March 12, 2010

Security Index

Displaying recent articles. Go back further in the Security Archives »

Automate Pen Testing with Fast-Track Client-Side Attacks

Paul RubensIf you've got a browser and a spare computer, you can run penetration tests using Fast-Track's mass client-side attacks in no time.

SafeStick Provides Secure USB Drive Alternative

Paul RubensHaving dodged a widespread backdoor that shut down the protection provided by a number of secure USB drives, SafeStick is establishing itself as an alternative for enterprise security.

10 Ways to Prevent or Mitigate SQL Injection Attacks

Paul RubensSQL injection attacks could allow hackers to compromise your network, access and destroy your data, and take control of your machines.

Motorola AirDefense Wireless VA Tool Reviewed

Lisa PhiferMotorola's vulnerability assessment tool works best when it's used as a complement to existing security practices – including on-site VA scans.

RoboForm Steps Up Into Enterprise Security

Paul RubensRoboForm Enterprise provides a simple alternative to enterprise single sign-on systems that achieves many of the same benefits at a far lower cost.

New DNSSEC Exploit Revealed, Should You Be Worried?

Its severity is rated "low," but patches are out for the second flaw in DNSSEC to be discovered in three months. DNS experts say some exploits are to be expected as the transition continues.

Automate Your Pen Testing with Fast-Track and Linux

Paul RubensAutomated penetration testing tools are a two edged sword: Learn how to run Metasploit-based Fast-Track on your own network before the black hats do.

Plug a Hole in Cisco's NetFlow Coverage

Drew RobbNetflow has changed since Cisco first introduced it. To get the maximum security benefit from this useful protocol, make sure collectors operating on your network are able to collect, analyze and store Flexible NetFlow templates and data.

Secure Networks Require Secure Web Gateways

Paul RubensMost IT shops have handled the e-mail threat but overlook the rise of the Web as today's primary attack vector. Secure Web gateways that know better than to trust "good" sites will be key to addressing that oversight.

Does Metasploit Have a Future?

Paul RubensRecently acquired, the Metasploit project is a popular pen testing framework loved by white- and black-hats alike. Now that it has a corporate parent, does it have a future as a viable open source project?

15 Quick Security Wins for Your Network

Paul RubensNetwork security isn't easy, but there are plenty of ways to maximize the return you get on your efforts. Here are fifteen ways to gain a lot more security for less effort than you might expect.

Build an IPSEC VPN Without Losing Your Mind

Charlie SchlutingYou might be ready to move beyond OpenVPN, but feel daunted by IPSEC's learning curve. With our quick guide, you'll be up and running with free, open Openswan in no time.

L0phtcrack Provides Industrial Strength Password Auditing

Paul RubensBought by Symantec, buried and now back in the hands of its creators, L0phtcrack provides network administrators with a way to mass-audit passwords on their networks, then remediate problem accounts.

Does Size Matter? Picking a Sane Password Policy

Paul RubensThe problem with user-hostile password policies and the associated feats of memorization involved is how poorly they address every other threat to your network besides dictionary attacks.

Strike the Right Balance with Your Password Policy

Paul RubensFormulating password policy is a balancing act - a trade-off between usability and security

Displaying recent articles. Go back further in the Security Archives »

Networking Solutions





Partners