Network Security

6K

Solutions

27

Articles & Videos

8K

Contributors

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

In this blog we highlight approaches to managed security as a service. We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
0
Retailers - Is your network secure?
Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

keylogger
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
4
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and information against these types of occurrences.
0
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.

How it Works


fake gmail login screen- phishedThe attack works by targeting a victim’s contact list and sending out authentic looking phishing emails. When this forged email is opened and the attachment clicked, a page appearing to be the Google log in portal opens.

Once the victim submits their credentials into the site, the hackers start crawling the victim’s inbox. These crawlers look at previous subject lines and attachments for contextual relevance to copy.

A screenshot is taken of a previous attachment and a new message is composed. This screenshot becomes the entry way into the phishing Gmail login page. The subject line is then pulled from a previous email that would be relevant to the attachment.

The new version of the email is sent to all the victims contacts, and the attack starts again. The use of previous subject lines and attachment, help to make the hacker’s email look very genuine. This technique has tricked many users into opening the infected attachment.

One of these emails is described by a commenter on Hacker News,

“[The hackers] went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a
0
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance.

A concise guide to the settings required on both devices
1
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
0
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
3
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to get better.
3
threat model
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
1
 
LVL 66

Expert Comment

by:Jim Horn
Comment Utility
Hi Shakshi

Thanks for your submission.  889 words, completely original content, and reads fairly well.  The technical aspects of this article seem pretty solid, but I'm going to send this back to Draft / Author Review for some general readability editing.  When you're done go ahead and resubmit and I'll review from there.

Please separate paragraphs with a blank line, as without that an article can resemble a 'word wall' where everything jumbles together and can be difficult to read.

>fruitful dispatch, inculcate, buttonhole, the prerequisite in a venture, Addedly, ingressed, environ
These words are rarely used and may confuse people.  Keep in mind that if these are local slang than it might not translate well to a global audience.  I can appreciate that you're trying to tell a story and be somewhat entertaining in the process, but just make sure you don't lose people in the translation.

>as it were, Addedly,
There are some phrases here that do not add value and can be deleted.

>Now let's take a brief about what Threat modeling is: Threat modeling does not include
Please define something by what it is, not what it is not.  The 'is not' stuff can always be added later.

>STRIDE & DREAD.
If terms are going to be introduced but not defined please at minimum provide a link to a definition.

Please provide a conclusion.

Feel free to self-promote in the 'About the Author' section, especially if you have other publications that readers of this one may be interested in reading.

For a lot more recommendations on how to score maximum points on articles check out Top 10 Ways To Write Rock Star Technical Articles

Thanks in advance.  I look forward to seeing this as a finished product.
Jimbo
0
cybersecuritty
Read about achieving the basic levels of HRIS security in the workplace.
1
 
LVL 5

Author Comment

by:Oscar Waterworth
Comment Utility
It was a mistake, thanks for having such a keen eye.
0
Turn your laptop into a mobile console!
Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

Cyber or not!
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
3
cloud
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our businesses and ultimately lives.
0
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
3
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
4
 
LVL 12

Expert Comment

by:William Nettmann
Comment Utility
The Quagga is on it's way back - maybe the password will survive as well!
0
 
LVL 6

Author Comment

by:Teksquisite
Comment Utility
Thank you all for your comments = passwords must die!
0
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
7
 
LVL 16

Expert Comment

by:Kyle Santos
Comment Utility
Good job.
0
 
LVL 6

Author Comment

by:Teksquisite
Comment Utility
Thank you Kyle :)
0
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
3
 
LVL 6

Author Comment

by:Teksquisite
Comment Utility
Good grief the submit button was way at the bottom!
0
 

Expert Comment

by:SINC_dmack
Comment Utility
The connection between a smart phone and an email server should always be SSL encrypted.  It doesn't matter if the wifi connection is insecure, as the 2048-bit (or higher) level of encryption used by the mail server's SSL certificate is more than sufficient to keep hackers out.  If a hacker was able to intercept Steven Petrow's email and/or mail server credentials, it is because the mail server itself was inadequately secured, such as if it was a legacy unencrypted POP3-based server.  

The onus for that lapse lies with whoever is responsible for determining what is acceptable for the mail server's configuration, and on the user for relying on such an insecure method for using email.  All of the major free email providers (Gmail, Yahoo, Hotmail) provide encrypted connections, and so do properly-configured Microsoft Exchange servers.  But people using fly-by-night "100 mailboxes for $20 per month" or whatever services may well not have any encryption.  Where people can really run into problems is if they use insecure email services AND use the same password for other services.  For example, if Steven Petrow had used the same credentials for his email and for his credit card website, a hacker who got the email credentials could have sniffed his wifi traffic to see what credit card website Steven went to, and then attempted to use those credentials there.  But since the credit card website would be SSL encrypted, if Steven had used different credentials for email and the credit card website, then the hacker would have, at best, just been able to see that Steven was going to a credit card website, but not intercepted his credentials or any data sent or received to that website.

Sure, a VPN will alleviate the problem of having an insecure email server (and it's never a bad idea to have an extra layer of encryption), but who is going to start up a VPN every time they want their phone to check their email?  Pretty much nobody.  Rather than advise people to take a bunch of steps that ought to be unnecessary, suggest that they ensure that any services they access over the internet are properly SSL-encrypted.
0
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
9
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address.

There is a new bug in BIND, affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) through BIND 9.9.7-P1 and BIND 9.10.2-P2.

Basically, anyone can stop your BIND service (named), effectively shutting down your name resolution.

So if you administer name servers using BIND, you need to update NOW.
Unfortunately, that means you cannot wait for binaries for your distribution to become available, you need to install from source.

Problems:
  1. You need to install a development environment in your DNS servers
  2. Configuring and compiling can take a long time, using resources
  3. You need to uninstall the current packages, without losing your zone files and named config, including startup scripts.

My solution: configure a test server, configure, compile and install the new version of BIND from source, then copy all the files to the production servers. This way you disrupt the service for 20 sec max.

Caveat: all servers should run the same distribution and packages.

My servers all run Debian 7.8, with minimal packages installed, to reduce attack vectors.

Technique:
1. Create a test server (either from scratch, or by cloning one of your production DNS servers).
2. Prepare the build environment
test-server:apt-get install build-essential libssl-dev

Open in new window


3. Download and extract the package:

Open in new window

0
 
LVL 35

Author Comment

by:Dan Craciun
Comment Utility
0
In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats that revolve around your software and other applications. These threats can greatly affect your work and bring downfall to your business. This is the reason why you should seek the service of a reputed web application external penetration testing services company. It will help you ensure the security of your firm's network.

Unlike other manual security systems, external penetration testing services provided by a professional help you analyze your network vulnerabilities in a comprehensive manner. You can get rid of all the vulnerabilities with the combination of scanning tools and various other methods of manual penetration. These tools are designed specifically for preventing your system from any sort of data theft or identity theft.

Using penetrating testing tools will help you determine the extent to which your data or information can be compromised or in a position of vulnerability. There are end number of web application penetration testing companies that bring forth different types of tools and techniques for identifying and analyzing the common threats that can occur while using any online platform.

The penetrating testing process involves assessment of the network security and computer by imitating an attack on your…
4
Three Reasons Why Backup is Strategic
LVL 4
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them more and more I decided to trial one so I could offer a better opinion.  The one I decided to trial was called 'LastPass'.  It came highly recommended from a couple of my Web Developer friends who now use it for every website that requires some form of login!

In addition to the recommendation I did some research on the program to give me a little more confidence and understanding – I suggest reading a few reviews prior to jumping into anything.



What is a Password Manager?
A password manager is a program that helps a user to better manage and organise their passwords for online accounts.  Most Password managers store your passwords and then encrypts them.  The programs then require the user to enter a Master Password to decrypt them before they can be access.

What is the benefit of having a Password Manager?:
If you’re anything like me you will have lots of online logins, then over time this can become difficult to manage.  I found myself trying multiple login credentials on sites before finding the one that works, eventually getting there but sometimes I would have to do a password reset.
Using a Password Manager takes away this problem.  All you have to do is remember the one password and the program …
4
There is a question posted at http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_28324159.html and in the comments someone asked if there are any Public Certificate Authorities (CA) that issue directly off the Root CA Certificate. The response was:

"There are plenty... 

Digicert, Verisign, Thawte, Comodo, to name a few."
This is incorrect, Public CA's are required to follow strict rules set in place by the CA Browser Forums and the Root Deployment programs of developers (e.g. Microsoft, Firefox or Apple).

CA Browser Forum: https://cabforum.org/baseline-requirements-documents/
Microsoft: http://technet.microsoft.com/en-us/library/cc751157.aspx
Apple: https://www.apple.com/certificateauthority/ca_program.html
Mozilla: https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/

Lets start off by Defining what a Public Certificate Authority is:

The CA Browser Forum defines a Public CA as "Public Certificate Authorities are companies or government agencies that have been …
2
 
LVL 15

Administrative Comment

by:ericpete
Comment Utility
Rob,

Congratulations; your article has now been published.

ericpete
Page Editor
0
There are some basic methods for preventing attacks on, hacking of and unauthorized access to a network -- maybe not completely, but up to a certain level.

Start with a well-reputed firewall and unified threat management (UTM) system -- a gateway level internet security device at every access point to your network. If you are in a small or medium-sized organization, where management is not willing to invest in IT (IT is a support system to their business, not their bread and butter) you need to give them a small presentation. If they have invested in security cameras and guards to prevent any unauthorized person from entering their premises, why would they will give unauthorized access to anyone to enter their network?

Explore the Internet, but don't expose yourself

Now you have your own firewall/UTM, so now you can prevent unauthorized to your network. While purchasing the firewall your procurement team has negotiated a lot and purchased the lowest quoted firewall and presented it to you. The vendor who has won this bid may have not-that-much-educated engineers, or the engineer sent to configure it is too much clever and configures the firewall in a very short span of time without asking you all the details of your network. So, it is your duty to know your network thoroughly and carefully.

The engineer came, asked you the public IP of ISP, asked you what you want to restrict, created some group, set up some group policies, showed you the bandwidth …
5
 

Expert Comment

by:Li HUANG
Comment Utility
Thank you     diprajbasu for the summary guild.   To restrict open port (s) ,  example only :80 to your remote ddns updater , how allow the router.map and ldap id you entirely  when as , the primary domain configure invalid at the router.format limited ? ( For a privacy : domain.com  format just input able as xxx.domain.com that of node.domain.com node default to where ? )   Can it be taken away by a device somewhere to be the domain.group ?   Hope to feedback Please .
0
 
LVL 1

Expert Comment

by:Rahul Sam
Comment Utility
Really great idea, There is one more precaution should be taken for network security by doing  penetration testing. As it is the best and most convenient way to find the vulnerabilities in network or websites.
0
Most computer users do not realize how important their passwords are. Here’s the straight scoop on why you need a good password and how to create super strong passwords that are easy to remember and hard to crack.


Thieves Are Trying to Steal Your Identity.

If criminals can figure out your password, they know that they will have access to your email, your online bank accounts, even your social security number. They can break into your computers, steal your files, steal your identity, reset your bank account information, steal your bank account, buy houses in your name, buy boats and airplanes in your name.

They will sell your information on the internet for $10 USD to other criminals who will use it to buy and sell drugs.

You might think this to be an exaggeration, but each and every example I gave above is true. Once your information is on the internet and can be sold, criminal rings who specialize in identity theft and internet fraud can do just about whatever they want with you.

Your identity will be sold for as little as $10 in an internet chat room, and it will cost you thousands and your good name before you can restore your life.

All because you were too lazy to get a good password.


Thieves have automated the process

Criminals are not going door to door looking for victims. Instead, they have created computer programs that scan the internet to find your computer, your email box, your website, and other pieces of your …
9
 
LVL 23

Expert Comment

by:Rajkumar Gs
Comment Utility
Good Article DrDamnit

I have seen many peoples using very week passwords. I normally prefer and use strong passwords.
Your article is really helpful. Thanks for the information about those tools as well.

Got some new ideas to keep my secrets secure!

Thanks
Raj
0
 
LVL 49

Expert Comment

by:DanRollins
Comment Utility
There are several weaknesses about using a "password-vault" type program to store your passwords.  Lots of us use the password vault that is built into the web browser, but it is vulnerable:  If you forget to log out at lunch, your evil co-worker will take out a mortgage on your house and then skip off to retire in Bimini with the profits (or enjoy a weekend in Cleaveland, depending... :-)

In both situations (password vault software and browser password handling), you are vulnerable to three problems:  

There is one key password you must remember, and because you may need it often, you might tend to use a weak one.  That means that if somebody can access your desktop (physically or remotely), your 20-character ultra-hardened randomly-created banking passwords are really all as weak as your Windows login password.
What do you do when you are away from your desk?  E.g., when you are on the road and need to check your webmail?  Your herculean password is now preventing you from accessing things you need to access -- because you don't know the password itself.
The local password that is used to "unlock the safe" might well be more susceptible to dictionary and brute-force attacks.  The software (or Windows itself) can be bombarded with login retries, while most websites keep track of retries and foil the cracking software by inserting manditory delays between retries.
None of these are showstoppers, but IMHO, they add up to a good reason to use a "mental algorithm" rather than a password-management tool.  I've discussed that technique in my article: Strong (but Easy-to-Remember) Passwords
0
"Oh crap. I think we've been hacked."

That's the last sentence you ever want to hear from your IT guy, and the last sentence you ever want to have to say to your customers and clients. The fact is, hackers are everywhere. They are out there doing bad stuff for profit, pleasure, notoriety, or simply because: "I can".

This is intended to be a quick, down and dirty, guide to recovering from an attack. No matter if you're a noob or a seasoned IT professional, it is really only a matter of time before you will have to deal with an intruder.

An Ounce of Prevention...
It is so much easier to prevent being hacked than it is to recover. The basic way you prevent hackers from compromising your systems is to make it more difficult than average to break your protection. There is no need to build a digital Fort Knox around your network (although I won't disagree with this practice), but there are 5 simple steps you can use to deter hackers from breaking into your computers, servers, and network.

Never Be the Low Hanging Fruit
If you are the low hanging fruit: a.k.a. an easy target, you're going to get nailed. Hackers, for the most part, are looking for an easy target: a weak password, a stupid employee, an open server door, an unlocked office door, or an untrained user.

In reality, you can take some extremely simple, easy steps, to make it orders of magnitude more difficult to break into your network. You don't have to be the safest, you just have to be safe…
49
 

Expert Comment

by:blaine_mono
Comment Utility
There is a great tool that gives an instant view on internet connections (no need to fiddle with netstat). http://wandering-ips.com
0
 
LVL 70

Expert Comment

by:Qlemo
Comment Utility
If it is just about seeing which ports are open or listening, there are many more free tools, like TcpView from SysInternals or CurrPorts from NirSoft. The latter allows for defining filters and record changes.
But I reckon what the article wants to show is that you can use simple integrated tools to do a quick scan.
0
Most people are under the false impression that installing an antivirus package, antispyware package, OS updates/security patches, and firewall are all you need to secure your network resources. Those methods are a good start, but leaves your network open to many additional vulnerabilities. This is why you might have heard of a multi-layered approach to IT security. I am about to discuss multi-layered security with you and give you some things to think about for network security.

Let’s take a quick moment to define the open systems interconnect model (OSI model). Under the OSI model, there are seven layers that encompass all IT networking. They are, in order:
Physical Layer
Data Link Layer
Networking Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer— (Where most IT security products reside, including Anti-virus and Antispyware, and password authentication, {like Kerberos}.)

You might take a moment to familiarize yourself with the OSI model. The OSI model can be used for anything IT related, (especially troubleshooting and IT security). There are alternative models for differing types of systems but this is the most commonly referenced.

This is a pretty good article on the OSI model:
The OSI Layer Model

Before beginning, let's define a couple terms:

Remediation – in this article consider remediation as being a process to clean up malware after being infected.
Prevention
5

Network Security

6K

Solutions

27

Articles & Videos

8K

Contributors

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.