Firewalls

Ebe141392ea3ebf96ba918c780ea1ebe

Why We Still Need Firewalls and AV

May 02, 2012 Added by:Wendy Nather

It's become trendy to talk about how ineffective some commoditized security products are, classic firewalls and AV being the poster children. One of Josh Corman's favorite points is that "we never retire any security controls." As I am of Josh, I think he's wrong on this...

Comments  (2)

1de705dde1cf97450678321cd77853d9

A Tribute to Our Oldest and Dearest Friend - The Firewall

April 22, 2012 Added by:Ian Tibble

We have a lot of bleeding edge software and hardware products in security backed by fierce marketing engines which set unrealistic expectations. Out of all these products, the oldest carries the highest bang for our bucks - the firewall...

Comments  (0)

7e364bbac217114a59e547b354e7f7ad

What’s Wrong with WAFs and How to Hack Them - Part 2

February 07, 2012 Added by:Gary McCully

In attempts to prevent XSS attacks many organizations block or HTML encode special characters (<, >, "). In order to be fair I will admit that this prevents many successful XSS attacks, but at the end of the day many of these web applications are still vulnerable to XSS...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

Gaining Access to a Check Point Appliance

February 07, 2012 Added by:Bill Mathews

On any Linux-based system with an unencrypted hard drive, it is possible to completely overtake a system once you have gained physical access. Often this is easily accomplished with a live CD distribution, such as Backtrack or Ubuntu and some command line tools...

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Cybersecurity in Today's World

December 31, 2011 Added by:Larry Karisny

Curt Massey spent a 35-year career protecting our national security. His military service, civilian law enforcement, corporate security and military contracting experiences have imbued him with the unpleasant knowledge of our core vulnerabilities and a visceral drive to build a team capable of finding answers...

Comments  (0)

82ac4cd789b46af43c0cde730625317e

Common Errors in Firewall Configurations

December 06, 2011 Added by:Christopher Rodgers

With the "ANY" port accessible vulnerability, clear text protocols could be used when both a secure and less secure clear text service are running on the same system, and vulnerabilities found for specific services such as SMB could be launched against vulnerable machines...

Comments  (0)

0dc5fdbc98f80f9aaf2b43b8bc795ea8

Using the Shun Command on the PIX/ASA

May 18, 2011 Added by:Global Knowledge

One command that had a fairly long history first with the PIX Firewall and now the ASA is the shun command. In this post we’ll examine this command’s history, why it’s useful, and its new-found resurgence in threat detection implementation...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Analysis Shows Firewalls Fail to Deliver as Promised

April 12, 2011 Added by:Headlines

Three of the six firewalls failed to stay operational when subjected to stability tests, five out of six didn't handle what is known as the Sneak ACK attack. According to NSS Labs, the performance claims presented in the vendor datasheets are generally grossly overstated...

Comments  (2)

A88973e7d0943d295c99820ab9aeed27

Web Proxies and NetBIOS Targeted by Hackers

September 03, 2010 Added by:Simon Heron

A high number of firewall blocks are coming from the US and Korea, and UDP:137, the name service of NetBIOS is the second most attacked port. There are obviously still systems out there with this port open to the internet. Our message to IT managers is check your firewall rules...

Comments  (4)

49afa3a1bba5280af6c4bf2fb5ea7669

IT Marketing: There is No App for That

June 14, 2010 Added by:Mike Meikle

For the average information technology professional, the concept of marketing & selling is an alien skill set; like under-water bagpipe playing.  In the eye of the IT pro, this skill is composed mostly of excessive hair-gel, pointless presentations and flim-flam.

Comments  (0)

314f19f082e69886c20e31c70fe6dceb

FortiGate signature for Robint.us Mass Website Hack

June 11, 2010 Added by:Rod MacPherson

For users of FortiGate brand UTM firewalls I've put together a FortiGate IPS custom signature that should help by blocking/reporting on infected sites of the recent mass SQL Injection attacks. 

Comments  (0)

0dc5fdbc98f80f9aaf2b43b8bc795ea8

Critical Steps for Securing Layer Two

June 08, 2010 Added by:Global Knowledge

For many years, network administrators have expected security breaches to come from outside an organization or at the upper layers of the OSI model. For this purpose, firewalls are implemented at the edge of a network.While the default state of a firewall does not allow communication between an organization and networks beyond the organizational borders, routers and switches were desig...

Comments  (0)

F6bae6ee0c7dfe5b62860cc8ebf311fe

Policing Dirty Networks & Applications - Using the OSI model to fault find network and applications

May 11, 2010 Added by:John England

I've just read a nice blog from Ray Tan on the importance of the OSI model, and how theory should map to practise. I for one am an advocate of this, and I thought I would share my little common sense system for logical fault finding based on a shortened version of the OSI model. One to share with the less enlightened!

Comments  (1)

E376ca757c1ebdfbca96615bf71247bb

Chisco: Welcome To The Hunan Network?

April 23, 2010 Added by:shawn merdinger

On NPR's 'Fresh Air' this week, Richard Clarke made some great points, in particular with the logic bomb scenarios of sneaking in code and untrustworthy hardware. While this is old news, it's still a very real threat -- recall that Chisco devices were discovered on US government networks and disclosed back in 2008.

Comments  (0)

D97bed96d5646177251e99b9567b1392

Biometrics: Where do we stand?

April 16, 2010 Added by:Aaron Simmons

New Hampshire recently voted down the bill (HB 1409) and sided with the Security Industry to allow Biometrics.  So now that security is becoming a priority, where does it stand in the role of Authentication Verification? There are several methods for verification, (Biometric, PIN, Token and even Telephone Call Back/SMS).  Each one of these has its pro’s ...

Comments  (2)

A1579a5845ff87a92326174e52499707

Hackers Lurking in Hotel Networks

March 17, 2010 Added by:Mark Smail

Many frequent business travelers spend almost as many nights sleeping in hotels as they do in their own beds. The need to stay productive when you’re on the road means that travelers must rely on whatever means available to stay connected, even if it’s an unprotected hotel wireless network.  

Comments  (3)

Page « < 17 - 18 - 19 - 20 - 21 > »