Get help with specific problems with your technologies, process and projects.
Get help with specific problems with your technologies, process and projects.
Built-in Windows commands to determine if a system has been hacked
In this tip, contributor Ed Skoudis identifies five of the most useful Windows command-line tools for machine analysis and discusses how they can assist administrators in determining if a machine has been hacked. Continue Reading
What techniques are being used to hack smart cards?
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers. Continue Reading
What are the dangers of using radio frequency identification (RFID) tags?
In this expert response, Joel Dubin discusses the dangers associated with radio frequency identification (RFID) tags, and how users can protect themselves. Continue Reading
What software development practices prevent input validation attacks?
Improper input validation leads to numerous kinds of attacks, including cross-site scripting, SQL injection and command injection. In this expert Q&A, Michael Cobb reviews the most important application development practices. Continue Reading
Ten hacker tricks to exploit SQL Server systems
SQL Server hackers have a medley of tricks and tools to gain access to your database systems. Learn their techniques and test SQL Server security before they do. Continue Reading
Cleansing an infected mail server
Learn five measures you can take to when cleaning up a massive email virus infectionContinue Reading
Firewall redundancy: Deployment scenarios and benefits
There are, however, several good reasons to deploy multiple firewalls in your organization. Let's take a look at a few scenarios.Continue Reading
Developing a patch management policy for third-party applications
Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from ...Continue Reading
Your physical security budget: Who pays and how much?
In many organizations, the cost of data center security is a shared expense -- or at least it should be. How much then should you be spending on security and how much of that should be picked up by other business units?Continue Reading
PCI compliance after the TJX data breach
The massive TJX data breach reinforced the need for stricter controls when handling credit card information. In this tip, Joel Dubin reexamines the need for the PCI Data Security Standard and advises how to ease the PCI compliance burden.Continue Reading
What are the pros and cons of using stand-alone authentication that is not Active Directory-based?
Password managment tools other than Active Directory are available, though they may not be the best access control coordinators.Continue Reading
Does Teredo present security risks to the enterprise?
Teredo allows internal networks to transition to IPv6, interconnecting them through their NAT devices and across the IPv4 Internet. Ed Skoudis explains why this function isn't as innocent as it seems.Continue Reading
How can root and administrator privileges of different systems be delegated on one account?
In this expert response, Joel Dubin discusses how corporations can manage "superuser" accounts by delegating root and administrator privileges.Continue Reading
Will FTP ever be a secure way to transfer files?
A SearchSecurity.com member asks our network security expert Mike Chapple: Is the File Transfer Protocol a secure way to transfer files? As one of his many monthly responses to readers, Chapple reveals a better alternative to FTP.Continue Reading
What are the security risks of a corporate divestiture?
Security management expert Mike Rothman discusses the data protection issues involved with a corporate divestiture .Continue Reading
Preparing for uniform resource identifier (URI) exploits
URIs have always been a user-friendly way to recognize and access Web resources. By crafting malicious URLs and manipulating protocol handlers, however, attackers have devised new attacks that take advantage of the URI's locator functionality. Web ...Continue Reading
How should sensitive customer data, such as driver's license information, be handled?
In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license.Continue Reading
Choosing from the top PKI products and vendors
In this expert response, security pro Joel Dubin discusses the best ways to compare PKI products and vendors for enterprise implementation of PKI.Continue Reading
How to avoid dangling pointers: Tiny programming errors leave serious security vulnerabilities
For years, many have said that there is no practical way to exploit a dangling pointer, a common application programming error. But these software bugs should no longer be thought of as simple quality-assurance problems. Michael Cobb explains how ...Continue Reading
Enterprise risk management frameworks: Controls for people, processes, technology
Once responsibilities and requirements are defined, the next stage in developing a successful risk management framework involves developing controls. As Khalid Kark explains, that includes developing a culture of security, using technology in the ...Continue Reading
Should a router be placed between the firewall and DMZ?
Modern firewalls have the ability to serve as a router, negating the need of another device on a network. There are exceptions to this router rule, however. Network security expert Mike Chapple explains.Continue Reading
How does SSL 'sit' between the network layer and application layer?
SSL is neither a network layer protocol nor an application layer protocol. In this SearchSecurity.com Q&A, Michael Cobb explains how SSL "sits" between both layers.Continue Reading
How secure is the Windows registry?
In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains the weaknesses of the Windows registry and explores other OS alternatives.Continue Reading
What are the potential risks of giving remote access to a third-party service provider?
In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin discusses the potential risks involved with providing remote access to a third-party service provider.Continue Reading
Is the use of digital certificates with passwords considered two-factor authentication?
In this SearchSecurity.com Q&A identity management and access control expert Joel Dubin identifies the factors that contribute to two-factor authentication, such as smart cards and digital certificates.Continue Reading
How to test an enterprise single sign-on login
In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin examines the best ways to test an enterprise single sign-on (SSO) login.Continue Reading
What are the drawbacks to application firewalls?
Application-layer firewalls examine ingoing and outgoing traffic more carefully than traditional packet-filtering firewalls, so why are some holding back on deployment? In this SearchSecurity.com Q&A, Michael Cobb reveals some cost and performance ...Continue Reading
What should be done with a RAID-5 array's failed drives?
Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data.Continue Reading
How secure are document scanners and other 'scan to email' appliances?
Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices.Continue Reading
What are the alternatives to RC4 and symmetric cryptography systems?
In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how RC4 encryption stacks up against public key cryptography.Continue Reading
Digital forensics tool Helix 'does no harm'
Forensics isn't just for the scientists. This month, contributor Scott Sidel recommends Helix, a digital forensics tool that can do some important detective work on your system.Continue Reading
How can header information track down an email spoofer?
Spammers can use spoofed headers to hide the true origin of unwanted email. In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to trust where a message is coming from.Continue Reading
What is an Nmap Maimon scan?
Systems are often designed to hide out on a network. In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how Nmap Maimon scans can get a response out of them.Continue Reading
How do a DMZ and VPN work together?
In this SearchSecurity.com Q&A, network security expert Mike Chapple explains the three distinct network zones in a typical firewall scenario and reveals how the DMZ and VPN, in particular, co-exist.Continue Reading
How to verify 140-2 (FIPS 140-2) compliance
In this SearchSecurity.com Q&A, identity management and access control expert, Joel Dubin, discuses several ways to verify that Federal Information Processing Standard 140-2 is being enforced.Continue Reading
How can hackers bypass proxy servers?
Hackers are bypassing proxy servers all the time and doing so for a variety of reasons. In this SearchSecurity.com expert Q&A, Ed Skoudis points out the holes in your protective filtering tools.Continue Reading
How can attackers exploit RSS software flaws?
RSS syndication feeds are a convenient way to get your news, blogs or other favorite content, but these popular tools are often left exposed. In this SearchSecurity.com Q&A, Ed Skoudis explains how malicious hackers can attack RSS software and ...Continue Reading
What's the harm in removing the RFID chip in credit cards?
If you're concerned that a credit card's RFID chip is putting your personal data at risk, why not just drill the darn thing out? Not so fast, says Joel Dubin. In this SearchSecurity.com Q&A, the identity management and access control expert ...Continue Reading
Can a TCP connection be made without an open port?
A company may claim it has an "application" that allows computers to communicate without opening any ports, but network security expert Mike Chapple reveals whether you should believe the hype or not. Read more in this SearchSecurity.com Q&A.Continue Reading
Will biometric authentication replace the password?
Some security observers say user IDs and passwords are obsolete and can be easily cracked, but that doesn't mean you should fire up biometric authentication projects just yet. In this SearchSecurity.com Q&A, identity management and access control ...Continue Reading
Can single sign-on (SSO) provide authentication for remote logons?
If you're accessing multiple applications through a remote Citrix server, you have two options. Identity management and access control expert Joel Dubin explains both in this SearchSecurity.com Q&A.Continue Reading
Will two different operating systems cause administrative problems?
Using two different operating systems can often boost a company's security, but there are practical limitations to the enterprise practice. In this expert Q&A, Michael Cobb reveals how separate platforms can lead to deployment issues and higher ...Continue Reading
Steps in the information security program life cycle
This article from our series on information security governance describes the essential steps to take when developing a security program life cycle.Continue Reading
How to safely issue passwords to new users
In this Ask the Expert Q&A, our identity management and access control expert Joel Dubin offers tips on safe password distribution, and reviews the common mistakes that help desks and system administrators make when issuing new passwords.Continue Reading
Where to place IDS network sensors
JP Vossen explains where to place IDS sensors.Continue Reading
How to patch vulnerabilities and keep them sealed
Learn how to simplify the patch deployment process and employ methods that will reduce vulnerabilities.Continue Reading
How does 'arbitrary code' exploit a device?
The difference between a two-tier and a three-tier firewall
The dangers of open port 139