Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
3
Hire Technology Freelancers with Gigs
LVL 10
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
1
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
0
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
0
How does someone stay on the right and legal side of the hacking world?
10
In this article, we’ll look at how to deploy ProxySQL.
0
Compliance and data security require steps be taken to prevent unauthorized users from copying data. Here's one method to prevent data theft via USB drives (and writable optical media).
2
 
LVL 96

Author Comment

by:Lee W, MVP
Comment Utility
Ok, thanks!
0
 
LVL 8

Expert Comment

by:Senior IT System Engineer
Comment Utility
Thanks for sharing the great article.
0
DDOS Threats!
Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
1
In this blog we highlight approaches to managed security as a service. We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
0
keylogger
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
4
How to Use the Help Bell
LVL 10
How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and information against these types of occurrences.
0
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.

How it Works


fake gmail login screen- phishedThe attack works by targeting a victim’s contact list and sending out authentic looking phishing emails. When this forged email is opened and the attachment clicked, a page appearing to be the Google log in portal opens.

Once the victim submits their credentials into the site, the hackers start crawling the victim’s inbox. These crawlers look at previous subject lines and attachments for contextual relevance to copy.

A screenshot is taken of a previous attachment and a new message is composed. This screenshot becomes the entry way into the phishing Gmail login page. The subject line is then pulled from a previous email that would be relevant to the attachment.

The new version of the email is sent to all the victims contacts, and the attack starts again. The use of previous subject lines and attachment, help to make the hacker’s email look very genuine. This technique has tricked many users into opening the infected attachment.

One of these emails is described by a commenter on Hacker News,

“[The hackers] went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a
1
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance.

A concise guide to the settings required on both devices
1
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
0
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
3
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to get better.
3
threat model
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
1
 
LVL 66

Expert Comment

by:Jim Horn
Comment Utility
Hi Shakshi

Thanks for your submission.  889 words, completely original content, and reads fairly well.  The technical aspects of this article seem pretty solid, but I'm going to send this back to Draft / Author Review for some general readability editing.  When you're done go ahead and resubmit and I'll review from there.

Please separate paragraphs with a blank line, as without that an article can resemble a 'word wall' where everything jumbles together and can be difficult to read.

>fruitful dispatch, inculcate, buttonhole, the prerequisite in a venture, Addedly, ingressed, environ
These words are rarely used and may confuse people.  Keep in mind that if these are local slang than it might not translate well to a global audience.  I can appreciate that you're trying to tell a story and be somewhat entertaining in the process, but just make sure you don't lose people in the translation.

>as it were, Addedly,
There are some phrases here that do not add value and can be deleted.

>Now let's take a brief about what Threat modeling is: Threat modeling does not include
Please define something by what it is, not what it is not.  The 'is not' stuff can always be added later.

>STRIDE & DREAD.
If terms are going to be introduced but not defined please at minimum provide a link to a definition.

Please provide a conclusion.

Feel free to self-promote in the 'About the Author' section, especially if you have other publications that readers of this one may be interested in reading.

For a lot more recommendations on how to score maximum points on articles check out Top 10 Ways To Write Rock Star Technical Articles

Thanks in advance.  I look forward to seeing this as a finished product.
Jimbo
0
cybersecuritty
Read about achieving the basic levels of HRIS security in the workplace.
1
 
LVL 6

Author Comment

by:Oscar Waterworth
Comment Utility
It was a mistake, thanks for having such a keen eye.
0
Cyber or not!
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
3
Windows Server 2016: All you need to know
LVL 1
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

cloud
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our businesses and ultimately lives.
0
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
3
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
4
 
LVL 12

Expert Comment

by:William Nettmann
Comment Utility
The Quagga is on it's way back - maybe the password will survive as well!
0
 
LVL 6

Author Comment

by:Teksquisite
Comment Utility
Thank you all for your comments = passwords must die!
0
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
7
 
LVL 17

Expert Comment

by:Kyle Santos
Comment Utility
Good job.
0
 
LVL 6

Author Comment

by:Teksquisite
Comment Utility
Thank you Kyle :)
0
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
3
 
LVL 6

Author Comment

by:Teksquisite
Comment Utility
Good grief the submit button was way at the bottom!
0
 
LVL 1

Expert Comment

by:SINC_dmack
Comment Utility
The connection between a smart phone and an email server should always be SSL encrypted.  It doesn't matter if the wifi connection is insecure, as the 2048-bit (or higher) level of encryption used by the mail server's SSL certificate is more than sufficient to keep hackers out.  If a hacker was able to intercept Steven Petrow's email and/or mail server credentials, it is because the mail server itself was inadequately secured, such as if it was a legacy unencrypted POP3-based server.  

The onus for that lapse lies with whoever is responsible for determining what is acceptable for the mail server's configuration, and on the user for relying on such an insecure method for using email.  All of the major free email providers (Gmail, Yahoo, Hotmail) provide encrypted connections, and so do properly-configured Microsoft Exchange servers.  But people using fly-by-night "100 mailboxes for $20 per month" or whatever services may well not have any encryption.  Where people can really run into problems is if they use insecure email services AND use the same password for other services.  For example, if Steven Petrow had used the same credentials for his email and for his credit card website, a hacker who got the email credentials could have sniffed his wifi traffic to see what credit card website Steven went to, and then attempted to use those credentials there.  But since the credit card website would be SSL encrypted, if Steven had used different credentials for email and the credit card website, then the hacker would have, at best, just been able to see that Steven was going to a credit card website, but not intercepted his credentials or any data sent or received to that website.

Sure, a VPN will alleviate the problem of having an insecure email server (and it's never a bad idea to have an extra layer of encryption), but who is going to start up a VPN every time they want their phone to check their email?  Pretty much nobody.  Rather than advise people to take a bunch of steps that ought to be unnecessary, suggest that they ensure that any services they access over the internet are properly SSL-encrypted.
0
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
9

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.