Archive for the ‘network security’ Category

Seven Overlooked Network Security Threats for 2011

Monday, January 3rd, 2011

Just when you thought your network was totally secure …

No one working in network security can complain that the issue has been ignored by the press. Between Stuxnet, WikiLeaks server attacks and counterattacks, and the steady march of security updates from Microsoft and Adobe, the topic is being discussed everywhere. IT workers who have discovered that consolidation, off-shoring, and cloud computing have reduced job opportunities may be tempted to take heart in comments such as Tom Silver’s (Sr. VP for Dice.com) claim that “there is not a single job position within security that is not in demand today.”This and similar pronouncements by others paint a rosy picture of bottomless security staff funding, pleasant games of network attack chess, and a bevy of state-of-the-art security gadgets to address threats. Maybe.

(more…)

A Secure Server Console Switch for the Finance Industry

Friday, December 3rd, 2010

Since server console switch products are used in a variety of different applications in many different industries, it’s predictable that each industry looks for a different set of features when selecting a server console switch. Some market sectors are more concerned with port configuration parameters, others are more concerned with environmental alarms, while others are more interested in port buffering capabilities. But in the finance industry, the most important server console switch feature is always security and authentication.

(more…)

A Console Terminal Server with FIPS 140-2 Certification

Tuesday, November 23rd, 2010

Security is probably the most important factor that government agencies contemplate when purchasing network equipment. By their very nature, government networks often provide access to extremely sensitive data and information; and it’s no exaggeration to say that in some cases, the secrecy of this information is a matter of life and death. Before a government agency even begins to consider purchasing a critical network device such as a Console Terminal Server, one of the first things they want to know about is security.

(more…)

The Best Tools and Methods to Track Down Suspect IP Addresses and URLs

Wednesday, October 27th, 2010

Here’s an extremely useful article for anyone who’s concerned about security or spamming …

There are many reasons why you might need to track down an IP address. You might have discovered a hacking attempt in one of your logs. You might think you have found a spammer that you want to add to a black list. The “why” are as many as are the “how.” Every operating system has different tools for helping you track down an IP address. Compounded with this is that any tool that makes use of an IP address also has different tools for this purpose. So where do you start? What’s the easiest way to find IP addresses and help locate their sources?

(more…)

Secure Console Port Access via Out of Band AND Dial-Up

Wednesday, October 27th, 2010

Sometimes, it’s nice to have as many alternatives as possible; especially when you’re talking about a console server. When your network is down, a console server with an out of band management solution often provides the only way to access command functions on remote network devices, without a long, expensive trip to a remote network facility. With that in mind, it’s good to know that WTI console server products provide two different means for accessing command functions on remote network devices: via out of band network, or via dial-up modem.

(more…)

Is Your Terminal Switch Safe from Hackers Looking for IP Addresses?

Thursday, October 14th, 2010

When it comes to terminal switch products and other out of band management tools, ping command response sometimes creates an overlooked security hole. In many situations, hackers who are interested in gaining access to important network control functions can discover IP addresses for sensitive network devices by randomly pinging a series of IP numbers until they find an address that responds. Once a device responds, the hacker then knows the IP address of the unit, providing an initial foothold that could be used to eventually gain access to secure devices.

(more…)

Stuxnet Removal Tool

Tuesday, October 12th, 2010

This comes about a month too late for many of Stuxnet’s victims, but it looks like somebody finally came up with a Stuxnet removal tool …

The public became aware of the Stuxnet worm back in July, largely because it was linked to several 0-day vulnerabilities of the Windows operating system. Researchers who analyzed the worm discovered what appeared to be its core purpose: To target industrial computer networks running Siemens WinCC software. But the nature of the vulnerability made all Windows systems vulnerable, and while workarounds were published shortly after the discovery it was not enough to limit or even eliminate the spreading of the worm.

(more…)

Quarantine Virus-Infected PCs from Internet, Says Microsoft

Friday, October 8th, 2010

Wouldn’t it make more sense to go after the people who actually write the viruses instead of the victims? Probably so, but in the meantime, this sounds like a great tool for forcing people to buy new PCs.

Software giant wants people cut off from the internet and health certificates issued

Virus-infected computers should be blocked from the internet and kept in quarantine until they are given a “health certificate”, a top Microsoft security researcher suggested on Thursday.

(more…)

Gmail Security Checklist, Improve Login Security

Friday, October 8th, 2010

Most of the items on this list will look pretty familiar to most of us, but they’re still worth repeating from time to time …

There are two to tango, and the same is true for an effective online security strategy. What does it mean? On the one side, the company offering a service needs to make sure that user accounts are protected on their servers, that no one can exploit vulnerabilities to gain login information or other data from users of the service. On the other side, is the user and the local computer the service is accessed from. The user too has responsibilities like making sure the computer is running up to date software.

(more…)

Google Chrome Now Disables Outdated Plugins

Thursday, October 7th, 2010

The people who create plugins probably hate this, but it seems like a good thing for Chrome users …

Web browser plugins are a main attack vector on today’s Internet. Especially outdated plugins increase the risk of becoming a victim of a successful attack. If you follow the news here on Ghacks.net or on other similar sites you may have noticed an increase in plugin vulnerabilities over the last years with Adobe leading the leaderboard with its widely used Adobe Flash plugin.

(more…)