Linux Network Security - Page 29

Discover Network Security News

Current Trends in Network Access Control Market Landscape

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

All conspiracy theorists worth their salt have one thing in common: A certainty that far-reaching and insidious forces are conspiring, molding events to suit their nefarious aims. That about sums up the NAC market. The number of players in this intrigue has exploded from a handful a few years ago to upwards of 35 today. And it's not just infrastructure gear vendors, though Cisco Systems and its rivals are well represented. From AirMagnet to Vernier, and of course Microsoft, everyone wants a piece of your security budget, and they're not above forming convenient alliances to get it.

Benjamin D. Thomas
Oct 11, 2006

The Risks of Misconfigured DNS Servers for Network Security

More than half of the Internet's name servers are configured incorrectly, leaving networks vulnerable to pharming attacks and enabling servers to be used in attacks that can wipe out DNS infrastructure. This is the key finding of a survey of the Internet's domain name servers released Monday. The Measurement Factory conducted the survey for Infoblox, which sells DNS appliances. Overall, the 2006 DNS Report Card assigned a grade of D+ for DNS security. This is the second annual survey conducted by The Measurement Factory about the state of the global DNS. We saw an increase in the pace and severity of attacks and outages resulting from bad configurations in the DNS infrastructure, says Rick Kagan, vice president of marketing for Infoblox.

Benjamin D. Thomas
Oct 10, 2006

Effective Client VPN Strategies to Enhance Remote Access Security

If you have given your trusted employees and key contractors remote access to your network via a client virtual private network (VPN), congratulations! By now, you have seen the productivity and cost benefits from allowing collaboration that surmounts geographical separation. You may also have discovered that keeping your network secure is now even trickier than it was, because each uncontrolled remote computer potentially creates another avenue of access to the network for attackers. Here are 10 tips to help secure your network while ensuring the benefits of your VPN.

Benjamin D. Thomas
Oct 03, 2006

Addressing Security Risks in AoE Protocol for SAN Deployment

ATA over Ethernet (AoE) is an open standards based protocol which allows direct network access to disk drives by client hosts. AoE has been incorporated into the mainstream Linux kernel, recently been the subject of a Slashdot article, and it appears that it is a SAN technology which is here to stay. This paper investigates the insecurities present in the AoE protocol and suggests how you can deploy AoE infrastructure without worrying about a wide scale compromise.

Brittany Day
Sep 28, 2006

SSL-Explorer: The First Browser-Based Open-Source SSL VPN Solution

SSL-Explorer is the world's first open-source, browser-based SSL VPN solution. This unique remote access solution provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser. Users can now be granted access to their files, intranet applications and email from virtually any location with an internet connection. Using SSL-Explorer you can quickly and simply provide full extranet access to key strategic business partners and external consultants. Similarly, your network support staff are also now free to remotely manage servers, routers and other network hardware securely using industry standard encryption technologies to protect key information assets.

Benjamin D. Thomas
Sep 28, 2006

Utilizing Nmap Parsers To Gain Valuable Insights On Network Security

This is the ninth in a series of tips on how to use Nmap in an enterprise network environment. For a security tool to be useful you have to be able to understand what it's telling you about the setup, security, or weak points of your system or network. With Nmap you can run very comprehensive tests. To analyze the results it is often best to have the output recorded in XML format so that it can be easily imported into a database or converted into HTML for analysis and human consumption.

Benjamin D. Thomas
Sep 26, 2006

Optimizing Data Protection With Recovery Management Strategies

In the struggle to ensure data protection, reduce backup windows, and manage costs

Brittany Day
Sep 19, 2006

2006 Web Security Report: Overview of Increasing Vulnerabilities and Flaws

Less rigor in Web programming, an increasing variety of software, and restrictions on Web security testing have combined to make flaws in Web software the most reported security issues this year to date, according to the latest data from the Common Vulnerabilities and Exposures (CVE) project. A draft report on the latest numbers from the vulnerability database found that 4,375 security issues had so far been cataloged in the first nine months of 2006, just shy of the 4,538 issues documented last year.

Brittany Day
Sep 16, 2006

DDoS Attacks: Techniques for Effective Mitigation Using Data Sources

Internet distributed denial of service (DDoS) attacks are becoming increasingly prevalent [1]. To prevent the discovery of attack sources, attackers have been known to spoof the source IP addresses of packets in DDoS attack. These spoofed addresses were often chosen randomly from the IPv4 space, which allowed a technique called backscatter analysis [2] to be used to infer the prevalence of such spoofed DDoS attacks on the Internet. This technique works by measuring the amount of unwanted tra

Benjamin D. Thomas
Sep 06, 2006

Understanding ISPs' Traffic Control Against Encrypted BitTorrent Tools

The advent of BitTorrent was a cause for celebration for people who wished to share large files very quickly, but Internet Service Providers did not see the technology in quite the same positive light. ISPs soon found that the majority of their bandwidth was taken up with BitTorrent traffic, and some, like Canadian provider Shaw, started throttling the service in response. BitTorrent clients such as Azureus added a feature that encrypted torrent traffic to try and get around these ISP roadblocks.

Brittany Day
Sep 02, 2006

Assessing Mix-Networks For Effective Traffic Anonymization

Generally, traffic analysis is done to identify one or more of the following: the kind of traffic being sent or received by the target, the contents of all or any traffic sent, and the origin and destination of the traffic. Traffic analyses can be generally classified into two major types, active and passive. A passive traffic analysis attack is one in which the attacker is able to monitor some or all of the network traffic entering or exiting a node, without altering the shape of that traffic in any discernable way[1]. Because the flow of the traffic is unaltered, passive traffic analysis can be extremely difficult to detect, even under the best circumstances. Of course, as the complexity of the network increases, likewise, it becomes increasing difficult (and expensive) to monitor traffic in this manner. This is, of course, assuming that there are enough producers of traffic, hereby referred to as senders, to make such an analysis infeasible without detection. To illustrate, consider mail sent via the US Postal service.

Brittany Day
Aug 30, 2006

OpenSSH Secure Remote Management Setup Using Key Authentication

SSH is the secure replacement for rlogin, rsh and telnet, which has been used in the past to do remote administration work. Even today some people still like using telnet for administration, even though it actively affects system security, since all commands and passwords are transmitted in cleartext. Since we are aware of the security risk of running a telnet service and want to be better we are not only using SSH, we will set up SSH with public key authentification.

Benjamin D. Thomas
Aug 18, 2006

The Critical Role of Network Security for Small Welsh Enterprises Today

Network security is vital if Welsh SMEs hope to thwart hackers in future years, says UK internet security tester NTA monitor. While SMEs make up 99.9 per cent of the 4.3 million businesses in the UK, the vast majority do not have dedicated IT departments. Because of this, the necessity for security against threats should be a priority. Network structure should always be considered with this firmly in mind, according to NTA monitor.

Brittany Day
Aug 17, 2006

VoodooNet's IPv6 Traffic Encapsulation Threatens Network Security

The tool, dubbed VoodooNet or v00d00n3t, uses the ability of most computers to encapsulate next-generation network traffic, known as Internet Protocol version 6 (IPv6), inside of today's network communications standard, or IPv4. Because most security hardware appliances and host-based intrusion detection programs have not been programmed to inspect IPv6 packets in depth, data can bypass most network security, said independent security researcher Robert Murphy, who presented the tool at the DEFCON hacking conference last weekend.

Brittany Day
Aug 15, 2006

Dynamic Network Security: Tailored Adaptive Solutions for Protection

Europe is hurtling toward an information society capable of offering communication services anywhere in the world; a society where data and communication devices spontaneously form networks using any medium with any protocol to access any service. So far, such a proposition is not too secure. But researchers are on the case.

Brittany Day
Aug 14, 2006

Best Practices for Enhancing Wired Network Security in Healthcare Settings

With an ever increasing amount of information in hospitals transmitted electronically, it is important that security be considered in every phase of network design and maintenance. Although much emphasis has been placed on such things as wireless networks and remote access, it is imperative that the core network not be overlooked. Because the wired network is the

Brittany Day
Aug 11, 2006

Benefits Of VPN Technologies For Enhanced Remote Security

Virtual Private Networks, or VPNs, extend the reach of local-area networks without requiring owned or leased private lines. Businesses can use VPNs to give remote and mobile users network access, connect geographically separated branches into a unified network and enable the remote use of applications that rely on internal servers. VPNs can use one or both of two mechanisms. One is to use private circuits leased from a trusted communications provider: alone, this is called a trusted VPN. The other is to send encrypted traffic over the public Internet: alone, this is called a secure VPN. Using a secure VPN over a trusted VPN is called a hybrid VPN. Combining two kinds of secure VPN into one gateway, for instance IPsec and SSL, is also called a hybrid VPN.

Benjamin D. Thomas
Aug 09, 2006

Making Corporate Security Second Nature: A Collective Effort

Enterprise security executives need to make practices such as safe USB use and discreet handling of patient or customer data as commonplace as not accepting luggage from strangers in airports or wearing a seat belt when driving.

Brittany Day
Aug 05, 2006

Exploring Network Security Risks And Protection Solutions

You might just call it the Windows factor. The more widespread the technology, the higher-value target it becomes to crackers, hackers and attackers. But network and personal computing safety go beyond the operating system you're running. Even Linux and Macs have seen their share of security issues. Maybe your databases aren't up to code in order to thwart a SQL injection attack that could bypass your firewall.

Brittany Day
Aug 02, 2006

Dan Kaminsky Unveils Net Neutrality Technique for VoIP Communication

A Seattle-based security researcher has devised a way to test for Net neutrality.

Brittany Day
Aug 02, 2006

Community Poll

More Polls