  In this tip, expert George Wrenn explains how to divide networks into small, manageable IP spaces and maintain Nessus data with a spreadsheet model.  Continue Reading

• Nessus vulnerability assessment with the SANS Top 20

  Using the SANS Top 20 in conjunction with Nessus can help you eliminate exposures that give unauthorized privileged access to vulnerable hosts.  Continue Reading

• Secure data transmission methods

  The main purpose of this tip is to explore secure data transmission options that are available to help meet regulatory and legal requirements.  Continue Reading

• An overview of the risk management process

  In this installment of the Risk Management Guide, Shon Harris provides a 10,000-foot view of the risk management process.  Continue Reading

• How to use IPsec filtering rules to filter network traffic

  Learn how to control what enters and exits your PCs by using IPsec filtering rules to filter particular protocol and port combinations for both inbound and outbound network traffic.  Continue Reading

• RSS: The next malware target?

  A recent report from Trend Micro names RSS as the next likely target for bot worm attacks and predicts feed hijackings will be prevalent with the release of IE 7. In this tip, security expert Mike Chapple explains how RSS could be exploited, and ...  Continue Reading

• Application firewall tips and tricks

  While network firewalls are effective at blocking unwanted communications, they do not provide a complete examination of traffic entering your network. Therefore, adding application-layer firewalls is essential to protecting your network from the ...  Continue Reading

• Seven trends to expect from virus and worm authors in 2006

  This threat monitor tip outlines seven emerging trends among virus and worm writers, explains why it is important to implement enterprise-wide security measures and provides tools and tactics to defend against them.  Continue Reading

• Tips for securing iPods in the enterprise

  Despite the dangers iPods pose to the corporate network, your users may have a legitimate business reason for using them. If you can't ban them outright, here's how you can minimize their risk.  Continue Reading