 | | ^ click above ^ |
04.08.04
Top Ten Tips to Make Attackers’ Lives Hell
I run a lot of penetration testing exercises against client networks and systems. A lot of the time, testing is relatively straightforward, as the network administrator is not filtering ICMP traffic, and my network scans are not proactively blocked. I love this type of testing, as it's easy and quick to undertake.
What I don't like, however, is when security-conscious administrators lay down a number of hurdles between me and the target systems. In these situations, a test that would usually take two days to undertake now takes a week's worth of my time! By laying down such hurdles, you can force attackers (and security consultants) to go to much more effort in trying to map your networks, identify services, and applications, and effectively attack and compromise them.
Read The Whole Article | Monitoring and Managing Linux Software RAID
Systems administrators managing a data center face numerous challenges to achieve required availability and uptime. Two of the main challenges are shrinking budgets (for hardware, software, and staffing) and short deadlines in which to deliver solutions. The Linux community has developed kernel support for software RAID (Redundant Array of Inexpensive Disks) to help meet those challenges.
Software RAID, properly implemented, can eliminate system downtime caused by disk drive errors. The source code to the Linux kernel, the RAID modules, and the raidtools package are available at minimal cost under the GNU Public License. The interface is well documented and comprehensible to a moderately experienced Linux systems administrator.
Read The Whole Article
Detailed procedure for installation of VNC on OpenServer
I've been working hard to get VNC working on OpenServer 5.0.6. In doing so, I have written these Bourne shell scripts to automate the process of downloading, extracting, installing and configuring the binaries for tightvnc and all of the packages on which it depends.
Apparently there are some issues with having the VNC Java client work in conjunction with inetd. The "5_configure" script will prompt you to choose between the Java client and inetd. It appears to be because when an attempt is made to connect to port 58XX, thus initiating a download of the Java client, VNC is not actually running at that point. It doesn't get launched until after the Java client is already downloaded and executing.
Read The Whole Article
| Free Book: "The 5 Styles of Business Intelligence" |
How to Defend your Network Against Social Engineers
You can buy the most expensive firewall equipment, install the best anti-virus software, add the greatest intrusion detection system, but there is still a “weakest link” in your security plan that you may have overlooked. In this article, we discuss some common social engineering tactics and, more importantly, what you can do to protect your organization’s network against those who specialize in exploiting the weaknesses of people rather than those of the software.
Read The Whole Article
Managing the Network Security Challange
For university information technology departments, a balancing act can be challenging. University computer networks are an essential component of university operations. Yet, they are often large, heterogeneous, open, and used by thousands of individuals whose computing habits and expertise are largely unknown.
At Temple University, for example, approximately 16,000 systems—from mainframes and mid-ranges to PCs and laptop devices—connect to a hybrid wired and wireless network. Individual schools and colleges within the university own many of the systems. Students own the remaining connected PCs, laptops, and tablets. Temple University has a diverse user community, ranging from students with no computer experience to professors who teach Computer Science. Consequently, protecting a customer base with such a wide span of expertise poses its own set of challenges from both a technological and an educational perspective.
Read The Whole Article
Symantec Announces Security for Wireless Handheld Devices
Symantec AntiVirus for Handhelds Corporate Edition 3.2 Protects Palm OS, Microsoft Windows Mobile Software Platforms
Symantec Corp (Nasdaq:SYMC), the global leader in information security, today announced Symantec AntiVirus for Handhelds Corporate Edition 3.2 with support for wireless device deployments in enterprise environments. Symantec AntiVirus for Handhelds Corporate Edition 3.2 is fully device resident and can be deployed and managed on Palm Powered smartphones and handhelds as well as Windows Mobile-based Pocket PCs, without the need for synchronization with a desktop system.
Read The Whole Article
| | From the Forum: | | Domain has been hijacked | Came into the studio this morning, turned on the computer, fetched my email and discovered a message from a client that my website was down.
I opened IE6, typed in my URL, and sure enough, my DNS has been hijacked. ... |
  |
|
