WindowSecurity.com Articles & Tutorials Archive

Articles & Tutorials by date (Click here to sort Articles & Tutorials by topic)

2008
[	8	]	January, 2008	[	6	]	February, 2008	[	6	]	March, 2008
[	11	]	April, 2008	[	1	]	May, 2008
2007
[	10	]	January, 2007	[	9	]	February, 2007	[	8	]	March, 2007
[	6	]	April, 2007	[	8	]	May, 2007	[	6	]	June, 2007
[	7	]	July, 2007	[	11	]	August, 2007	[	7	]	September, 2007
[	12	]	October, 2007	[	11	]	November, 2007	[	7	]	December, 2007
2006
[	13	]	January, 2006	[	9	]	February, 2006	[	11	]	March, 2006
[	9	]	April, 2006	[	12	]	May, 2006	[	10	]	June, 2006
[	9	]	July, 2006	[	11	]	August, 2006	[	9	]	September, 2006
[	10	]	October, 2006	[	11	]	November, 2006	[	9	]	December, 2006
2005
[	9	]	January, 2005	[	11	]	February, 2005	[	12	]	March, 2005
[	12	]	April, 2005	[	11	]	May, 2005	[	14	]	June, 2005
[	12	]	July, 2005	[	14	]	August, 2005	[	10	]	September, 2005
[	10	]	October, 2005	[	8	]	November, 2005	[	9	]	December, 2005
2004
[	4	]	January, 2004	[	3	]	February, 2004	[	5	]	March, 2004
[	3	]	April, 2004	[	6	]	May, 2004	[	9	]	June, 2004
[	9	]	July, 2004	[	8	]	August, 2004	[	8	]	September, 2004
[	7	]	October, 2004	[	9	]	November, 2004	[	9	]	December, 2004
2003
[	6	]	January, 2003	[	5	]	February, 2003	[	10	]	March, 2003
[	8	]	April, 2003	[	15	]	May, 2003	[	8	]	June, 2003
[	11	]	July, 2003	[	5	]	August, 2003	[	6	]	September, 2003
[	13	]	October, 2003	[	5	]	November, 2003	[	4	]	December, 2003
2002
[	1	]	March, 2002	[	9	]	April, 2002	[	7	]	June, 2002
[	29	]	July, 2002	[	7	]	August, 2002	[	4	]	September, 2002
[	537	]	October, 2002	[	10	]	November, 2002	[	8	]	December, 2002
2001
[	6	]	February, 2001	[	1	]	May, 2001	[	1	]	October, 2001
2000
[	129	]	February, 2000	[	188	]	April, 2000	[	5	]	September, 2000
[	2	]	December, 2000

Articles & Tutorials for 2006 year

Corporate Wireless Network Defense: Date - Dec 28, 2006; Author - Don Parker; Section - Articles / Wireless Security; How to secure an enterprise wireless network.
Kerry's tips on getting a CCNA II: Date - Dec 27, 2006; Author - Kerry Thompson; Section - Network Security Library / Misc; This article by Kerry Thompson CCNA, CISSP helps provide some helpful information for people studying for their Cisco Certified Network Associate (CCNA) certification.
Managing Windows Vista Group Policy (Part 3): Date - Dec 20, 2006; Author - Jakob H. Heidelberg; Section - Articles / Authentication, Access Control & Encryption; Covers basic troubleshooting, improved stability and Network Location Awareness.
Information Security Educational Resources: Date - Dec 20, 2006; Author - M. E. Kabay; Section - Network Security Library / Misc; This paper by M.E. Kabay, PhD, CISSP a man with years and years of experience, is a great resource for finding educational information to further your studies in the demanding field of information security. With the growing visibility of information security in today’s hacker-beset e-commerce world, many people are becoming interested in careers as information security specialists. All indications are that there aren’t enough people with security knowledge and skills to fill all the open positions; as a result, salaries have been rising steadily in the industry. This article looks at some frequently-asked questions and provides pointers for knowledge-hungry readers. Readers should note that these questions are not necessarily quoted from specific people – some are amalgams of queries from different people. Please open the link below, if you are interested in a career in Information Security, and want to find resources to further your learning.
Issues to look out for during the holiday season: Date - Dec 14, 2006; Author - Andre Muscat; Section - Articles / Misc Network Security; A list of issues to look out for during the upcoming holiday season and beyond.
What are Web Applications?: Date - Dec 13, 2006; Author - Acunetix; Section - Network Security Library / Web Security; A high level view of the typical methods and architectures for deployment of web applications.
Shopping For The Right Ingredients: A Small Grocery List For The Secure Channel: Date - Dec 12, 2006; Author - Justin Troutman; Section - Articles / Authentication, Access Control & Encryption; The requirements needed to design a secure channel centering around AES.
The Lack of WiFi security (Part 2): Date - Dec 06, 2006; Author - Don Parker; Section - Articles / Wireless Security; Tools that collect packets and then break the WEP keys.
What is SQL Injection?: Date - Dec 06, 2006; Author - Acunetix; Section - Network Security Library / Web Security; SQL Injection is a hacking technique which attempts to pass SQL commands through a web application for execution against a backend database.
Managing Windows Vista Group Policy (Part 2): Date - Nov 29, 2006; Author - Jakob H. Heidelberg; Section - Articles / Authentication, Access Control & Encryption; How Multiple Local Group Policy Objects (MLGPO) can make any ‘stand-alone’, or ‘kiosk’, administrator happy.
Why One Virus Engine is Not Enough: Date - Nov 29, 2006; Author - GFI Software; Section - Network Security Library / Anti Virus; Multiple virus engines are needed to reduce time lag between virus outbreak and signature update.
Controlling your Server Service Security using Group Policy: Date - Nov 22, 2006; Author - Derek Melber; Section - Articles / Windows OS Security; A look at the appropriate measures to take to secure the key aspects of your services.
Application Security Assessments: Date - Nov 22, 2006; Author - Gunter Ollmann; Section - Network Security Library / Software Engineering; Discussion of vulnerabilities which may be present within in-house custom applications and how they are dealt with by security professionals.
Tools of the Trade revisited (Part 3): Date - Nov 15, 2006; Author - Don Parker; Section - Articles / Intrusion Detection; A look at how Snort views a tool called Cain & Abel.
The need for effective event management: Date - Nov 15, 2006; Author - GFI Software; Section - Network Security Library / Auditing; Logs and their management are however one of the most important aspects in computer systems management. This white paper shows where GFI EventsManager fits in this picture and how it is an invaluable asset in the corporate toolbox.
Find a career with Dell! The Dell Careers Forum is Open: Date - Nov 10, 2006; Author - The Editor; Section - Site News; Get the latest career opportunities on offer from the Dell EMEA Enterprise Expert Center (EEC) on the new Dell Careers Forum exclusively on WindowSecurity.com. Dell have challenging growth plans for the center and are now seeking ambitious candidates to join them and develop their careers accordingly. More information on how to join Dell within!
Managing Windows Vista Group Policy (Part 1): Date - Nov 09, 2006; Author - Jakob H. Heidelberg; Section - Articles / Authentication, Access Control & Encryption; This article covers Administrative Templates and the Central Store in Windows Vista Group Policy.
Protecting Children on the Internet: Date - Nov 08, 2006; Author - Bradley Morgan; Section - Network Security Library / Content Management; This paper helps give parents an insight on childrens' security while using the Internet.
Computer background processes: Date - Nov 07, 2006; Author - Don Parker; Section - Articles / Misc Network Security; This article shows tools that can be used to view a computer’s background processes.
Best Practices for Security Incident Response: Date - Nov 01, 2006; Author - Kerry Thompson; Section - Network Security Library / Network Security; Are you prepared to make the best decisions and responses to security incidents in your business?
PsTools Suite (Part 1): Date - Oct 25, 2006; Author - Don Parker; Section - Articles / Windows OS Security; This article will focus on the PsTools suite from Sysinternals and how they enhance the command line tools available in Windows.
My Identity Was Stolen Because Of Someone Else's Mistake: Date - Oct 25, 2006; Author - Darren Miller; Section - Network Security Library / Privacy; Although security professionals tend to be more careful about personal information and the protection of computers, it is common to share that information with others. How well will they protect it?
Tools of the Trade revisited (Part 2): Date - Oct 18, 2006; Author - Don Parker; Section - Articles / Intrusion Detection; The first part of this article series looked at how an IDS could possibly detect certain security tools. Covered was a packet sniffer and network scanner. This article continues with the analysis.
The Threat Posed by Portable Storage Devices: Date - Oct 18, 2006; Author - GFI Software; Section - Network Security Library / Network Security; This white paper examines the nature of the threat that portable storage devices present and the counter-measures that organizations can adopt to eliminate them.
The Lack of WiFi Security (Part 1): Date - Oct 11, 2006; Author - Don Parker; Section - Articles / Wireless Security; This article discusses how effective various encryption schemes are and some of the tools used to discover WAP's.
Securing the Finacial Services Firm: Date - Oct 11, 2006; Author - Taceo; Section - Network Security Library / Auth. & Access Control; Firms found in violation of SOX, GLBA, and SEC rules can face stiff fines and potential jail time. The evolution of these government regulations was designed to create a new atmosphere of company accountability and instill a new sense of trust to investors.
TechGenix Proudly Introduces WindowSecurity.com’s New Look!: Date - Oct 10, 2006; Author - The Editor; Section - Site News; WindowSecurity.com recently received a stylish makeover with a totally fresh site design. To celebrate we are offering free WindowSecurity.com t-shirts to our visitors! Read on to find out how you can win.
Hardening Servers with Security Templates: Date - Oct 05, 2006; Author - Derek Melber; Section - Articles / Misc Network Security; This article shows why you need to harden servers with tools like the Windows Security Templates.
Pod Slurping - An easy technique for stealing data: Date - Oct 04, 2006; Author - GFI Software; Section - Network Security Library / Network Security; This white paper explores how the uncontrolled use of portable storage devices such as iPods and USB sticks coupled with data theft techniques such as 'pod slurping', can lead to major security breaches.
Tools of the Trade revisited (Part 1): Date - Oct 03, 2006; Author - Don Parker; Section - Articles / Intrusion Detection; This article series revisits the article series called “Tools of the Trade”. This time however it will be looked at from the IDS’s perspective.
Wireless Network Defense (Part 2): Date - Sep 28, 2006; Author - Don Parker; Section - Articles / Wireless Security; The series continues by discussing how to properly set up a wireless router.
The Layman's Unconventional Guide to the Advanced Encryption Standard (Part 2): Date - Sep 27, 2006; Author - Justin Troutman; Section - Articles / Authentication, Access Control & Encryption; This article looks at the core of Rijndael – the round transformation – which will be broken down into its four steps: SubBytes, ShiftRows, MixColumns, and AddRoundKey.
DNS Amplification Attacks: Date - Sep 27, 2006; Author - Randal Vaughn & Gadi Evron; Section - Network Security Library / Network Security; This paper outlines a Distributed Denial of Service (DDoS) attack which abuses open recursive Domain Name System (DNS) name servers using spoofed UDP packets.
Wireless Network Defense (Part 1): Date - Sep 20, 2006; Author - Don Parker; Section - Articles / Wireless Security; This article discusses the need for security and the relative dangers of a wireless network.
Getting a CISSP: Date - Sep 20, 2006; Author - Kerry Thompson; Section - Network Security Library / Network Security; This is a good article containing tips on getting a Certified Information Systems Security Professional (CISSP)certification.
Implementing Active Directory Delegation of Administration: Date - Sep 13, 2006; Author - Derek Melber; Section - Articles / Authentication, Access Control & Encryption; In this article I will go into the details you need to know on how to implement delegation of administration, as well as some design ideas to get you started.
How Securing Digital Identities and Information Can Help Transform Your Business: Date - Sep 13, 2006; Author - Entrust; Section - Network Security Library / Auth. & Access Control; This paper focuses on how identity and access management solutions can secure digital identities and information in compliance with regulatory guidelines across an extended enterprise.
SPIKE and BURP for real world computer security usage (Part 4): Date - Sep 06, 2006; Author - Don Parker; Section - Articles / Web Server Security; In previous articles we covered the SPIKE HTTP proxy, and how to use it. Well there are many different HTTP proxies out there, and the BURP HTTP proxy is one of the better ones. Choosing an HTTP proxy to use is often a matter of preference.
Analysis of a Suspicious Program: Date - Sep 06, 2006; Author - hakin9; Section - Network Security Library / Misc; We should always think twice before running an unknown program downloaded from the Internet. Of course not every application is dangerous, but it's all too easy to find a malicious program which will exploit our naivety - and that could cost us dearly. Let's see how we can analyse the behaviour of an unknown program before we run it.
Product Review: Active Administrator: Date - Aug 31, 2006; Author - Deb Shinder; Section - Articles / Product Reviews; Active Directory is one of the best and one of the most frustrating components Microsoft has ever given us. Luckily, there are third party tools that can make Active Directory administration easier. We installed the evaluation version of ScriptLogic’s Active Administrator, which is billed as an enterprise-level AD management and auditing solution. Here are our impressions of the product.
The Next Step in the Spam Control War: Grey Listing (Part 2): Date - Aug 30, 2006; Author - Evan Harris; Section - Network Security Library / Anti Spam; Although not very recent, this is an informative paper that proposes a very effective method of enhancing the abilities of mail systems to limit the amount of spam that they receive and deliver to their users. Greylisting is being implemented more frequently these days.
Top 5 Security Settings to Audit: Date - Aug 29, 2006; Author - Derek Melber; Section - Articles / Misc Network Security; In this article we will investigate 5 of the more important security settings that need to be audited to protect your computers at the highest level.
Understanding User Account Control in Vista: Date - Aug 23, 2006; Author - Derek Melber; Section - Articles / Authentication, Access Control & Encryption; In this article I will explain what User Account Control (UAC) is and what it is not.
Would You Hire a Hacker?: Date - Aug 23, 2006; Author - Kerry Thompson; Section - Network Security Library / Network Security; I'm sure that most security professionals have had this question cross their mind, but is hiring a hacker something that makes sense?
Network design and defense: Date - Aug 16, 2006; Author - Don Parker; Section - Articles / Misc Network Security; I have mentioned before that every network has its own quirks and design needs. Due to that, one can only offer generic advice on a network’s security posture. Let’s take a look at a typical network and comment on it.
Identity Lifecycle Process and You (Part 2): Date - Aug 16, 2006; Author - Al Mulnick; Section - Network Security Library / Network Security; What makes up your Identity, and how is that used to provide access within the network? Read Part 2 of this article to learn more.
An Introduction to Microsoft Forefront (Part 2): Date - Aug 09, 2006; Author - Ricky M. Magalhaes; Section - Articles / Misc Network Security; In part two of this series we will cover other parts of the Comprehensive Microsoft Forefront security suite.
Cisco IOS from an Attacker's Point of View: Date - Aug 09, 2006; Author - hakin9; Section - Network Security Library / Network Security; There are many ways an attacker can take control over Cisco network devices, often due to an administrator's lack of knowledge, or negligence. A security vulnerability exploitation that leads to an unauthorized access, or a Denial of Service attack, are just a matter of time.
Scripting and Security (Part 2): Date - Aug 02, 2006; Author - Don Parker; Section - Articles / Windows OS Security; We saw in the first article of this two part series that scripting definitely has a place in the life of the computer security professional. In this second part I shall show how you would modify the earlier script, and cover some command line power tools.
Human Factors in Managing IT Security Systems: Date - Aug 02, 2006; Author - Kerry Thompson; Section - Network Security Library / Auth. & Access Control; It doesn't matter how hard you work or how much you spend on IT Security systems, if you are not ever-vigilant of "the human factor" your systems will still be vulnerable to attack!
Understanding EFS: Date - Jul 27, 2006; Author - Derek Melber; Section - Articles / Authentication, Access Control & Encryption; In this article we will take a look at the new and improved EFS.
The Next Step in the Spam Control War Grey Listing (Part 1): Date - Jul 26, 2006; Author - Evan Harris; Section - Network Security Library / Anti Spam; Although not very recent, this is an informative paper that proposes a very effective method of enhancing the abilities of mail systems to limit the amount of spam that they receive and deliver to their users.
SPIKE and BURP for real world computer security usage (Part 3): Date - Jul 25, 2006; Author - Don Parker; Section - Articles / Web Server Security; This article is the last in a series based on SPIKE the HTTP proxy.
Milking Tucows: The Udder Truth About Cryptographic Software Reviews: Date - Jul 19, 2006; Author - Justin Troutman; Section - Articles / Misc Network Security; It's this piece of writing's duty to inform you of what you can conclude from software reviews, and what you can't.
Identity Lifecycle Process and You (Part 1): Date - Jul 19, 2006; Author - Al Mulnick; Section - Network Security Library / Network Security; What makes up your Identity, and how is that used to provide access within the network?
Scripting and Security (Part 1): Date - Jul 12, 2006; Author - Don Parker; Section - Articles / Windows OS Security; In this article, the first in a two part series, I will give a brief introduction to PERL scripting.
Best Security Practice: Host Naming & URL Conventions: Date - Jul 12, 2006; Author - Gunter Ollmann; Section - Network Security Library / Web Security; An attacker uses many methods to mount a successful attack. How you name your outword facing hosts, and your URL names can make life easier for the attacker.
An Introduction to Microsoft Forefront (Part 1): Date - Jul 05, 2006; Author - Ricky M. Magalhaes; Section - Articles / Misc Network Security; This article will take us through the comprehensive Microsoft Forefront security suite.
Email Armageddon: Date - Jul 05, 2006; Author - Jeff McDermott; Section - Network Security Library / Anti Spam; Are we losing the war against Spam?
Writing Egress Filters for your IDS: Date - Jun 28, 2006; Author - Don Parker; Section - Articles / Intrusion Detection; In this article we will look at ways of discovering system compromises based on outgoing IDS signatures.
To Outsource or Ally - What is the Difference?: Date - Jun 28, 2006; Author - Bradley Morgan; Section - Network Security Library / Managed Security Solutions; A current and increasing trend in business is to engage in relationships with external entities in order to achieve strategic goals or obtain synergistic benefits. Two of the more dominant expressions in modern business literature relating to this intermingling of enterprises are outsourcing and strategic alliance.
The Layman's Unconventional Guide to the Advanced Encryption Standard (Part 1): Date - Jun 23, 2006; Author - Justin Troutman; Section - Articles / Authentication, Access Control & Encryption; An unconventional, elaborate glance at the mathematics behind the Advanced Encryption Standard, geared towards the non-mathematician.
How Will Your Network Be Compromised?: Date - Jun 21, 2006; Author - Darren Miller; Section - Network Security Library / Network Security; What is the most common way your network will be compromised? It most probably will not be through any complex hacking technique but through overlooking the "small things".
Local Attacks: Date - Jun 20, 2006; Author - Don Parker; Section - Articles / Misc Network Security; In this article I will list some of the physical attacks that a computer could fall prey to.
The Regulatory Compliance Planning Guide: Date - Jun 15, 2006; Author - Microsoft; Section - Network Security Library / Policy & Standards; IT professionals who must ensure regulatory compliance for the IT systems of the organizations in which they work can be in a difficult position. To help address these needs, Microsoft has created the Regulatory Compliance Planning Guide. The guide is designed to help IT professionals and others interested in regulatory compliance in a number of ways.
Group Policy Changes in Vista: Date - Jun 14, 2006; Author - Derek Melber; Section - Articles / Windows OS Security; In this article we will look at the new Group Policy features in Vista.
Securing Windows 2000 Server - updated: Date - Jun 14, 2006; Author - Microsoft; Section - Network Security Library / Network Security; The updated Securing Windows 2000 Server solution includes information about risk assessment and analysis, securing specific critical Windows 2000 Server roles, and operating a secure environment after the initial lockdown phases have completed.
SPIKE and BURP for real world computer security usage (Part 2): Date - Jun 07, 2006; Author - Don Parker; Section - Articles / Web Server Security; In this part two of the article series we will actually use an HTTP proxy and find out more on how you can use this very useful tool.
Spreadsheet Assurance: Date - Jun 07, 2006; Author - Tom Olzak; Section - Network Security Library / Auditing; To date auditors have not looked too deeply into the content or accuracy of spreadsheets in corporations. With Sarbanes-Oxley (SOX), and the recent Health Insurance Portability & Accountability Act (HIPAA), you can bet that they will start to take a closer look. Will your spreadsheet results pass an audit?
Calamitous Cryptography: The Extortoise and the Haregretful: Date - May 31, 2006; Author - Justin Troutman; Section - Articles / Authentication, Access Control & Encryption; Cryptovirology - cryptography's evil younger sibling. Let's look at how the intensity of this dark science feeds directly from the security of its older, defensive brother.
Wireless Authentication Solutions: Date - May 31, 2006; Author - Bradley Morgan; Section - Network Security Library / Wireless Security; As is the case with any valuable resource, there must be limitations on who can access and use your wireless medium.
Event Log/Monitoring Consolidation: Date - May 24, 2006; Author - Don Parker; Section - Articles / Misc Network Security; In most corporate organizations today there is a large array of computer network security devices deployed. All of these security tools produce voluminous amounts of output. What good is that output unless you can make use of it?
Video On How To Hack A PC: Date - May 24, 2006; Author - Darren Miller; Section - Network Security Library / Information Warfare; This paper by Darren Miller reviews a new video describing the "Anatomy of a Hack" and methods to thwart the hack. Some might consider this video controversial or "self serving" marketing information.
How to Nest Users and Groups for Permissions: Date - May 18, 2006; Author - Derek Melber; Section - Articles / Authentication, Access Control & Encryption; In this article I will show you how to nest users and groups for permissions.
Strengthen Data Protection with Network Access Controls: Date - May 17, 2006; Author - Tom Olzak; Section - Network Security Library / Network Security; One of the first steps in meeting the challenges associated with the evolving demands for new network access methods, is the segmentation of the network. Once your network is segmented, the next step is to ensure that all endpoint devices (workstations, laptops, handheld devices, etc.) conform to your security baselines. Using a generic view of network access controls, we step through three common network connectivity scenarios in this paper.
Auditing your Network: Date - May 16, 2006; Author - Don Parker; Section - Articles / Misc Network Security; In this article we will cover just what it means to have a computer security network audited.
Compliance and You: Date - May 10, 2006; Author - Don Parker; Section - Articles / Misc Network Security; This article is squarely aimed at those of you who are at best confused about the whole compliance quagmire.
Wireless Security Attacks and Defenses: Date - May 10, 2006; Author - Bradley Morgan; Section - Network Security Library / Wireless Security; This paper provides great insight into properly securing Wireless LAN's. It's amazing the number of WiFi installations that are open to neighbors and others! Is your network as secure as it can be?
One Week Left to Win a free Security Book: Date - May 08, 2006; Author - The Editor; Section - Site News; There is only one week remaining to win a copy of one of two essential security books. Please read on for more details.
Understanding Windows NTFS Permissions: Date - May 03, 2006; Author - Derek Melber; Section - Articles / Authentication, Access Control & Encryption; In this article I will explain the NTFS methods and features that are available with Windows 2000, Windows XP and Windows 2003 Server.
10 Things To Do For A Healthy & Secure PC: Date - May 03, 2006; Author - Darren Miller; Section - Network Security Library / Patch Management; This article lists 10 things that are of key importance in maintaining a healthy computer. To many of us these steps seem so common place, but it makes for good reading you can hand to that friend or family member just getting started with computers.
Experiences with Greylisting: Date - Apr 26, 2006; Author - Dr. John R. Levine; Section - Network Security Library / Anti Spam; Blacklisting, Whitelisting, Greylisting? This article helps define Greylisting, and takes a deeper look at the Pros and Cons of this technique of SPAM abatement.
SPIKE and BURP for real world computer security usage (Part 1): Date - Apr 26, 2006; Author - Don Parker; Section - Articles / Web Server Security; This article series will demonstrate how to use an HTTP proxy.
Win a Free Security Book!: Date - Apr 25, 2006; Author - The Editor; Section - Site News; We are offering WindowSecurity.com visitors with two easy ways to win a copy of one of two essential security books.
How to use Kerberos Authentication in a Mixed (Windows and UNIX) Environment: Date - Apr 19, 2006; Author - Deb Shinder; Section - Articles / Authentication, Access Control & Encryption; Kerberos is the protocol of choice for mixed network environments. This article explains how to use Kerberos authentication in these mixed environments.
A proxy by any other name: Date - Apr 13, 2006; Author - Don Parker; Section - Articles / Misc Network Security; In almost every corporate computer network today there are proxies to be found. This is pretty much a standard computer security practice. The confusion starts when people start talking about all the various proxy types. Within the confines of this article all of the various proxy types will be discussed.
Strengthen Security with an Effective Security Awareness Program: Date - Apr 12, 2006; Author - Tom Olzak; Section - Network Security Library / Policy & Standards; You can have everything in your Security Arsenal perfect. Your team is ready, but is everyone else prepared? This article will help insure you have everyone aware and helping you maintain the security you have worked hard to achieve.
Why and how to implement SecurID Authentication: Date - Apr 11, 2006; Author - Deb Shinder; Section - Articles / Authentication, Access Control & Encryption; Authenticating users who log onto your network by account name and password only is the simplest and cheapest (and thus still the most popular) means of authentication. However, companies are recognizing the weaknesses of this method. Passwords can be guessed or cracked using dictionary attacks or more sophisticated methods such as rainbow tables, or users can be coerced, charmed or tricked into revealing their passwords to others. These latter techniques, called social engineering, have become a growing problem for companies of all sizes.
Tools of the Trade (Part 3): Date - Apr 05, 2006; Author - Don Parker; Section - Articles / Misc Network Security; Over the course of part two in this article series we covered both netcat and ettercap. What we shall now cover in the final part of this series is a packet crafter and an HTTP proxy. Read on to find out more about these very powerful tools of the trade.
Cracking Passwords: Date - Apr 05, 2006; Author - Darren Miller; Section - Network Security Library / Auth. & Access Control; Cracking Passwords is an important part of a network security assessment. Many methods and tools are available to crack passwords. This article provides some thought provoking insight into methods to perform a password audit.
Best Practices for Configuring Group Policy Objects: Date - Mar 30, 2006; Author - Brien Posey; Section - Articles / Windows 2003 Security; In this article, I will share with you some best practices that you can use to keep your group policy objects well organized.
Rainbow Tables & RainbowCrack Introduction: Date - Mar 29, 2006; Author - Chris Gates; Section - Network Security Library / Cryptography; Rainbow tables reduce the difficulty in brute force cracking a single password by creating a large pre-generated data set of hashes from nearly every possible password. Rainbow Tables are popular with a particularly weak password algorithm known as Microsoft LM hash. LM stands for LAN Manager, this password algorithm was used in earlier days of Windows and still lives on only for compatibility reasons.
Tools of the Trade (Part 2): Date - Mar 22, 2006; Author - Don Parker; Section - Articles / Misc Network Security; In part one of the article series on “Tools of the Trade” we covered a packet sniffer and network scanner. Both installation and sample usage were shown. In part two we will go on to cover other key tools that are of importance to learn. Read on to find out more!
Importance of File Level Backup: Date - Mar 22, 2006; Author - Bilal Ahmed and Adnan Khan; Section - Network Security Library / Disaster Recovery; File level backup is another way of taking backups for the files and folders residing on a storage volume, keying on backups for mission critical data which results in having more than one layer of data protection at a lower price tag.
Deploying Auditing Settings and Reporting What is Configured: Date - Mar 15, 2006; Author - Derek Melber; Section - Articles / Authentication, Access Control & Encryption; Within Windows you might want to track who is performing specific tasks. This might be to meet a regulatory compliance, or to just track when users perform tasks on desktops and servers. The benefits of deploying auditing settings to all computers include better control of the environment, audit trails for security reasons, and tracking of events for forensics. The big question boils down to how should these settings be deployed correctly, efficiently, and with assurance that the settings will be persistent? The answer is simple and efficient: Group Policy. Here, we will look at the settings that need to be deployed, the methods to deploy them, and options to verify that the settings are still in place.
Wireless Cracking Tools: Date - Mar 15, 2006; Author - Bradley Morgan; Section - Network Security Library / Wireless Security; By familiarizing yourself with following software, you will not only have a better understanding of the vulnerabilities inherent in 802.11 networks, but you will also get a glimpse at how a hacker might exploit them.
Tools of the Trade (Part 1): Date - Mar 09, 2006; Author - Don Parker; Section - Articles / Misc Network Security; Being in the computer security field means that you are always striving to stay current. You are always trying to learn new tools, and understand new exploits. That said there are also some tools that simply aren’t going to go away any time soon and are really necessary to learn. Over the course of this three part series we will look at some of the best known hacking tools. After all, it pays dividends to know just how your enemy works and more specifically with what.
SPAM - The Issues, Impact and Reducing SPAM (Part 2): Date - Mar 08, 2006; Author - Jeff McDermott; Section - Network Security Library / Anti Spam; This is Part 2 of an article to help improve the understanding of the impact and problems created by Spam. This section focuses primarily on things that can be done to help reduce the impact of Spam for consumers, ISP's, and corporations. There is no 100% with Spam reduction, but things can be done to improve the current status and condition of Internet email reliability.
More on Running Windows Under Non-Admin Accounts: Date - Mar 07, 2006; Author - Mitch Tulloch; Section - Articles / Authentication, Access Control & Encryption; This article is a follow up to my previous article on WindowsNetworking.com titled "Running Windows Under Non-Admin Accounts" and shares some comments from readers concerning issues they've found and solutions they've tried for limiting desktop computer users to non-admin accounts. The article also provides some additional workarounds for performing admin-level tasks while logged on to a computer using ordinary user credentials.
Securing What's at Risk - A Common Sense Approach to Strong Authentication: Date - Mar 01, 2006; Author - Entrust; Section - Network Security Library / Auth. & Access Control; Online consumers demand personalized unique identities that make them confident about online transactions. This whitepaper outlines issues with managing online identities when faced with increasing threats against these online identities.
Setting up your Lab: Date - Mar 01, 2006; Author - Don Parker; Section - Articles / Misc Network Security; Having an interest in computer security means one thing for certain: That you will have to keep your skills up to par and continually explore new ones. How should you go about fulfilling this ambitious plan? Read on to find out how.
The Role of Modeling and Simulation in Information Security: Date - Feb 22, 2006; Author - Mohammad Heidari; Section - Network Security Library / Information Warfare; There is a spate of papers and tools on using Modeling and Simulation (M&S) for testing Denial of Service - (DoS), virus and worm (Propagation, attacks) against computer networks, but this is not the whole story, there are no explicit M&S tools for testing computer/network security and network attack modeling. In other words, it seems that Computer Simulation was studied and investigated in many areas but the field of Computer Security has not produced significant research results in this area to date!
The Simplistic Trio: Three of the Many Musketeers Fighting in the Name of Simplicity: Date - Feb 22, 2006; Author - Justin Troutman; Section - Articles / Authentication, Access Control & Encryption; Simplicity is a pillar of good cryptography. In this article, we'll cover several "acts" of simplicity, ranging from independence in modularity, reduction of complexity, and conservative threat modeling, along with a final spiel on the importance of using message authentication.
Technical Responses to Spam: Date - Feb 15, 2006; Author - Dr. John R. Levine; Section - Network Security Library / Anti Spam; In response to the growing torrent of unsolicited bulk email, many technical schemes have been proposed and implemented to distinguish spam from legitimate mail and to block delivery of spam while letting legitimate mail through. Although none of the schemes is the "magic bullet" some of them, particularly when used in combination with each other, can help limit the amount of spam that users receive.
Securing the Network from Within (Part 2): Date - Feb 15, 2006; Author - Don Parker; Section - Articles / Misc Network Security; In Part 1 of this article series we went over some of the physical threats confronting networks. We will continue, in Part 2, to cover various other ways to help secure the workstation, and thereby further help harden the internal network from attack.
Generating Resultant Set of Policy Queries: Date - Feb 08, 2006; Author - Brien Posey; Section - Articles / Windows 2003 Security; Both the Active Directory and Windows in general offer a huge degree of flexibility. Although it’s really nice to have a security model that can be custom tailored to meet your exact security needs, there is a definite downside to the way that Windows security works; it can be really complicated. Fortunately, there is a way to tell exactly what the outcome of all of those policy elements is. You can run a Resultant Set of Policy (RSOP) query. In this article, I will show you how.
SPAM - The Issues, Impact and Reducing SPAM (Part 1): Date - Feb 08, 2006; Author - Jeff McDermott; Section - Network Security Library / Anti Spam; SPAM is one of the biggest challenges facing Internet consumers, corporations, and service providers today. Part 1 of this article explores the Issues and Impact of Spam. Part 2 provides some insight into methods for reducing Spam.
Caveat Lector: Authentication, the Forgotten, Should-be Predominant: Date - Feb 02, 2006; Author - Justin Troutman; Section - Articles / Authentication, Access Control & Encryption; Using the familiar Alice and Bob model, we'll take a look at the concept of integrity preservation, through the use of a MAC, or Message Authentication Code. This article will define what it is, what it does, and why it's vital in the majority of cases, although often overlooked in most of them.
Is Your Website Hackable? Find Vulnerabilities with a Free Acunetix Security Audit: Date - Feb 01, 2006; Author - Acunetix; Section - Site News; In an effort to stem the fast-growing tide of web application security breaches, Acunetix today announced that it is offering free website security audits to 5,000 enterprise organizations.
Applying the Principle of Least Privilege to User Accounts on Windows XP: Date - Feb 01, 2006; Author - Microsoft; Section - Network Security Library / Policy & Standards; This document discusses the issues and concerns that organizations may face when they apply the LUA approach to computers that run Microsoft Windows XP. This paper also describes the high-level issues that affect implementation of the LUA approach and provides useful links to other online resources that explain these concepts in more detail.
Malware - future trends: Date - Jan 31, 2006; Author - Dancho Danchev; Section - Network Security Library / Network Security; Malware has truly evolved during the last couple of years. Its potential for financial and network based abuse was quickly realized, and thus, tactics changed, consolidation between different parties occurred, and the malware scene became overly monetized, with its services available on demand.
TCP and IP Options: Date - Jan 26, 2006; Author - Don Parker; Section - Articles / Windows Networking; Going back over the basics is always a good idea. One of the most fundamental pieces of knowledge in regards to computer communications are the four core protocols; IP, TCP, UDP, and ICMP. What we shall do over the course of this article is cover the options for both TCP and IP to see what, if any, security implications they may have.
Windows Server 2003 Security Guide v2.0: Date - Jan 25, 2006; Author - Microsoft; Section - Network Security Library / Network Security; The updated Windows Server 2003 Security Guide provides specific recommendations about how to harden computers that run Microsoft Windows Server 2003 with Service Pack 1 (SP1) in three distinct enterprise environments. 1. Where older operating systems such as Windows NT 4.0 and Windows 98 must be supported. 2. Where Windows 2000 is the earliest version of the Windows operating system in use. 3. Where concern about security is so great that significant loss of client functionality and manageability is considered an acceptable tradeoff to achieve maximum security.
Applying Certificates to a WSUS Server: Date - Jan 24, 2006; Author - Brien Posey; Section - Articles / Authentication, Access Control & Encryption; Many administrators tend to ignore the recommendation that WSUS be configured to use SSL encryption if the WSUS server is only servicing clients within the perimeter network. However, if SSL encryption is not used, a hacker could potentially steal the WSUS server’s identity and use the spoofed server to send malicious versions of patches to your clients. If you don’t like the idea of having a bunch of infected clients on your network, then check out this article on how to encrypt WSUS transactions.
Securing the Network from Within (Part 1): Date - Jan 19, 2006; Author - Don Parker; Section - Articles / Misc Network Security; All too often we hear of how a hacker bypassed a router and the firewall to penetrate a company’s internal network. Reality is that there will always be a way into an internal network. Is it time to start thinking of protecting the network in a different way? Read on to find out.
Windows Enumeration: USER2SID & SID2USER: Date - Jan 18, 2006; Author - Chris Gates; Section - Network Security Library / Windows Security; User2sid and Sid2user are two small utilities for Windows NT, created by Evgenii Rudny, that allow the administrator to query the SAM to find out a SID value for a given account name and vice versa. User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine and Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions; LookupAccountName and LookupAccountSid respectively. These tools can be called against a remote machine without providing logon credentials except those needed for a null session connection. These tools rely on the ability to create a null session in order to work.
Understanding the Roles of Server 2003 Security Policies: Date - Jan 17, 2006; Author - Deb Shinder; Section - Articles / Windows 2003 Security; Windows domains rely on policy-based security mechanisms, but Windows security policy deployment can be confusing to the uninitiated. What's the difference between the local security policy, domain security policy and domain controller security policies? When and how do you use each? How do you use site GPOs and OU GPOs for best security, and how do they all interact together? What security policy tools are included with the operating system and how is each used? This article will provide an overview of the roles of Server 2003 security policies and how to use them to secure your systems and network.
Switching Technologies: Date - Jan 12, 2006; Author - Don Parker; Section - Articles / Windows Networking; With the advent of faster computer networks and a far more stable infrastructure has come the need for a quicker way to “switch” this information around. Two of the best known methods for doing so are ATM and Frame Relay. Within the confines of this article we will discuss just what they are and where they fit in.
The Threats and Countermeasures Guide v2.0: Date - Jan 11, 2006; Author - Microsoft; Section - Network Security Library / Windows Security; The updated Threats and Countermeasures guide provides you with a reference to all security settings that provide countermeasures for specific threats against current versions of the Microsoft Windows operating systems.
Determining Whether an in House or an External Certificate Authority is More Appropriate for Your Company: Date - Jan 10, 2006; Author - Brien Posey; Section - Articles / Authentication, Access Control & Encryption; With security becoming such a huge priority for companies over the last few years, many administrators who might have never thought twice about digital certificates are suddenly finding themselves in situations that require issuing various types of certificates. In this article, I will explain some of the benefits and some of the drawbacks of internal and external certificate authorities, in an effort to help you to make an intelligent decision as to what is right for your network.
HTTP Tunnels: Date - Jan 05, 2006; Author - Don Parker; Section - Articles / Windows Networking; The computer security world has come a long way over the past decade or so. There are all kinds of programs to mitigate external threats and the ever present spectre of viruses. What about those programs that are initiated from the trusted internal network though? Read on to learn more about the threat of HTTP tunnels.
Virtualization: Date - Jan 04, 2006; Author - Bradley Morgan; Section - Network Security Library / Network Security; This is a research paper about virtualization, a technology which has many impacts--one of which is related to security.
Implementing EFS in a Windows Server 2003 Domain: Date - Jan 03, 2006; Author - Deb Shinder; Section - Articles / Windows 2003 Security; Microsoft’s Encrypting File System (EFS), used to encrypt data on Windows 2000, XP and Server 2003 computers, relies on a public key certificate. If you don’t have a public key infrastructure, EFS can use a self-signed certificate. This is the default for using EFS on a standalone or workgroup computer. Implementing EFS within a domain with a PKI presents more complexity. In this article, we'll look at how to manage and use EFS in a Windows 2000 or Server 2003 domain.