Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

DDOS Threats!
Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
1
keylogger
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
4
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and information against these types of occurrences.
0
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.

How it Works


fake gmail login screen- phishedThe attack works by targeting a victim’s contact list and sending out authentic looking phishing emails. When this forged email is opened and the attachment clicked, a page appearing to be the Google log in portal opens.

Once the victim submits their credentials into the site, the hackers start crawling the victim’s inbox. These crawlers look at previous subject lines and attachments for contextual relevance to copy.

A screenshot is taken of a previous attachment and a new message is composed. This screenshot becomes the entry way into the phishing Gmail login page. The subject line is then pulled from a previous email that would be relevant to the attachment.

The new version of the email is sent to all the victims contacts, and the attack starts again. The use of previous subject lines and attachment, help to make the hacker’s email look very genuine. This technique has tricked many users into opening the infected attachment.

One of these emails is described by a commenter on Hacker News,

“[The hackers] went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a
1
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance.

A concise guide to the settings required on both devices
1
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
0
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
3

Expert Comment

by:Ancy Hollo
Hey if you don't mind spending a little money this site: http://www.vanskeys.com/office-2016-c-185.html will be your good choice, the keys in this site are really cheap, you won't miss it.
0

Expert Comment

by:Ancy Hollo
Share with you a good site that you can get cheap product keys from there: http://www.vanskeys.com/office-2016-c-185.html, all versions of office keys and office keys can be found in that site.
0
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to get better.
3
threat model
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
1
LVL 68

Expert Comment

by:Jim Horn
Hi Shakshi

Thanks for your submission.  889 words, completely original content, and reads fairly well.  The technical aspects of this article seem pretty solid, but I'm going to send this back to Draft / Author Review for some general readability editing.  When you're done go ahead and resubmit and I'll review from there.

Please separate paragraphs with a blank line, as without that an article can resemble a 'word wall' where everything jumbles together and can be difficult to read.

>fruitful dispatch, inculcate, buttonhole, the prerequisite in a venture, Addedly, ingressed, environ
These words are rarely used and may confuse people.  Keep in mind that if these are local slang than it might not translate well to a global audience.  I can appreciate that you're trying to tell a story and be somewhat entertaining in the process, but just make sure you don't lose people in the translation.

>as it were, Addedly,
There are some phrases here that do not add value and can be deleted.

>Now let's take a brief about what Threat modeling is: Threat modeling does not include
Please define something by what it is, not what it is not.  The 'is not' stuff can always be added later.

>STRIDE & DREAD.
If terms are going to be introduced but not defined please at minimum provide a link to a definition.

Please provide a conclusion.

Feel free to self-promote in the 'About the Author' section, especially if you have other publications that readers of this one may be interested in reading.

For a lot more recommendations on how to score maximum points on articles check out Top 10 Ways To Write Rock Star Technical Articles

Thanks in advance.  I look forward to seeing this as a finished product.
Jimbo
0
cybersecuritty
Read about achieving the basic levels of HRIS security in the workplace.
1
LVL 6

Author Comment

by:Oscar Waterworth
It was a mistake, thanks for having such a keen eye.
0
Cyber or not!
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
3
cloud
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our businesses and ultimately lives.
0
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
3
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
4
LVL 12

Expert Comment

by:William Nettmann
The Quagga is on it's way back - maybe the password will survive as well!
0
LVL 7

Author Comment

by:Teksquisite
Thank you all for your comments = passwords must die!
0
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
7
LVL 19

Expert Comment

by:Kyle Santos
Good job.
0
LVL 7

Author Comment

by:Teksquisite
Thank you Kyle :)
0
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
3
LVL 7

Author Comment

by:Teksquisite
Good grief the submit button was way at the bottom!
0
LVL 1

Expert Comment

by:SINC_dmack
The connection between a smart phone and an email server should always be SSL encrypted.  It doesn't matter if the wifi connection is insecure, as the 2048-bit (or higher) level of encryption used by the mail server's SSL certificate is more than sufficient to keep hackers out.  If a hacker was able to intercept Steven Petrow's email and/or mail server credentials, it is because the mail server itself was inadequately secured, such as if it was a legacy unencrypted POP3-based server.  

The onus for that lapse lies with whoever is responsible for determining what is acceptable for the mail server's configuration, and on the user for relying on such an insecure method for using email.  All of the major free email providers (Gmail, Yahoo, Hotmail) provide encrypted connections, and so do properly-configured Microsoft Exchange servers.  But people using fly-by-night "100 mailboxes for $20 per month" or whatever services may well not have any encryption.  Where people can really run into problems is if they use insecure email services AND use the same password for other services.  For example, if Steven Petrow had used the same credentials for his email and for his credit card website, a hacker who got the email credentials could have sniffed his wifi traffic to see what credit card website Steven went to, and then attempted to use those credentials there.  But since the credit card website would be SSL encrypted, if Steven had used different credentials for email and the credit card website, then the hacker would have, at best, just been able to see that Steven was going to a credit card website, but not intercepted his credentials or any data sent or received to that website.

Sure, a VPN will alleviate the problem of having an insecure email server (and it's never a bad idea to have an extra layer of encryption), but who is going to start up a VPN every time they want their phone to check their email?  Pretty much nobody.  Rather than advise people to take a bunch of steps that ought to be unnecessary, suggest that they ensure that any services they access over the internet are properly SSL-encrypted.
0
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
9
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address.

There is a new bug in BIND, affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) through BIND 9.9.7-P1 and BIND 9.10.2-P2.

Basically, anyone can stop your BIND service (named), effectively shutting down your name resolution.

So if you administer name servers using BIND, you need to update NOW.
Unfortunately, that means you cannot wait for binaries for your distribution to become available, you need to install from source.

Problems:
  1. You need to install a development environment in your DNS servers
  2. Configuring and compiling can take a long time, using resources
  3. You need to uninstall the current packages, without losing your zone files and named config, including startup scripts.

My solution: configure a test server, configure, compile and install the new version of BIND from source, then copy all the files to the production servers. This way you disrupt the service for 20 sec max.

Caveat: all servers should run the same distribution and packages.

My servers all run Debian 7.8, with minimal packages installed, to reduce attack vectors.

Technique:
1. Create a test server (either from scratch, or by cloning one of your production DNS servers).
2. Prepare the build environment
test-server:apt-get install build-essential libssl-dev

Open in new window


3. Download and extract the package:

Open in new window

0
LVL 35

Author Comment

by:Dan Craciun
0
In a recent article here at Experts Exchange, I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to running Nuance's PaperPort 14.5. I received a private message from a fellow PaperPort user who read the article asking me if I'm aware that Windows 10 is using my computer to help distribute itself. I was not aware of it!

Perhaps I missed this during my nine-month experimentation with the W10 Technical Preview, or maybe Microsoft added that feature only in the official release (Build 10240), but when I checked it out, it is true. I was very surprised to find that W10 is, in essence, using my PC as a peer-to-peer server in distributing updates and apps, and I figured that other Experts Exchange members may also not be aware of it. So I decided to write this article, which also shows how to disable it.

Sidebar:  During the article review process, an EE Page Editor (MASQ) pointed out that this feature was introduced in March with Build 10036 — I did, indeed, miss it! My thanks to MASQ for this information, and for providing a link to Leaked Windows 10 build hints at peer-to-peer patching, an interesting article about it in The Register.

First, I'll explain how to find the feature (the screenshots in this article are from Version 10.0, Build 10240, created via an automatic update from the Technical Preview version of the Windows Insider Program):

51

Expert Comment

by:MtHolly
So, does turning off WUDO "Updates From More Than One Place" stop my system from distributing Windows 10 and updates?  Or, just stop it from getting updates from unknown sources?
0
LVL 67

Author Comment

by:Joe Winograd
Hi MtHolly,
Turning it off does both — (1) stops your system from getting updates and apps from other PCs (meaning it gets them just from Microsoft) and (2) stops your system from distributing/sending updates and apps to other PCs. Regards, Joe
0
In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats that revolve around your software and other applications. These threats can greatly affect your work and bring downfall to your business. This is the reason why you should seek the service of a reputed web application external penetration testing services company. It will help you ensure the security of your firm's network.

Unlike other manual security systems, external penetration testing services provided by a professional help you analyze your network vulnerabilities in a comprehensive manner. You can get rid of all the vulnerabilities with the combination of scanning tools and various other methods of manual penetration. These tools are designed specifically for preventing your system from any sort of data theft or identity theft.

Using penetrating testing tools will help you determine the extent to which your data or information can be compromised or in a position of vulnerability. There are end number of web application penetration testing companies that bring forth different types of tools and techniques for identifying and analyzing the common threats that can occur while using any online platform.

The penetrating testing process involves assessment of the network security and computer by imitating an attack on your…
5
A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them more and more I decided to trial one so I could offer a better opinion.  The one I decided to trial was called 'LastPass'.  It came highly recommended from a couple of my Web Developer friends who now use it for every website that requires some form of login!

In addition to the recommendation I did some research on the program to give me a little more confidence and understanding – I suggest reading a few reviews prior to jumping into anything.



What is a Password Manager?
A password manager is a program that helps a user to better manage and organise their passwords for online accounts.  Most Password managers store your passwords and then encrypts them.  The programs then require the user to enter a Master Password to decrypt them before they can be access.

What is the benefit of having a Password Manager?:
If you’re anything like me you will have lots of online logins, then over time this can become difficult to manage.  I found myself trying multiple login credentials on sites before finding the one that works, eventually getting there but sometimes I would have to do a password reset.
Using a Password Manager takes away this problem.  All you have to do is remember the one password and the program …
4
There are some basic methods for preventing attacks on, hacking of and unauthorized access to a network -- maybe not completely, but up to a certain level.

Start with a well-reputed firewall and unified threat management (UTM) system -- a gateway level internet security device at every access point to your network. If you are in a small or medium-sized organization, where management is not willing to invest in IT (IT is a support system to their business, not their bread and butter) you need to give them a small presentation. If they have invested in security cameras and guards to prevent any unauthorized person from entering their premises, why would they will give unauthorized access to anyone to enter their network?

Explore the Internet, but don't expose yourself

Now you have your own firewall/UTM, so now you can prevent unauthorized to your network. While purchasing the firewall your procurement team has negotiated a lot and purchased the lowest quoted firewall and presented it to you. The vendor who has won this bid may have not-that-much-educated engineers, or the engineer sent to configure it is too much clever and configures the firewall in a very short span of time without asking you all the details of your network. So, it is your duty to know your network thoroughly and carefully.

The engineer came, asked you the public IP of ISP, asked you what you want to restrict, created some group, set up some group policies, showed you the bandwidth …
5
LVL 1

Expert Comment

by:Li HUANG
Thank you     diprajbasu for the summary guild.   To restrict open port (s) ,  example only :80 to your remote ddns updater , how allow the router.map and ldap id you entirely  when as , the primary domain configure invalid at the router.format limited ? ( For a privacy : domain.com  format just input able as xxx.domain.com that of node.domain.com node default to where ? )   Can it be taken away by a device somewhere to be the domain.group ?   Hope to feedback Please .
0
LVL 1

Expert Comment

by:Rahul Sam
Really great idea, There is one more precaution should be taken for network security by doing  penetration testing. As it is the best and most convenient way to find the vulnerabilities in network or websites.
0
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable.

BACKGROUND

SonicOS separates Service Objects into three different views or groupings: “All Services”, “Custom Services” & “Default Services”. Within each view there are two sections called “Service Groups” & “Services”. Service Groups are simply just Services grouped together for related purposes. Default Services are a list of system-created, commonly used, services that you can utilize to create many different networking policies and rules. They are not only created for convenience but they also play a key role in how default Access Rules function, which I’ll discuss later. For all intents and purposes Default Services Objects and Default Services are synonymous here and I’ll be focusing this discussion on the “Ping” Service Group within Default Services. Ping is just an example, but this bug occurs when renaming any Default Service Object.
Image showing Default Services.Some customers of SonicWALL security appliances will rename Default Services under the Service Groups section like Ping and rename it to “Ping Group” or “Group: Ping”, etc. to denote that it is in fact a group, which actually includes both Ping 0 (ICMP - reply) and Ping 8 (ICMP - request) rather than a single Service Object, e.g. Ping 8 (ICMP - request).

When …
3
LVL 32

Author Comment

by:Blue Street Tech
New update: SonicWALL just got back to me and is handling this based on the amount of affected user reports. It missed the 5.9 release but is schedule to be included for the subsequent release.
0
LVL 2

Expert Comment

by:Peter Wilson
Very helpful. Thank you!
1
Most computer users do not realize how important their passwords are. Here’s the straight scoop on why you need a good password and how to create super strong passwords that are easy to remember and hard to crack.


Thieves Are Trying to Steal Your Identity.

If criminals can figure out your password, they know that they will have access to your email, your online bank accounts, even your social security number. They can break into your computers, steal your files, steal your identity, reset your bank account information, steal your bank account, buy houses in your name, buy boats and airplanes in your name.

They will sell your information on the internet for $10 USD to other criminals who will use it to buy and sell drugs.

You might think this to be an exaggeration, but each and every example I gave above is true. Once your information is on the internet and can be sold, criminal rings who specialize in identity theft and internet fraud can do just about whatever they want with you.

Your identity will be sold for as little as $10 in an internet chat room, and it will cost you thousands and your good name before you can restore your life.

All because you were too lazy to get a good password.


Thieves have automated the process

Criminals are not going door to door looking for victims. Instead, they have created computer programs that scan the internet to find your computer, your email box, your website, and other pieces of your …
9
LVL 23

Expert Comment

by:Rajkumar Gs
Good Article DrDamnit

I have seen many peoples using very week passwords. I normally prefer and use strong passwords.
Your article is really helpful. Thanks for the information about those tools as well.

Got some new ideas to keep my secrets secure!

Thanks
Raj
0
LVL 50

Expert Comment

by:DanRollins
There are several weaknesses about using a "password-vault" type program to store your passwords.  Lots of us use the password vault that is built into the web browser, but it is vulnerable:  If you forget to log out at lunch, your evil co-worker will take out a mortgage on your house and then skip off to retire in Bimini with the profits (or enjoy a weekend in Cleaveland, depending... :-)

In both situations (password vault software and browser password handling), you are vulnerable to three problems:  

There is one key password you must remember, and because you may need it often, you might tend to use a weak one.  That means that if somebody can access your desktop (physically or remotely), your 20-character ultra-hardened randomly-created banking passwords are really all as weak as your Windows login password.
What do you do when you are away from your desk?  E.g., when you are on the road and need to check your webmail?  Your herculean password is now preventing you from accessing things you need to access -- because you don't know the password itself.
The local password that is used to "unlock the safe" might well be more susceptible to dictionary and brute-force attacks.  The software (or Windows itself) can be bombarded with login retries, while most websites keep track of retries and foil the cracking software by inserting manditory delays between retries.
None of these are showstoppers, but IMHO, they add up to a good reason to use a "mental algorithm" rather than a password-management tool.  I've discussed that technique in my article: Strong (but Easy-to-Remember) Passwords
0
"Oh crap. I think we've been hacked."

That's the last sentence you ever want to hear from your IT guy, and the last sentence you ever want to have to say to your customers and clients. The fact is, hackers are everywhere. They are out there doing bad stuff for profit, pleasure, notoriety, or simply because: "I can".

This is intended to be a quick, down and dirty, guide to recovering from an attack. No matter if you're a noob or a seasoned IT professional, it is really only a matter of time before you will have to deal with an intruder.

An Ounce of Prevention...
It is so much easier to prevent being hacked than it is to recover. The basic way you prevent hackers from compromising your systems is to make it more difficult than average to break your protection. There is no need to build a digital Fort Knox around your network (although I won't disagree with this practice), but there are 5 simple steps you can use to deter hackers from breaking into your computers, servers, and network.

Never Be the Low Hanging Fruit
If you are the low hanging fruit: a.k.a. an easy target, you're going to get nailed. Hackers, for the most part, are looking for an easy target: a weak password, a stupid employee, an open server door, an unlocked office door, or an untrained user.

In reality, you can take some extremely simple, easy steps, to make it orders of magnitude more difficult to break into your network. You don't have to be the safest, you just have to be safe…
50

Expert Comment

by:blaine_mono
There is a great tool that gives an instant view on internet connections (no need to fiddle with netstat). http://wandering-ips.com
0
LVL 76

Expert Comment

by:Qlemo
If it is just about seeing which ports are open or listening, there are many more free tools, like TcpView from SysInternals or CurrPorts from NirSoft. The latter allows for defining filters and record changes.
But I reckon what the article wants to show is that you can use simple integrated tools to do a quick scan.
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.