WindowSecurity.com Articles & Tutorials Archive

Articles & Tutorials by date (Click here to sort Articles & Tutorials by topic)

2010
[ 5 ] January, 2010 [ 5 ] February, 2010 [ 6 ] March, 2010
[ 5 ] April, 2010 [ 5 ] May, 2010 [ 5 ] June, 2010
[ 5 ] July, 2010 [ 6 ] August, 2010 [ 2 ] September, 2010
2009
[ 5 ] January, 2009 [ 5 ] February, 2009 [ 5 ] March, 2009
[ 6 ] April, 2009 [ 5 ] May, 2009 [ 5 ] June, 2009
[ 5 ] July, 2009 [ 5 ] August, 2009 [ 5 ] September, 2009
[ 5 ] October, 2009 [ 5 ] November, 2009 [ 4 ] December, 2009
2008
[ 8 ] January, 2008 [ 6 ] February, 2008 [ 6 ] March, 2008
[ 11 ] April, 2008 [ 6 ] May, 2008 [ 7 ] June, 2008
[ 8 ] July, 2008 [ 6 ] August, 2008 [ 6 ] September, 2008
[ 7 ] October, 2008 [ 6 ] November, 2008 [ 5 ] December, 2008
2007
[ 10 ] January, 2007 [ 9 ] February, 2007 [ 8 ] March, 2007
[ 6 ] April, 2007 [ 8 ] May, 2007 [ 6 ] June, 2007
[ 7 ] July, 2007 [ 11 ] August, 2007 [ 7 ] September, 2007
[ 12 ] October, 2007 [ 11 ] November, 2007 [ 7 ] December, 2007
2006
[ 13 ] January, 2006 [ 9 ] February, 2006 [ 11 ] March, 2006
[ 9 ] April, 2006 [ 12 ] May, 2006 [ 10 ] June, 2006
[ 9 ] July, 2006 [ 11 ] August, 2006 [ 9 ] September, 2006
[ 10 ] October, 2006 [ 11 ] November, 2006 [ 9 ] December, 2006
2005
[ 9 ] January, 2005 [ 11 ] February, 2005 [ 12 ] March, 2005
[ 12 ] April, 2005 [ 11 ] May, 2005 [ 14 ] June, 2005
[ 12 ] July, 2005 [ 14 ] August, 2005 [ 10 ] September, 2005
[ 10 ] October, 2005 [ 8 ] November, 2005 [ 9 ] December, 2005
2004
[ 4 ] January, 2004 [ 3 ] February, 2004 [ 5 ] March, 2004
[ 3 ] April, 2004 [ 6 ] May, 2004 [ 9 ] June, 2004
[ 9 ] July, 2004 [ 8 ] August, 2004 [ 8 ] September, 2004
[ 7 ] October, 2004 [ 9 ] November, 2004 [ 9 ] December, 2004
2003
[ 6 ] January, 2003 [ 5 ] February, 2003 [ 10 ] March, 2003
[ 8 ] April, 2003 [ 15 ] May, 2003 [ 8 ] June, 2003
[ 11 ] July, 2003 [ 5 ] August, 2003 [ 6 ] September, 2003
[ 13 ] October, 2003 [ 5 ] November, 2003 [ 4 ] December, 2003
2002
[ 1 ] March, 2002 [ 9 ] April, 2002 [ 7 ] June, 2002
[ 29 ] July, 2002 [ 7 ] August, 2002 [ 4 ] September, 2002
[ 537 ] October, 2002 [ 10 ] November, 2002 [ 8 ] December, 2002
2001
[ 6 ] February, 2001 [ 1 ] May, 2001 [ 1 ] October, 2001
2000
[ 129 ] February, 2000 [ 188 ] April, 2000 [ 5 ] September, 2000
[ 2 ] December, 2000

Articles & Tutorials for 2005 year

The Different Shades of Hackers
Date - Dec 29, 2005
Author - Don Parker
Section - Articles / Misc Network Security
The computer security world is populated by various types of people. Notably in that world are your various hacker types. Be they white, grey, or black, it now seems that almost every hacker is assigned a color. What does it all mean though? Read on to find out.
Anonymous Connections
Date - Dec 27, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
Is your network safe from intruders? With all of the different methods that intruders use to weasel their way into your network and servers, you can’t be sure. Hackers will use trojan horses, backdoors, compromised user accounts, and the front door. That is right, the front door! Ok, maybe a side door, but unless your Windows environment is protected, an intruder can use a door to your house that was put there when you made the installation. This “door” in a Windows operating system is the anonymous connection.
Remote Authentication: Different Types and Uses
Date - Dec 22, 2005
Author - Don Parker
Section - Articles / Authentication, Access Control & Encryption
Computer networks have arguably helped worker efficiency and helped a company’s bottom line. Well with that has come the need for workers to, at times, remotely log into the corporate network. This is ideally done via secure means. Within the confines of this article we will look at several of these methods.
Book Reviews: Creating Security Policies and Defining Security Roles
Date - Dec 20, 2005
Author - Mitch Tulloch
Section - Articles / Misc Network Security
Large organizations looking for help on creating security policies and defining security roles and responsibilities need look no further — two titles from Information Shield provide help on just that.
Access Controls: What is it and how can it be undermined?
Date - Dec 15, 2005
Author - Don Parker
Section - Articles / Authentication, Access Control & Encryption
We have stoplights on city streets, and locks on the doors of our homes. What these things have in common is that they are access controls. The world of computer security is very much the same in that it employs various ways to limit access. In this article we will cover several ones and discuss their usage.
Will upgrading to 64 Bit Windows make you More Secure?
Date - Dec 13, 2005
Author - Deb Shinder
Section - Articles / Windows OS Security
Both Windows Server 2003 and Windows XP now come in 64 bit versions, to run on the 64 bit processors made by Intel and AMD. 64 bit hardware and operating systems offer some big advantages over the currently more commonplace 32 bit systems, including the ability to handle more physical memory and big performance boosts for applications that are written for the 64 bit system.
Biometrics and You
Date - Dec 08, 2005
Author - Don Parker
Section - Articles / Authentication, Access Control & Encryption
The world of computer security has spawned yet another way to help secure one’s computer assets. That would be the still maturing area that is biometrics. Just what are biometrics anyway, and are they really being adopted by the mainstream? Read on to find out.
Protect your network from rogue users
Date - Dec 06, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
IT departments spend a great deal of time, effort and money to protect against external threats – those that enter the network via the Internet or remote access – but sometimes forget the harm that can be done by an authorized user who decides to “go rogue” (circumvent network security policies for his/her own purposes).
Studying Network Activity Using the Chaosreader Tool
Date - Dec 01, 2005
Author - Don Parker
Section - Articles / Windows Networking
I have written quite a bit about investigating network activity at the packet level. This practice can yield some key information about your network. Another tool that can help you discern network activity is a program called Chaosreader. Read on to find out more about this outstanding tool, and its ability to help you.
Protect your Web Servers with SSL
Date - Nov 29, 2005
Author - Deb Shinder
Section - Articles / Web Server Security
HTTP communications are fine for the average Web server, which just contains informational pages. But if you’re thinking about running an e-commerce site or other Web services that require secure transactions, you need to be able to encrypt communications between your Web server and its clients. The most common means is by the use of Secure Sockets Layer (SSL), which uses public key cryptography to protect confidential user information (such as credit card or bank account numbers) that is transmitted across the Web. In this article, we’ll discuss how SSL works and show you how to enable it on your Internet Information Services (IIS) Web servers.
The importance of having a CSO/CIO
Date - Nov 24, 2005
Author - Don Parker
Section - Articles / Misc Network Security
In most midsize to large organizations there exists a computer security group. This group is made up of various sub-groupings. Typically you will have your technical people, as well as the management. Ideally the two groups will co-exist peacefully, and in reality it is a must for the technical folks to have strong representation by the CSO or CIO.
Windows & Active Directory Auditing
Date - Nov 22, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
If you are like most administrators, you want to know who is logging on, to which computer, and accessing resources on your servers. For your Windows computers and Active Directory environment, you have options to help you determine what you want to know.
Use Free Microsoft Tools to Protect your Computers
Date - Nov 17, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
As part of their trusted computing initiative, Microsoft has taken a lead in offering free security tools that you can download and use to help assess the security of your computers and protect your systems against viruses, spyware, and attacks. In this article, we’ll take a look at some of the utilities they’ve made available.
Shells for Sale! (Part 3)
Date - Nov 10, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
We have seen over the past two articles, both the planning and the first steps taken in a practice hack, for the purpose of accumulating exploited computers. In this final part we will see the conclusion of what a semi-skilled hack would look like. Lastly, we will also see how our hacker John, is also quickly caught trying to sell his wares.
MSTerminalServices.org – New Terminal Services and Server Based Computing Website added to the TechGenix Network!
Date - Nov 08, 2005
Author - The Editor
Section - Site News
We are pleased to announce the launch of our latest site – MSTerminalServices.org - a site completely dedicated to Terminal Services and Server Based Computing related topics such as Application Hosting, Security lockdown, Profile management, Virtualization and much more...
Backing up and Restoring GPOs using the GPMC
Date - Nov 03, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
Without the Group Policy Management Console (GPMC) administration of Group Policy takes patience, imagination, and thorough understanding of the property sheets within the Active Directory Users and Computers. The GPMC solves these problems by providing a very intuitive interface for managing all aspects of Group Policy. This article will discuss the finer points of how the backup and restore options work within the GPMC.
Shells for Sale! (Part 2)
Date - Nov 01, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
With the groundwork having been laid out in part one of this article series, we now move on to the actual execution of the hack. This though is a hack with a slightly higher degree of skill involved. Read on to find out more.
Delegating Group Policy Privilege using the GPMC
Date - Oct 27, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
If you have an Active Directory domain or enterprise, you are all too familiar with Group Policy. Group Policy is the preferred way to ensure standardized and secure domain controllers, servers, and clients. With standards becoming so highly regarded to reduce the TCO of clients, Group Policy control is essential. This article describes "who" can perform "which" tasks with Group Policy and the proper way to configure them within the GPMC.
The Importance of Web Application Scanning
Date - Oct 26, 2005
Author - Acunetix
Section - Network Security Library / Web Security
Organizations need a Web application scanning solution that can scan for security loopholes in Web-based applications to prevent would-be hackers from gaining unauthorized access to corporate applications and data. Web applications are proving to be the weakest link in overall corporate security, even though companies have left no stone unturned in installing the better-known network security and anti-virus solutions. Quick to take advantage of this vulnerability, hackers have now begun to use Web applications as a platform for gaining access to corporate data.
Shells for Sale! (Part 1)
Date - Oct 25, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
What would happen if a semi-skilled hacker decided to harvest some computers, and then in turn sell access to them? It is an intriguing concept that we will explore over the next few articles. As always, there will be a premium placed on technical detail, which will allow you to recreate what I have done.
Robot Wars – How Botnets Work
Date - Oct 20, 2005
Author - hakin9
Section - Articles / Viruses, trojans and other malware
One of the most common and efficient DDoS attack methods is based on using hundreds of zombie hosts. Zombies are usually controlled and managed via IRC networks, using so-called botnets. Let's take a look at the ways an attacker can use to infect and take control of a target computer, and let's see how we can apply effective countermeasures in order to defend our machines against this threat.
New Security Features in IE 7.0
Date - Oct 18, 2005
Author - Deb Shinder
Section - Articles / Windows OS Security
The browser security wars have been heating up again lately. After a small but significant exodus in which many computer users switched from Internet Explorer to Mozilla’s Firefox because of its supposed security advantages, last month a report from Symantec shocked many open source fans with data showing the Mozilla browsers suffered from more security vulnerabilities than IE, including more that were of high severity.
Changing Passwords for Key User Accounts
Date - Oct 13, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
I must warn all readers that this article is direct and aimed to make you feel a bit uncomfortable. The goal is to expose a few vulnerabilities in your network, so that they can be fixed. However, my experience and research has proven that most companies fall into the same bucket when it comes to these vulnerabilities.
I installed my Home Wireless Network and my neighbor was using it!
Date - Oct 12, 2005
Author - Darren Miller
Section - Network Security Library / Wireless Security
When I moved into my new home in south Florida I found 10 unsecured wireless networks in range of my home office. As I introduced myself to my neighbors I asked them if they had installed a wireless network and told them if they had, their computers may be exposed. I helped them secure their networks but it seems every holiday brings more unsecured networks. Do you live in a neighborhood like mine? Do any of your neighbors have the experience to help you configure your wireless networks securely? Or, does your neighbor have other ideas in mind?
First Look at Windows Vista: Secure at Last?
Date - Oct 11, 2005
Author - Deb Shinder
Section - Articles / Windows OS Security
In the early days of Windows operating systems, security was not at the forefront of computer users’ priorities as it is today – especially for home computer users. Now that the vast majority of systems are connected to the Internet, wireless networks have popped up everywhere, and we’re much more vulnerable to viruses and attacks, security is a necessity. With the release of each new version, Microsoft has focused more and more on protecting the system from inadvertent and deliberate security breaches, and the culmination of those efforts is Windows Vista (formerly known as Longhorn), the next generation of their client operating system that’s expected to be released sometime in 2006.
Standardization and the security appliance
Date - Oct 06, 2005
Author - Don Parker
Section - Articles / Misc Network Security
There is a dizzying array of appliances out there today, which will address almost every security concern. Problem is that the vendors are all touting that they can accomplish this performance benchmark or task for you. There would be little point in a vendor making outright falsifications about their wares, but it would surely be nice to have them ascertained to a certain degree by an independent source.
Review of Security Planning Guides from Microsoft
Date - Oct 04, 2005
Author - Mitch Tulloch
Section - Articles / Windows 2003 Security
This article reviews the recommendations of several recently released security planning guides from Microsoft that deal with securing administrator accounts and implementing smart card authentication in enterprise environments.
Managed E-Mail Security Services: Is it the right solution for your network?
Date - Sep 29, 2005
Author - Deb Shinder
Section - Articles / Content Security (Email & FTP)
Email communications are essential to getting the job done in today’s business world, but many companies are overwhelmed by spam, the security risks of e-mail borne viruses and worms and liability implications of e-mail containing pornography or other undesirable content. It’s getting harder and harder for network administrators to keep it all under control.
Packet analysis tools and methodology (Part 4)
Date - Sep 27, 2005
Author - Don Parker
Section - Articles / Intrusion Detection
In the last part of this article series we will take a look at the alarms generated by myself. This binary log will include several attacks, and some general surfing. We now need to take a look, and separate the chaff from the wheat.
Windows Vista and Principle of Least Privilege
Date - Sep 22, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
It is not surprising that Microsoft is getting on the bandwagon for implementing the Principle of Least Privilege for their next operating system named Windows Vista. This article will investigate some of the current issues with least privilege and investigate the reality of what Microsoft is proposing with Windows Vista.
Packet analysis tools and methodology (Part 3)
Date - Sep 20, 2005
Author - Don Parker
Section - Articles / Intrusion Detection
It has arguably gotten easier to exploit computers now due to the abundance of attack tools out there today. One of the most powerful ones is the Metasploit Framework. We will take a look at it in this article.
Being Big Brother: Monitoring employees’ network activity
Date - Sep 15, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
Big brother is watching. In today’s security-conscious world, it has become a fact of life. George Orwell coined the term to refer to government intrusion into the private lives of citizens, but the meaning has expanded to include any authority figure. The law recognizes that there are circumstances in which monitoring of others’ activities is permissible or even desirable. In general, employers have a lot of leeway in monitoring what their employees do while on company premises and using company equipment.
Packet analysis tools and methodology (Part 2)
Date - Sep 13, 2005
Author - Don Parker
Section - Articles / Intrusion Detection
In part two of this article series we will learn how to build a powerful analysis suite. Tools covered will be Snort, Snortsnarf, widump, and winpcap. You will also need to install a PERL interpreter, which shall be shown.
Controlling Windows Services and Service Accounts
Date - Sep 08, 2005
Author - Derek Melber
Section - Articles / Windows OS Security
When you install any Windows computer it will immediately be running multiple services. These services provide core operating system and tool functionality to the computer. In addition to these core services, you might also be running more services due to installed applications. There are a slew of Microsoft products, as well as other third party products, that install services on your computer. Examples includes Exchange, SQL, SMS, backup programs, and enterprise management applications. Since many attackers can exploit services that are running, you will want to protect the services that must run and disable all services that are not required. We will talk about the management of services to protect your computers.
Social Engineering - The Weakest Link in Information Security
Date - Sep 07, 2005
Author - Jeff McDermott
Section - Network Security Library / Network Security
Many of us in the computer industry understand the term 'Social Engineering' fairly well. But does your company, its managers and employees understand and practice good techniques in avoiding being the victim of Social Engineering? After all social engineering is the weakest point in your network's security! Don't believe it? Read on...
How to Use Microsoft’s Shared Computer Toolkit
Date - Sep 06, 2005
Author - Deb Shinder
Section - Articles / Authentication, Access Control & Encryption
The Shared Computer Toolkit for Windows was designed to help administrators better manage and secure public computers, such as those in kiosks, libraries, Internet cafes, schools, etc. But the toolkit is useful for any situation in which multiple persons use the same computer, including family computing and small business offices where several employees must use the same machine. This article shows you how to get and use the toolkit, which is in beta testing at the time of this writing.
Pushing Out Security Settings that are Configured in the Registry
Date - Sep 01, 2005
Author - Derek Melber
Section - Articles / Misc Network Security
Each passing day proves that security of the corporate infrastructure and the computers that live in them is extremely important. There are spyware applications, virus checkers, Group Policy extensions, network scanners and more that are installed to check, verify and protect our computers. In the long run, even the most sophisticated protection mechanism can’t protect a computer that is not configured properly to protect itself. For these computers you typically need to manually configure Registry settings that will increase the baseline security of that computer. This article will discuss how to most efficiently configure Registry settings to help improve security on all computers on the network.
The Pharming Guide
Date - Aug 31, 2005
Author - Gunter Ollmann
Section - Network Security Library / Web Security
Exploiting well known flaws in DNS services and the way in which host names are resolved to IP addresses, Phishers have upped the ante in the cyber war for control of a customer’s online identity for financial gain. A grouping of attack vectors now referred to as “Pharming”, affects the fundamental way in which a customer’s computer locates and connects to an organisations online offering. Enabling the Pharmer to reach wider audiences with less probability of detection than their Phishing counterparts, pharming attacks are capable of defeating many of the latest defensive strategies used customer and online retailer alike. This paper, extending the original material of “The Phishing Guide”, examines in depth the workings of the name services of which Internet-based customers are dependant upon, and how they can be exploited by Pharmers to conduct identity theft and financial fraud on a massive scale.
Packet analysis tools and methodology (Part 1)
Date - Aug 30, 2005
Author - Don Parker
Section - Articles / Intrusion Detection
There are untold billions of packets flying around the web today. A great many of them are of malicious intent. A prelude to malicious activity is often the port scan. We will learn about some of the more popular types of port scans in existence today, and the tools used for them.
Product-based Security vs. Service-based Security
Date - Aug 26, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
Security vendors today can follow either of two different models: they can sell a product (a firewall, an encryption program, etc.) that your company pays for upfront, or they can sell a service that incurs an ongoing fee. In some cases, they can combine the two: an antivirus program or anti-spyware appliance that requires an update service to function properly. The current trend seems to be away from the standalone product model and toward the service model. In this article, we examine the advantages and disadvantages of both.
Assessing Your Security: Advice on Assessing your IT Security Posture
Date - Aug 24, 2005
Author - Gunter Ollmann
Section - Network Security Library / Policy & Standards
Most people will agree that Information Technology (IT) is changing or altering business processes and work environments at a dizzying pace. Unfortunately for those responsible for maintaining the security posture of these processes and environments, security changes faster.
Ideal-to-Realized Security Assurance In Cryptographic Keys (Part 2)
Date - Aug 23, 2005
Author - Justin Troutman
Section - Articles / Authentication, Access Control & Encryption
In the final installment of this two-part series, we'll cover two closely related collision attacks - the birthday attack and the meet-in-the-middle attack. We'll conclude by emphasizing the importance of simplicity through conservatism, and establishing a "golden rule" for instantiating the lengths of many cryptographic values.
Implementing Principle of Least Privilege
Date - Aug 18, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
The Principle of Least Privilege is not a new concept, but the push to implement it on production networks has never been so important. This article will go over some of the most common configurations that you can make to implement these principles and reduce the possibility of an attack from a typical end user.
Avoiding The Auto Dialer Virus
Date - Aug 17, 2005
Author - Darren Miller
Section - Network Security Library / Anti Virus
This article provides some thoughts and helpful tips on avoiding being scammed for hundreds or even thousands of dollars by "auto-dialers". Sometimes even experienced computer users can be caught off guard by this scam.
Ideal-to-Realized Security Assurance In Cryptographic Keys (Part 1)
Date - Aug 16, 2005
Author - Justin Troutman
Section - Articles / Authentication, Access Control & Encryption
In the first installment of this two-part series, we'll cover key length, and relative concerns, such as entropy and how password etiquette affects key space complexity. We'll look at how the length of the key doesn't inherently equate to the security of the key, and why security isn't even just about keys, at all.
Product Review: Acunetix Web Vulnerability Scanner
Date - Aug 11, 2005
Author - Deb Shinder
Section - Articles / Product Reviews
We've all heard of vulnerability scanners, but as the spectrum of security threats expands, security tools become more specialized. Acunetix has created a vulnerability scanner that's specifically designed to protect your Web servers and Web applications. It sounded interesting to us, so we installed the Acunetix WVS package on a Windows Server 2003 server to try it out. In this article, we'll review our experiences with its features and functionality.
Tricks of the Spammer's Trade
Date - Aug 10, 2005
Author - hakin9
Section - Network Security Library / Anti Spam
Spammer's try to get their messages through spam filters by using trickery. Let’s see how these tricks work, and how up to date filters spot the trickery and use it to their advantage. This article takes a deeper look into what tricks spammer's use to get past bayesian and heuristic filters.
Bluetooth: Is it a Security Threat?
Date - Aug 09, 2005
Author - Deb Shinder
Section - Articles / Wireless Security
I’ve received a lot of questions from readers recently about security issues related to different types of wireless technology. 802.11 (wi-fi) security has been covered in detail in this and other forums, but you don’t see nearly so much discussion of Bluetooth security. Bluetooth is becoming more and more popular, and it’s time to examine its security implications. Is it secure? Can it be made secure? What are particular security concerns? We’ll take a look at those questions in this article.
Auditing user accounts
Date - Aug 04, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
With Sarbanes Oxley, HIPAA, GLM, and the other auditing compliance programs getting so much attention, all aspects of the network environment are under a microscope. For any operating system environment this includes the auditing of the user accounts and their related properties. Considering that many attacks are accessed through a user account that has one or more incorrect and insecure settings, it makes sense to focus on user account properties during the audit. Within a Windows Active Directory environment there are the standard user properties that must be audited, plus a few that may not fall into too many other network environments. This article will discuss the key user account properties that need to be audited, as well as the tools that can help complete the task.
Hacked: Who Else Is Using Your Computer?
Date - Aug 03, 2005
Author - Darren Miller
Section - Network Security Library / Misc
This article brings to light how people tend to be complacent with their computers and not understand the little things they have overlooked that have left themselves open to others on the Internet. Chat programs today are used by millions, and yet they offer an avenue of capability to someone wanting to do harm.
Installing and Configuring Microsoft’s Data Protection Manager (DPM) Part 2
Date - Aug 02, 2005
Author - Deb Shinder
Section - Articles / Windows 2003 Security
In this two part article, we show you how to install and configure DPM and evaluate how this can be integrated into your overall security strategy. In Part 1, we covered the process of installing the DPM prerequisite software, DPM itself, the file agent software and the end-user recovery client software. In Part 2, we’ll show you how to configure your DPM server to protect data, and how end users can recover their protected files without administrative assistance.
Securing Windows Member Servers
Date - Jul 28, 2005
Author - Derek Melber
Section - Articles / Windows 2003 Security
Every company has member servers at some capacity or another. Some companies have just a few, where others might have thousands. These member servers are the work horses of your network, providing the core production services for the company. From running the intranet, providing print services, SQL databases, e-mail services, file storage, and application support. With member servers providing all of these essential functions, it goes hand-in-hand with the fact that you need to protect these servers. This article will discuss some of key security configurations that can be made to help protect your member servers.
Ubuntu - A new Linux based on the rock that Debian built!
Date - Jul 27, 2005
Author - Jeff McDermott
Section - Network Security Library / Unix Security
With many distributions of Linux out there, which one is the right one for you. This article helps shed some light on a fairly new flavor of Linux, and why it might be the right one for you. Ubuntu is yet another distro of Linux based on Debian, and out to make Linux a practical tool for the average person, and yet powerful for the advanced user.
Installing and Configuring Microsoft’s Data Protection Manager (DPM) Part 1
Date - Jul 26, 2005
Author - Deb Shinder
Section - Articles / Windows 2003 Security
The beta of Microsoft's new Data Protection Manager (formerly called Data Protection Server) is now available to the public. DPM brings disk-based backup and recovery to enterprise networks as part of Microsoft’s new System Center product umbrella that also includes Microsoft Operations Manager (MOM) and Systems Management Server (SMS). In this two part article, we show you how to install and configure DPM and evaluate how this newest member of Microsoft's System Center product umbrella can be integrated into your overall security strategy.
Sys Admin: Friend or Foe?
Date - Jul 21, 2005
Author - Don Parker
Section - Articles / Misc Network Security
The network system administrator is the first line, and sometimes last line of defence that a network has. What happens though if that very same defender becomes more of a liability?
Second-order Code Injection: Advanced Code Injection Techniques and Testing Procedures
Date - Jul 20, 2005
Author - Gunter Ollmann
Section - Network Security Library / Web Security
Many forms of code injection (for instance cross-site scripting and SQL injection) rely upon the instantaneous execution of the embedded code to carry out the attack (e.g. stealing a user's current session information or executing a modified SQL query). In some cases it may be possible for an attacker to inject their malicious code into a data storage area that may be executed at a later date or time. Depending upon the nature of the application and the way the malicious data is stored or rendered, the attacker may be able to conduct a second-order code injection attack.
Ethical Issues for IT Security Professionals
Date - Jul 19, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
This article takes a look at a neglected area of most computer security professionals' training: how to deal with the ethical issues that can - and invariably do - crop up during the course of doing your job.
The Student, the Teacher, and Optix Pro (Part 3)
Date - Jul 14, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
In this last part of the article series we will show John finding, and retrieving the upcoming math exam, as well as his getting caught. Rounding it out will be a quick incident handling roundup.
Social Engineering: You Have Been A Victim
Date - Jul 13, 2005
Author - Darren Miller
Section - Network Security Library / Network Security
Social Engineering is a method often employed in the attempt to break through network security. It is based on the premise that it is often easier to ask for something than to work for it. Although "social engineering" is not a brand new style of gaining network access. This article will make you think about how easy a person can fall for social engineering.
How Do Compliance Issues Affect your Network?
Date - Jul 12, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
Government regulations such as HIPAA, SOX and the GLB Act require changes to many network security infrastructures and IT procedures. As if wading through this alphabet soup of statutes and regulations weren’t enough, it's not enough to be compliant; you must also be able to prove your compliance if the feds come knocking. This article looks at how regulations affecting specific industries impact the computer networks of companies in those industries, as well as some of the common myths and misconceptions about various compliance requirements.
The Student, the Teacher, and Optix Pro (Part 2)
Date - Jul 07, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
In this part of the article series we see John begin to configure his trojan server on the professor’s computer, and will ultimately see him connect to it from his class room.
Avoiding Identity Theft
Date - Jul 06, 2005
Author - Jeff McDermott
Section - Network Security Library / Privacy
Identity theft is the fastest growing crime in America. According to the Federal Trade Commission, the number of identity theft incidents reached 9.9 million in 2003, and is estimated to have taken the average victim $500 and 30 hours to resolve. This article is designed to help network administrators and consumers understand the issues surrounding the rapidly growing concern of "Identity Theft".
Book Reviews: Still More Security Books
Date - Jul 05, 2005
Author - Mitch Tulloch
Section - Articles / Misc Network Security
Security books keep flooding in from publishers, so it looks like the business of information security continues to occupy a forefront in the minds of both business executives and IT professionals. Here’s my latest pick of what’s good.
Share Permissions
Date - Jun 30, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
All production Windows networks need to have resources (folders, files, documents, spreadsheets, etc) made available from servers so users on the network can access them. The way this is done is through the use of shared folders configured on the servers which house the resources. The concept of shared folders has not changed over the generations of Windows operating systems and versions, but the protection of the resources has slightly changed. Whether you are new to the concept of shared folders or an expert, this article will take an in-depth look at the pitfalls and suggested methods on how to protect the resources that are shared from servers to users on the network.
Denial of Service Attacks: "Smurfing"
Date - Jun 28, 2005
Author - Craig A. Huegen
Section - Network Security Library / Network Security
This article provides good information on what a Denial of Service (DoS) attack is and why they can be so harmful to networks and sites on the Internet. The information here provides in-depth information regarding "smurf" and "fraggle" attacks with a focus on Cisco routers and how to reduce the effects of the attack. Some information is general and not related to an organization or particular vendor of choice, however the article does include information regarding other vendor products. Although DoS is not a new threat, the information contained here is comprehensive and timeless.
The Student, the Teacher, and Optix Pro (Part 1)
Date - Jun 28, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
In this article series we will learn about a Trojan called Optix Pro. This is an especially lethal Trojan. With the first Part we will cover a little of Trojan history, see our fictional college’s network, and round out with our fictional student physically infecting his professor’s computer.
NAT Traversal (NAT-T) Security Issues
Date - Jun 23, 2005
Author - Deb Shinder
Section - Articles / Windows Networking
In this article, we’ll look at how NAT-T (Network Address Translation-Traversal) works and what the security issues are, help you decide whether to take the risk, and show you how to restore XP’s ability to connect to servers behind a NAT if you choose to do so.
Phishing: An Interesting Twist On A Common Scam
Date - Jun 22, 2005
Author - Darren Miller
Section - Network Security Library / Phishing
Imagine you are the CIO of a national financial institution and you've recently deployed a state of the art online transaction service for your customers. To make sure your company's network perimeter is secure, you executed two external security assessments and penetration tests. When the final report came in, your company was given a clean bill of health. At first, you felt relieved, and confident in your security measures. Shortly thereafter, your relief turned to concern. "Is it really possible that we are completely secure?" Given you're skepticism, you decide to get one more opinion.
Evaluating a New Security Policy
Date - Jun 21, 2005
Author - Brien Posey
Section - Articles / Misc Network Security
There was a time when it wasn’t all that risky to try out new security settings on production servers, but operating systems have become much more complex since then. Today, even changing something as simple as the required password length can have unanticipated side effects elsewhere in the system. In this article, I will explain how to evaluate a new security policy in a safe and responsible manner.
Obfuscated Shellcode, the Wolf in Sheep's Clothing (Part 3)
Date - Jun 16, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
In this last part of the three part series based on shellcode obfuscation, we will actually substitute the well known NOP sled for one of a differing function. We will also see what, if any, changes are noticed by Snort.
Instant Messenger Security: Securing Against the Threat of Instant Messengers
Date - Jun 16, 2005
Author - Gunter Ollmann
Section - Network Security Library / Network Security
It is expected that as many as 300 million people use Instant Messaging (IM) products. Organizations are facing two problems with IM services; adoption has been driven by the end user and not by management, and the client applications were initially built for home users not businesses – consequently they emphasise functionality over security. Thus, almost through the back door IM has entered into the corporate world creating yet another layer of security concern. Unsecured IM client installations are placing enterprise systems at risk to hackers, viruses, worms, Trojans, legal liability and violation of privacy laws.
Hiring Hackers As Security Consultants
Date - Jun 14, 2005
Author - Brien Posey
Section - Articles / Misc Network Security
The subject of whether it is ethical to use former hackers to evaluate a network’s security is a topic that is often hotly debated. In this article, I will explore the pros and cons of using former hackers in such roles.
Code Signing: Is it a Security Feature?
Date - Jun 09, 2005
Author - Deb Shinder
Section - Articles / Authentication, Access Control & Encryption
Code signing is a mechanism whereby publishers of software and content can use a certificate-based digital signature to verify their identities to users of the code, thus allowing users to decide whether or not to install it based on whether they trust the publisher. Code signing has been touted as a major security feature, but it’s important for users to understand its uses and its limitations. In this article, we’ll take a look at how code signing works and where it fits into your organization’s security plan.
The Phishing Guide - Understanding & Preventing Phishing Attacks
Date - Jun 08, 2005
Author - Gunter Ollmann
Section - Network Security Library / Phishing
Phishing is the new 21st Century Crime. Organizations and their customers constantly fall prey to "Phishing Schemes". While Phishers develop evermore sophisticated attacks, network administrators, and their customers grow wary of system security and the official looking requests that mimic official business requests. This paper covers the technologies and security flaws Phishers exploit to conduct their attacks and steal your information. The information contained here should help network and security professionals arm themselves against the exploits of Phishing Scams.
How A Security Specialist Fell Victim To Attack
Date - Jun 08, 2005
Author - Darren Miller
Section - Network Security Library / Web Security
These days, I write several pages for our site plus two to three articles per week. For the most part, articles are re-published without you even knowing. You typically find out when someone visits your site from another where the article has been posted. Other times, the site that plans on posting the article e-mails you and asks you to review it before it goes live. Two weeks ago, I received one of these e-mails. It was all downhill from there.
Obfuscated Shellcode, the Wolf in Sheep's Clothing (Part 2)
Date - Jun 07, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
In this second part we will actually see what a NOP sled is, and looks like. Furthermore, we will use an exploit with an existing NOP sled to see how it shows up on an IDS such as Snort with a default ruleset in place.
WindowSecurity.com relaunches free online Trojan scanning service
Date - Jun 02, 2005
Author - The Editor
Section - Site News
WindowSecurity.com has relaunched its free web-based service enabling users to check their system for any known Trojans. With totally new scanning technology, an updated powerful engine, and an extensive Trojan signature database, the Trojan scanner is the most comprehensive free scanner available.
The Security Risks Of Desktop Searches
Date - May 31, 2005
Author - Brien Posey
Section - Articles / Misc Network Security
Google has recently released a very handy new tool that allows you to perform searches against your own computer in the same way that you would search the Internet. With this tool come some serious security problems though. In this article, I will discuss Google’s security issues and talk about what this might mean for other companies developing similar applications.
Physical Security Primer (Part 2)
Date - May 26, 2005
Author - Robert J. Shimonski
Section - Articles / Misc Network Security
In this article we will continue with our detailed look at applying physical security whenever and wherever possible. In this article we will cover Backup Power. Let’s take a look at what you can do to make sure that power remains a reality at your facility, home or office.
The Shortcut Guide to Network Compliance – Chapter 4 - Network Compliance Best Practices and Methodologies
Date - May 26, 2005
Author - Realtimepublishers.com, Inc.
Section - Network Security Library / Policy & Standards
By managing compliance requirements as you would any other type of business policy, and by implementing tools that can automate compliance and configuration management, maintaining a compliant network can be straightforward. Another way to simplify compliance management is to implement best practices and sound methodologies for managing your network, which is what this chapter is all about.
Obfuscated Shellcode, the Wolf in Sheep's Clothing (Part 1)
Date - May 24, 2005
Author - Don Parker
Section - Articles / Viruses, trojans and other malware
This article will describe just what shellcode is, and how it relates to exploit code. Also explained will be some advances in exploit code development in an effort to further stealth the presence of certain shellcode characteristics.
Using Dual Accounts for Administrators
Date - May 19, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
With security on the minds of everyone, including all administrators and executives, every precaution needs to be taken to protect the network devices, servers, clients, Active Directory, and network resources. Historically and even recently administrators and others that have elevated privileges to essential resources have been able to use a single user account for all of their activities, whether the activity is one that a common end user would perform or one that only an administrator can perform. It is time to consider the exposure that this situation creates and take action to protect all resources that are exposed by this activity.
Preserving Digital Evidence to Bring Hackers and Attackers to Justice
Date - May 17, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
The world is waking up to the fact that hacking into a company’s computer network, launching attacks that cause network downtime or releasing viruses and other malicious code is more than a bit of "digital criminal mischief" -- it’s a serious crime that deserves serious attention from the criminal justice system. In this article, we’ll explain how standard rules of evidence apply to digital data and what precautions you should take to preserve it properly for a court trial.
Security Series: Final countdown tips for Disaster Recovery and Business Continuity (Part 6 of 6)
Date - May 12, 2005
Author - Ricky M. Magalhaes
Section - Articles / Misc Network Security
This article completes the DR BC series and we have covered many aspects that need to be taken into consideration when designing both a Disaster recovery and business continuity plan. WE covered documentation and the need for change control and skilled people for managing the process. We also cover some steps that can be taken now by the organization to mitigate the risk and reduce the loss of valuable data.
Built-in Groups vs. Delegation
Date - May 10, 2005
Author - Derek Melber
Section - Articles / Authentication, Access Control & Encryption
The administration of users, groups, computer accounts, resetting passwords, and group policy objects are some of the most important tasks that need to be done on a typical Active Directory network. When these tasks are assigned, there are two options within Active Directory to provide this access: Built-in groups and Delegation of Administration.
Wireless Network Security For The Home
Date - May 05, 2005
Author - Brien Posey
Section - Articles / Wireless Security
According to a December 2004 study, 60 to 70 percent of all wireless networks are insecure. Although there is lots of information on securing wireless networks, most of this information focuses on corporate networks. In this article, I will attempt to help people secure their home wireless networks.
The Shortcut Guide to Network Compliance – Chapter 1 – Understanding IT Compliance
Date - May 04, 2005
Author - Realtimepublishers.com, Inc.
Section - Network Security Library / Policy & Standards
This guide explores the underlying meaning of IT compliance, apart from all the hype and publicity. It will explain how the IT industry has been handling compliance for decades, and how new technologies and techniques can help you better handle compliance moving forward. To prove that compliance has always been with us, we’ll focus on an often-overlooked area of IT—the network infrastructure.
Book Reviews: More Security Books
Date - May 03, 2005
Author - Mitch Tulloch
Section - Articles / Misc Network Security
Several publishers have sent me some more books on various security topics, and I want to take a few minutes to let you know which ones I recommend.
How to Audit your Network via Packet Analysis
Date - Apr 28, 2005
Author - Don Parker
Section - Articles / Misc Network Security
Auditing your network at the packet level is a practice that is not done very often, if at all. The truth of it is that there are untold riches in all those packets flying about on your LAN. All one has to do is log them, and dig into them. One never knows what they will find.
Book Reviews: Security Books
Date - Apr 26, 2005
Author - Mitch Tulloch
Section - Articles / Misc Network Security
Security is always an important area for IT professionals, and there's no shortage of books on computer and network security coming out these days. Below are five recent titles on various security topics and my take on them.
Increasing Security with Limited User Accounts and Restricted Groups
Date - Apr 26, 2005
Author - Deb Shinder
Section - Articles / Authentication, Access Control & Encryption
In this article, we’ll talk about the differences between the built-in and default local account types, and the differences between local and domain user accounts. Then we’ll discuss how you can increase security by creating customized limited user accounts and using Restricted Groups.
Security Series: Building Preparation (Part 5 of 6)
Date - Apr 21, 2005
Author - Ricky M. Magalhaes
Section - Articles / Misc Network Security
In part five we take the IT professional through strategies of offsite recovery and potential solutions that could be recommended to businesses for recovery. The importance of pre-disaster preparation is highlighted and the fact that just basic preparedness is done in the event of disaster proves to be worth the time and cost invested.
Spyware Clogging Network Arteries
Date - Apr 20, 2005
Author - Jeff McDermott
Section - Network Security Library / Network Security
The goal of this article is to discuss the concerns and threats that spyware creates for Network Administrators, and to provide information that is helpful in making the general public aware of the spyware threat. Also included in the article is a link to independent studies and comparisons of Anti-spyware software by Eric L. Howes.
Security Concerns for Migrations and Upgrades to Windows Active Directory
Date - Apr 19, 2005
Author - Derek Melber
Section - Articles / Windows 2003 Security
Most organizations are either at Windows Active Directory or they are contemplating that move now. If you fall in the latter category, you have some decisions to make. You need to decide how you will get from where you are now, possibly a Windows NT domain(s), to Windows 2000 or Server 2003 Active Directory domain(s).
Can Service Pack 2 Make Windows XP Less Secure?
Date - Apr 14, 2005
Author - Brien Posey
Section - Articles / Windows OS Security
Although Windows XP Service Pack 2 was designed to make your system more secure, there are some situations in which installing the service pack can actually undermine your existing security. In this article, I will take a look at what these situations are and how you can get around them.
Definitive Guide to Security Management – Chapter 4 – Security Risk Management
Date - Apr 13, 2005
Author - Realtimepublishers.com, Inc.
Section - Network Security Library / Network Security
Information security professionals are rarely at a loss for data. Point products—such as firewalls, intrusion prevention systems, antivirus programs, operating systems (OSs) and other elements of the security infrastructure—generate steady streams of data about events and conditions. Security professionals are not in need of data—they need information. Filtering volumes of raw data, correlating events, and reporting actionable information is the role of a security information management (SIM) system.
Wipe your Deleted Data Away: Using cipher.exe
Date - Apr 12, 2005
Author - Robert J. Shimonski
Section - Articles / Windows OS Security
In this article we will look at how to use a tool called ‘cipher’ which is a command line tool included with Windows 2000 and XP. We will learn how to use its newest functionality – allowing administrators the ability to wipe all deleted (marked for deletion) data on the hard disk. This would overwrite all of the deleted data and provide for better security. If someone steals your system, like a laptop, then the thief would not be able to recover that data. In this article we learn how to perform this procedure.
Web Server Defacements (Part 3)
Date - Apr 07, 2005
Author - Don Parker
Section - Articles / Web Server Security
We shall now actually deface the web server’s web page, and pull off the hack as it were. Furthermore we will peek under the hood, and look at the packets to see just what transpired so that you might recognize it in the future.
Making MOM More Secure
Date - Apr 05, 2005
Author - Deb Shinder
Section - Articles / Windows 2003 Security
Microsoft Operations Manager (MOM) 2005 is a great solution for managing your Exchange, SQL and other servers -- but what about security? In this article, we'll discuss some of the security issues related to MOM 2005, how Microsoft has made this version of MOM more secure, and best practices for deploying MOM in the most secure way possible.
Server and Domain Isolation Using IPsec and Group Policy (Overview)
Date - Apr 05, 2005
Author - Microsoft
Section - Network Security Library / Network Security
This article demonstrates how IPsec transport mode can be leveraged as one of the best means currently available to protect corporate networks. This protection can minimize losses due to information theft, compromise of credentials, and administrative costs. This solution also clearly contrasts IPsec transport mode from the more widely known IPsec tunnel mode, one of the prevalent VPN technologies today.
Security Series: Disaster Recovery Objectives and Milestones (Part 4 of 6)
Date - Mar 31, 2005
Author - Ricky M. Magalhaes
Section - Articles / Misc Network Security
In part four of the Disaster Recovery series the important project definition phase is covered, disaster recovery strategy as well as project mile stones. Importantly materials that should be stored offsite and best practice has also been highlighted.
Logon Type Codes Revealed
Date - Mar 29, 2005
Author - Randall F. Smith
Section - Articles / Misc Network Security
The logon/logoff category of the Windows security log gives you the ability to monitor all attempts to access the local computer. In this article I’ll examine each logon type in greater detail and show you how some other fields in Logon/Logoff events can be helpful for understanding the nature of a given logon attempt.
Using Saved Queries
Date - Mar 24, 2005
Author - Derek Melber
Section - Articles / Windows 2003 Security
Do you ever wonder why Microsoft has not built in more reporting tools to their operating systems? Have you ever wanted to email Microsoft and suggest that they at least allow some form of reporting on the security related details of user, group, and computer accounts? With the significant advancements that Microsoft has made with Active Directory over the past 5 years, you would think that they would have developed some form of reporting mechanism within Windows 2000 and Windows Server 2003 for user, group, and computer security related information. Well, they finally did!
Have Wireless Networks Surpassed the Security of Wired Networks?
Date - Mar 22, 2005
Author - Brien Posey
Section - Articles / Wireless Security
Wireless networks have long been known for being insecure. However, there has been so much emphasis on wireless network security, that in some ways, wireless network security is now better than the security used for wired networks. In this article, I will explain why this is the case and how to apply some of the wireless security techniques to your wired network.
Configure a VPN Connection Using Windows XP
Date - Mar 18, 2005
Author - Robert J. Shimonski
Section - Articles / Firewalls & VPNs
In this article we will learn how to configure a connection to a virtual private network (VPN) using Windows XP. This article will show you how to create a new VPN connection using Microsoft Windows XP. By creating an encryption tunnel through the Internet, data can be passed safely.
Web Server Defacements (Part 2)
Date - Mar 15, 2005
Author - Don Parker
Section - Articles / Web Server Security
In part two of this article series we shall take a more detailed look at how to actually pull off a web page defacement. The tool in use will be the outstanding open source security program Metasploit Framework. Detailed usage will be shown so you can recreate the scenario.
Service Management Functions: Security Management (Part 2)
Date - Mar 15, 2005
Author - Microsoft
Section - Network Security Library / Network Security
The business world is increasingly reliant on technology to supply information and communications facilities to staff, partners, and customers. Securing organizational information and the systems that are used to manage and transmit data has become a high profile function. Failure to secure information can have a severe impact on business credibility.
A First Look at Microsoft's Anti Spyware Beta
Date - Mar 10, 2005
Author - Brien Posey
Section - Articles / Viruses, trojans and other malware
Over the last couple of years, spyware has grown from being a nuisance into being an epidemic. Although many tools exist for fighting spyware, they largely focus on the recovery of infected systems and have been mostly ineffective in the war against spyware. A few weeks ago however, Microsoft unveiled the first beta of their own anti spyware solution. Although this software is capable of disinfecting an infected system, its primary goal is to prevent the initial infection. In this article, I will explain how this software works and share my initial impressions of it with you.
Service Management Functions: Security Management (Part 1)
Date - Mar 09, 2005
Author - Microsoft
Section - Network Security Library / Network Security
The business world is increasingly reliant on technology to supply information and communications facilities to staff, partners, and customers. Securing organizational information and the systems that are used to manage and transmit data has become a high profile function. Failure to secure information can have a severe impact on business credibility.
Disk Based Backup: All Hype or the Best Protection for your Data?
Date - Mar 08, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
In this article, we’ll look at disk based backup and how it can be used to replace or supplement your current tape backup system.
HiJackThis Log Experts – At your service!
Date - Mar 03, 2005
Author - The Editor
Section - Site News
One of the free services that our Security Message Boards, Security-Forums.com, offers is the detailed reading and analysis of HiJackThis logs. Through reading a HiJackThis log a properly trained security professional will be able to see if a PC is infected with any malicious programs. Below you will find information on how to submit a proper HiJackThis log and how the S.M.A.R.T. members can help remove any unwanted programs off your system.
Security Series: Formulation of the Business Continuity Plan (Part 3 of 6)
Date - Mar 01, 2005
Author - Ricky M. Magalhaes
Section - Articles / Misc Network Security
In part three of the Disaster Recovery series, hardware selection, potential solutions, recovery strategies and centralization of information storage have been covered. Different levels at recoveries will take place at will help organizations to become effective when a true disaster occurs are also worked through.
Keeping Your Organization’s Security Current
Date - Feb 24, 2005
Author - Brien Posey
Section - Articles / Misc Network Security
Although cyber security is critically important, there are those people whose jobs are so demanding that security gets neglected. Although it is highly recommended to maintain security on a daily basis, this article provides shortcuts for those who are too busy to deal with network security.
How To: Mastering PortQry.exe (Part 2)
Date - Feb 22, 2005
Author - Robert J. Shimonski
Section - Articles / Misc Network Security
In this article we will cover advanced topics when using the PortQry command line tool. The utility allows you to select a computer, analyze it and get a report of port status on TCP and/or UDP ports. In the second part of this two article set we will cover advanced topics and other scanning and analysis examples. We will also look at installing and using the UI *User Interface* that you can also add on to it.
Treating Infected Systems
Date - Feb 17, 2005
Author - Amit Zinman
Section - Articles / Viruses, trojans and other malware
So your computer has a virus, a Trojan, or one of the other growing range of pests, what do you do?
Practical Guide to Compliance Security & Risk – Part 1 – Assuring Compliance
Date - Feb 17, 2005
Author - Realtimepublishers.com, Inc.
Section - Network Security Library / Policy & Standards
In today’s integrated, regulated, litigated environment, it is necessary to provide assurance to customers, business partners, regulators, and sometimes even the courts that you have done your due diligence in securing your IT infrastructure. New and updated United States laws are increasingly making corporate management responsible for ensuring compliance, as companies face substantial fines and penalties for not doing so. Existing and emerging global security and privacy laws and regulations make keeping up with multinational compliance requirements imperative.
Protecting the Administrator Account
Date - Feb 15, 2005
Author - Derek Melber
Section - Articles / Windows OS Security
The Administrator user account is by far the number one target for someone trying to gain illegal access to your network and resources. You must protect this account above all other accounts to ensure that you are not left vulnerable to the tools, tricks, and exposure that this account accommodates. There are some basic and advanced options that you can configure within Windows Active Directory to protect this valued account.
Web Server Defacements (Part 1)
Date - Feb 10, 2005
Author - Don Parker
Section - Articles / Web Server Security
The urban art of grafitti has traversed to the online world in the form of web server defacements. Just how do these online vandals do it though? Read on to learn how it is done, and therefore gain a deeper understanding which will help you defend against it.
WindowSecurity.com acquires Security-Forums.com
Date - Feb 08, 2005
Author - The Editor
Section - Site News
WindowSecurity.com, a foremost computer security website has acquired leading UK security portal Security-Forums.com.
Administrator’s Shortcut Guide to Patch Management – Chapter 2 – Best Practices
Date - Feb 08, 2005
Author - Realtimepublishers.com, Inc.
Section - Network Security Library / Patch Management
Several companies and security patch administrators consider the patching process to be a single step that provides a secure computing landscape. In reality, the patching process is a continuous cycle that must be strictly followed. Each step in the process must be tuned and modified based on previous successes and failures. As many realize, patching computers is a fact of life as part of the defense in depth security strategy. By spending time up front to create policies and procedures, companies can minimize the time and resource requirements needed to fulfill the patching demands. In this chapter, you will read about each step in the patch management process.
Testifying in a Computer Crimes Case
Date - Feb 03, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
As an IT professional and working network administrator, you may find yourself called upon to testify as a victim or witness (i.e., a representative of a company whose network is victimized) in a computer-related crime. Another possibility is that you might someday want to use your technical expertise to become a professional expert witness in computer-related cases. In this article, we examine the basics of testifying in either capacity in a case involving computer crimes, and how you can move into the lucrative field of computer forensics, on either a full- or part-time basis.
Security Series: Disaster Recovery Target (Part 2 of 6)
Date - Feb 01, 2005
Author - Ricky M. Magalhaes
Section - Articles / Misc Network Security
In part two of the Disaster Recovery series, we will discuss information pertaining to the organization's stance on disaster recovery. Planning of DR, potential requirements, terms of availability, business continuity, the documentation there of and the continual updating of the documentation are also covered.
Intrusion Detection Systems FAQ
Date - Feb 01, 2005
Author - The Editor
Section - Articles / Intrusion Detection
Intrusion Detection Systems are used to detect malicious activity on your network. This Intrusion Detection Systems FAQ explains different types of network attacks and how to detect them.
How to Avoid Phishing Scams
Date - Jan 27, 2005
Author - Brien Posey
Section - Articles / Content Security (Email & FTP)
If you received an E-mail message from your bank saying that your checking account was overdrawn because of a check that you didn’t write, what would you do? Before you answer, it’s important to realize that you may not really be overdrawn and that there is a good chance that someone is trying to scam you. In this article, I will explain exactly how this type of scam works and how to avoid being a victim.
How To: Mastering PortQry.exe (Part 1)
Date - Jan 25, 2005
Author - Robert J. Shimonski
Section - Articles / Misc Network Security
In this article we will cover the fundamentals of using the PortQry command line tool. PortQry.exe is a utility that you can use to help you troubleshoot TCP/IP connections. The PortQry.exe utility runs on Windows 2000-based computers, on Windows XP-based computers, and on Windows Server 2003-based computers.
Security Configuration Wizard in Windows Server 2003 Service Pack 1
Date - Jan 20, 2005
Author - Derek Melber
Section - Articles / Windows 2003 Security
Microsoft has developed an almost ideal tool to help you configure security on computers in your organization. The tool is the Security Configuration Wizard, which is available in Windows Server 2003 service pack 1. The tool can help you configure services, network security, auditing, registry settings, and more. The wizard accomplishes these goals by producing security policies, which can be used in conjunction with security templates and specific server roles
The Convergence of Hacking and Security Tools
Date - Jan 18, 2005
Author - Don Parker
Section - Articles / Misc Network Security
There is beginning to be a blurring of the lines when it comes to security tools, and hacking tools. Is there really a difference anymore between the two of them at all? This article will detail one specific example of this paradigm "Metasploit Framework". Following this article will be a clear demonstration of this tool in action as well over the course of a three part series.
Use Microsoft's Virtual PC to Test Software Before Deploying It
Date - Jan 13, 2005
Author - Deb Shinder
Section - Articles / Misc Network Security
The introduction of new operating systems, new applications and even patches or fixes on your production network can pose its own kind of threat, if you don't know what the "unintended consequences" will be. Best practice is to first set up a test environment that emulates your production environment and run the new software there. Buying a lot of machines to do this can be prohibitively expensive, so many network administrators have turned to virtual machine software. In this article, we take a look at what's different in VPC and how to install and use it.
Security Series: Disaster Recovery Tactics that Ensure Business Continuity (Part 1 of 6)
Date - Jan 11, 2005
Author - Ricky M. Magalhaes
Section - Articles / Misc Network Security
In part one of the Disaster Recovery series potential disasters, possible events and the reason that it is vital to have a disaster recovery plan and Business continuity plan in place like an insurance policy on any valuable items are covered.
Passwords - Common Attacks and Possible Solutions
Date - Jan 07, 2005
Author - Dancho Danchev
Section - Articles / Authentication, Access Control & Encryption
Making sure authorized users have access to either sensitive company information or their personal e-mail can be a dauntning task, given the fact that an average user has to remember at least 4/5 passwords, a couple of which have to be changed on a monthly basis. The majority of users are frustrated when choosing or remembering a password, and are highly unaware of the consequences of their actions while handling accounting data. This article will provide you with an overview of how important, yet fragile, passwords security really is; you will be acquainted with different techniques for creating and maintaining passwords, and possible alternative methods for authentication, namely Passphrases, Biometrics and Public Key Infrastructure(PKI).
Making the Internet Safer For Your Employees
Date - Jan 06, 2005
Author - Brien Posey
Section - Articles / Misc Network Security
The Internet is becoming such a hostile environment that some companies are starting to deny employees Web browsing and E-mail privileges in the interest of keeping the network safe. Rather than taking such extreme action though, there are other steps that you can take to help insure that those users connected to the Internet don’t infect your network with spyware, viruses, or other parasites. In this article, I will explain some of these techniques to you.
How to Plan for a Possible Network Attack
Date - Jan 05, 2005
Author - Robert J. Shimonski
Section - Articles / Misc Network Security
In this article we will focus on a much needed topic which is proactive planning. Planning for your systems and network devices to get hit so that you can avert it if it does. A saying pops into my head – "lack of prior planning on your part does not constitute an emergency on mine." This simply means that if you failed to plan, you planned to fail. In this article we will cover the basics you need to know about properly assessing your chances for attack and ways to proactively plan for attack.

Receive all the latest articles by email!

Receive Real-Time & Monthly WindowSecurity.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowSecurity.com member!

Discuss your security issues with thousands of other network security experts. Click here to join!

Community Area

Log in | Register

Solution Center

Readers' Choice

Which is your preferred Security Scanner solution?

Follow TechGenix on Twitter