IT Security
Cyber security measures are associated with managing risks, patching vulnerabilities and improving system resilience. Key research subjects include techniques associated with detecting different network behavior anomalies and malware, and IT questions related to IT security. Since these research subjects mainly concentrate on the physical, syntactic and semantic layers, present research infrastructures are focused on studying … Read more
Vulnerabilities and attacks against Linux are creating business risks in a growing number of organizations — especially e-commerce companies, network and IT/security vendors, and cloud service providers that rely on Linux for many of their systems, including their own products. When Linux systems are hacked, the victim organizations can experience the same side effects as … Read more
I don’t envy IT administrators and information security managers for many reasons but especially when it comes to the bring your own device (BYOD) movement taking place in business today. With BYOD, you have to trust that your users are making good decisions about security, and you have to figure out how to manage each … Read more
It pays to find and fix the low-hanging fruit on your network. That’s where you get the most bang for your buck. The following mobile laptop, phone, and tablet weaknesses should be front and center on your priority list: No encryption Poorly implemented encryption No power-on passwords Easily guessed (or cracked) power-on passwords For other … Read more
Wi-Fi is very susceptible to attack — even more so than wired networks if it’s not configured or deployed properly. Wireless networks have long- standing vulnerabilities that can enable an attacker to bring your network to its knees or allow your sensitive information to be extracted right out of thin air. If your wireless network … Read more
Use stateful inspection rules that monitor traffic sessions for firewalls. This can help ensure that all traffic traversing the firewall is legitimate and can prevent DoS attacks and other spoofing attacks. Implement rules to perform packet filtering based on traffic type, TCP/UDP ports, IP addresses, and even specific interfaces on your routers before the traffic … Read more
Simple Network Management Protocol (SNMP) is built in to virtually every network device. Network management programs (such as HP OpenView and LANDesk) use SNMP for remote network host management. Unfortunately, SNMP also presents security vulnerabilities. Vulnerabilities The problem is that most network hosts run SNMP enabled with the default read/write community strings of public/private. The … Read more
Network infrastructure vulnerabilities are the foundation for most technical security issues in your information systems. These lower-level vulnerabilities affect practically everything running on your network. That’s why you need to test for them and eliminate them whenever possible. Your focus for security tests on your network infrastructure should be to find weaknesses that others can … Read more
You can implement various operating system security measures to ensure that passwords are protected. Windows The following countermeasures can help prevent password hacks on Windows systems: Some Windows passwords can be gleaned by simply reading the cleartext or crackable ciphertext from the Windows Registry. Secure your registries by doing the following: Allow only administrator access. … Read more
You can often find these serious technical vulnerabilities after exploiting organizational password vulnerabilities: Weak password encryption schemes. Hackers can break weak password storage mechanisms by using cracking methods that I outline in this chapter. Many vendors and developers believe that passwords are safe as long as they don’t publish the source code for their encryption … Read more