Highest Rated

{LANG_NAVORIGIN} > Highest Rated

5/5 based on 12 votes
Achieving Wireless Security with Interoperability
{LANG_NAVORIGIN} Wireless Security
Though the concept of an ultra-high level of wireless networking security and information assurance is somewhat opposed to the concept of open interoperability with a wide spectrum of 3rd party vendors’ wireless equipment, this paper is intended to show that 3eTI FIPS 140-2 validated and Common Criteria certified wireless equipment are interoperable with multiple vendors’ IEEE 802.11-compliant equipment, and that 3eTI solutions are non-proprietary. 3eTI has blazed the trail in marrying the IEEE 802.11i commercial standard for enhanced wireless security with FIPS 140-2 validation requirements per the NIST Cryptographic Module Validation Program (CMVP).


5/5 based on 6 votes
Vulnerability Assessment
{LANG_NAVORIGIN} Vulnerability Management
The intention of this paper is to provide basic information to those who have recently entered the security field, provide some insight as to why a vulnerability assessment is necessary provide an overview of the vulnerability assessment process from discovery to baseline standardization, provide some assistance to those who want to perform a vulnerability assessment but do not know where to start.


5/5 based on 7 votes
Easy Steps to Cisco Extended Access List
{LANG_NAVORIGIN} Operating System Router
The purpose of this document is to explain in simple words how you can easily create an Extended Access List and apply it to your Cisco Router interface. This document is intended for the novice network security personnel who has a basic understanding of networking essentials. For example, you were recently assigned to the network security section and tasked to protect your network by creating an Extended Access-lists to block ports and suspicious Internet Protocol addresses on your router.


4.86/5 based on 7 votes
S-Box Modifications and Their Effect in DES-like Encryption Systems
{LANG_NAVORIGIN} Encryption
This paper presents the substitution boxes (s-boxes) found in many block ciphers, and more specifically in DES-like encryption systems. It begins with a brief history of the Data Encryption Standard (DES) and the first public question on the chosen s-boxes. An outline of the DES algorithm is presented, along with a more detailed look of the cipher function that uses the s-boxes. The major methods of cryptanalysis are reviewed, including how they use the s-boxes for their attacks, and how the risk can be mitigated by alternate schemes. Potential changes to s-boxes described, as well as how these changes may or may not strengthen DES-like encryption systems. Finally, there is a brief example of how some researchers underwent rigorous DES-like s-box construction testing.


4.83/5 based on 6 votes
A Common Language for Computer Security Incidents
{LANG_NAVORIGIN} Incident Handling
The Common Language Project was not an effort to develop a comprehensive dictionary of terms used in the field of computer security. Instead, our intention was to develop a minimum set of 'high-level' terms, along with a structure indicating their relationship (a taxonomy), which can be used to classify and understand computer security incident and vulnerability information. We hope these 'high-level' terms and their structure will gain wide acceptance, be useful, and most importantly, enable the exchange and comparison of computer security incident information. We anticipate, however, that individuals and organizations will continue to use their own terms, which may be more specific both in meaning and use. We designed the common language to enable these 'lower-level' terms to be classified within the common language structure.


4.83/5 based on 6 votes
BCP and DRP Presentation
{LANG_NAVORIGIN} Certifications CISSP
Presentation made by Ben Rothke on domain 8 of the CBK - Business Continuity Planning and Disaster Recovery Planning


4.83/5 based on 6 votes
A Multi-Level Defense Against Social Engineering
{LANG_NAVORIGIN} Exploits Social Engineering
This paper will discuss the basics of social engineering by giving a general overview of social engineering. It will then discuss the psychological triggers that make social engineering so successful. These triggers include strong affect, overloading, reciprocation, deceptive relationships, diffusion of responsibility and moral duty, authority, and integrity and consistency. Finally, this paper will define a multi-level defense that will address these psychological triggers.


4.83/5 based on 6 votes
Are Secure Internet Transactions Really Secure?
{LANG_NAVORIGIN} Web Security
This paper looks at the problem of determining if a secure transaction on the internet is really secure or not. When a customer is about to submit their private information and credit card details to a merchant, typically they look for the solid lock or key on their browser to tell them that the transaction is secure. However, that is not the whole story. There are other factors that come into play when determining if this transaction is secure or not. This paper examines those issues.


4.82/5 based on 11 votes
The Administrator Shortcut Guide to Active Directory Security Chapter 3
{LANG_NAVORIGIN} Operating System Microsoft
Before we dive into who will manage GPOs—we will tackle the details of controlling the management of GPOs in the next chapter—we must first establish a foundation of knowledge by exploring the basics of GPOs. One of the most important aspects of a GPO is its ability to control security for user and computer accounts in the domain. A GPO has almost 1000 policy settings. The security settings are spread throughout the structure of the GPO, so simply finding a specific GPO setting can be a daunting task. This chapter will lay out the structure of a GPO, indicating where the essential security policies reside, allowing you to efficiently find the settings that you need.


4.78/5 based on 9 votes
Monitoring Network Traffic
{LANG_NAVORIGIN} Security Tools
Reading network traffic is essential for system administrators, network engineers, and security analysts. At some point there will be a need to read the network traffic directly instead of monitoring application level details. Examples of situations that might require monitoring network traffic are, auditing network security, debugging network configurations, and analyzing usage patterns. For this task we use network monitoring software, or network sniffers, that sniff the traffic your computer is able to see on the network. What exactly your computer can see really depends on how the network is laid out, but the easiest way to figure out what it can see is just start sniffing.


4.77/5 based on 30 votes
Session Hijacking Packet Analysis
{LANG_NAVORIGIN} Exploits
TCP session hijacking is a very dangerous attack vector because most systems are vulnerable to it, as most systems use TCP/IP as their primary communication protocol. Newer operating systems have attempted to secure themselves from session hijacking by using pseudo-random number generators to calculate the Initial Sequence Number, making it harder to guess. Any security measure in randomly generating an ISN is ineffective if the attacker is able to sniff ACK packets, as they give all the information required to perform this attack.


4.76/5 based on 21 votes
How to Setup Password-less SSH Using Public - Private Keys
{LANG_NAVORIGIN} Encryption SSH
This HOWTO is a step-by-step guide for configuring and using password-less SSH service on Linux systems and is intended for a technical audience, Linux system administrators and security people in corporations and organizations that want to use password-less SSH service on their Linux systems.


4.75/5 based on 8 votes
Foundation for Minimal Solaris 10 Systems
{LANG_NAVORIGIN} Operating System Solaris
The topic for this article is the Solaris 10 Reduced Networking Software Group (also commonly known as the Solaris 10 Reduced Networking Meta Cluster). This software group is new and joins the five existing software groups available in Solaris today: Core, End User, Developer, Entire and Entire + OEM software groups. The Reduced Networking Software Group is positioned as a subset of Core and represents the smallest amount of Solaris that can or should be installed and have a working and supported system.


4.71/5 based on 7 votes
Solaris 10 Account Lockout (
{LANG_NAVORIGIN} Operating System Solaris
Account lockout can be enabled in one of two ways. The first way will enable account lockout globally for all users. The second method will all more granular control of which users will or will not be subject to account lockout policy. Note that the account lockout capability will only apply to accounts local to the system. We will look at both in a little more detail below.


4.71/5 based on 7 votes
User Info and User Dump Tutorial
{LANG_NAVORIGIN} Security Tools
The UserInfo and UserDump tools enumerate user credentials on Microsoft OS's as null sessions. Null sessions allow an anonymous attackers to extract a great deal of information about a system, most importantly, account names. They are dangerous because they allow attackers to pull juicy user data from the machine. Windows NT, 2000 and even Server 2003 domain controllers are susceptible to enumeration using null sessions. The key point to take away on null sessions and enumeration is that you can obtain account names to use on dictionary attacks and other information like last logon, privileges, and when and if the password expires. It even gives you the logon hours so we aren’t knocking on the door when the user should be asleep and not able to log in.


4.71/5 based on 7 votes
Detection of SQL Injection and Cross-site Scripting Attacks
{LANG_NAVORIGIN} Exploits SQL Injection
This article discusses techniques to detect SQL Injection and Cross Site Scripting (CSS) attacks against your networks. There has been a lot of discussion on these two categories of Web-based attacks about how to carry them out, their impact, and how to prevent these attacks using better coding and design practices. However, there is not enough discussion on how these attacks can be detected. We take the popular open-source IDS Snort, and compose regular-expression based rules for detecting these attacks. Incidentally, the default ruleset in Snort does contain signatures for detecting cross-site scripting, but these can be evaded easily.


4.67/5 based on 9 votes
Programming: The Heart of Web Security
{LANG_NAVORIGIN} Web Security
Information and data transmission system security holds a place of ever-growing importance in today’s world. The expansion of the Web has provided businesses with an ideal platform for introducing and promoting their products and services. The range of possibilities open to hackers is expanding to the point that certain business fundamentals, in particular confidentiality and integrity, are being challenged. Let us now review the reasons why such security problems have arisen, the stakes involved, and some examples of possible security flaws.


4.67/5 based on 6 votes
Cisco Pix: Logging and Beyond
{LANG_NAVORIGIN} Firewall PIX
After the implementation of your firewall and security policy, setting up the logging/monitoring of the traffic is the most important step. The logging/monitoring that is done now will help catch and analyze current traffic plus give the ability to trend and analyze any previous history. This document will present a "how to" on logging of a Cisco Pix Firewall version 6.1. It will show how to implement logging via a SYSLOG locally and remotely (VPN Solution). It will also discuss some of the logging that can be done with the Cisco Pix Device Manager (PDM) which is a graphical utility that is supported by Cisco Pix Firewall version 6.0 and above.


4.67/5 based on 6 votes
End to End Security for Windows 2000 Server
{LANG_NAVORIGIN} Operating System Microsoft Windows 2000 and NT
This document provides background information and detailed steps that should be taken in order to harden the windows 2000 operating systems against common network security attack. Please note however that operating system hardening procedures cannot be followed blindly. Operating system hardening involves, among other things, turning off all services that are not required for particular application. For this reason, each operating system hardening instance must be customized and this document should only be considered as a general guideline to follow during this customization.


4.67/5 based on 12 votes
The Administrator Shortcut Guide to Active Directory Security Chapter 2
{LANG_NAVORIGIN} Operating System Microsoft
The security that you design for AD must be implemented properly to be effective. Failure to follow your design documents can leave AD vulnerable to attacks from both within and outside of the LAN. In addition, AD security is very difficult to audit and track if not set up properly. In some cases, it will be easier to start over rather than to attempt to secure the AD environment after it has been installed and configured with many objects, settings, and features.


4.64/5 based on 33 votes
NetCat Tutorial
{LANG_NAVORIGIN} Security Tools
Throughout this tutorial, I will be giving examples on Linux systems. The official Netcat homepage makes no reference to Windows systems, however I have successfully built Netcat from source under Cygwin, and you can find a Win32 copy built by ‘@Stake’ and all examples used below are fully supported under Windows.


4.63/5 based on 68 votes
Practical Threat Analysis for the Software Industry
{LANG_NAVORIGIN} Vulnerability Management Risk Assessment
This paper describes Practical Threat Analysis (PTA); a calculative threat modeling methodology and a CASE tool that assists software security analysts and software developers in assessing system risks and building the most effective risk reduction policy for their system.


4.63/5 based on 8 votes
Mobile Mesh Networks Connect First Responders
{LANG_NAVORIGIN} Enterprise Security Government
Traditional network availability has proven to be difficult to maintain in unpredictable environments such as firestorms, natural disasters, and terrorist situations. Too often communications depend on access to fixed or temporary infrastructure and are limited by range or line of sight constraints. Radio interoperability between jurisdictions, always an issue for responders, became a homeland security issue after 9/11. Proprietary radios and multiple standards make it virtually impossible for different agencies to cooperate in a scaled response to a major disaster. Making data available instantly between emergency first responders from multiple agencies and jurisdictions and in even the most unpredictable situations requires a powerful, flexible, and reliable wireless solution.


4.63/5 based on 16 votes
Effective Data Investigation on Cisco Routers
{LANG_NAVORIGIN} Operating System Router
Addressing the three security principles, confidentiality, integrity and availability suggests that network administrators should constantly review and update configurations in routers to maintain a concerted effort of providing due care and due diligence in the network. When performing router security, network administrators should never divulge more information that does not need to be shared. This document provides steps needed to perform effective data investigation on Cisco routers using the router show commands for analysis.


4.6/5 based on 80 votes
Diffie-Hellman Key Exchange - A Non-Mathematician's Explanation
{LANG_NAVORIGIN} Encryption
A colleague recently asked if I could help him understand the Diffie-Hellman key exchange protocol? without digging through the math. My answer was "Yes I can, but not easily." Doing so requires a few diagrams because, in this particular case, a picture is worth at least a thousand words!