Elementary Information Security
This book is certified to comply fully with the NSTISSI 4011 federal training standard for information security professionals. The text emphasizes both the technical and non-technical aspects of information security and uses practical examples and real-world assessment tools. More ...
ARP, MAC, Poisoning, and WiFi Security
In this article we cover the basics on Address Resolution Protocol (ARP), Media Access Control Addresses (MAC), Wireless (WiFi), and layer 2 communications. I explain how a 'Man in the Middle Attack' works. The common name for this is ARP poisoning, MAC poisoning, or Spoofing. More ...
Nessus Network Vulnerability Scanner
Nessus is a network vulnerability scanning program that scans network hosts for vulnerabilities and generates reports on its findings. More ...
Overview of IPsec with IKEv1
VPN (Virtual Private Network) technologies such as IPsec (IP Security) with IKE (Internet Key Exchange) offer the ability to transmit over broadband securely. More ...
Data Encryption
There are two kinds of key encryption: private key and public key. In private key encryption a single key is used. Public key encryption uses two keys. One key, called the private key can only be used to decrypt a document. The other key, called the public key, can only encrypt a document. More ...
Wireless Network Security - The Basics of Securing a Wireless LAN
This article discusses how to secure your home and business wireless network. The process of a client associating and authenticating to an access point is standard. The security requirements vary from a home network, small business network and government departments requiring
stringent network security. More ...
Essentials of Endpoint Device Backup
With the proliferation of data on laptops and mobile devices, organizations need to maintain control of how data is being accessed, shared, and distributed. Endpoint backup solutions should encrypt data in transit and in store to prevent unauthorized viewing of sensitive corporate data. More ...
Avoid Hacks by Rogue Wireless Devices
Watch out for hacking from unauthorized routers and wireless clients that are attached to your network. By using NetStumbler or your client manager software, you can test for access points (APs) and ad-hoc devices that don't belong on your network. More ...
The Use of HoneyPots and HoneyNets to Trick Hackers
A HoneyPot is a storage area on a network that has fake confidential and valuable data used to trick hackers. More ...
Remote Access Authentication Protocols
A remote access authentication protocol is the method by which remote users will be authenticated when they log on the network. Some options are EAP, CHAP, and PAP, explined here. More ...
Digital Signatures and Certificates
The construction of the Digital Signature entails applying a hash function to the message by concatenation of the message with a known secret key and then applying a mathematical function which will produce a fixed length output known as the digest. More ...
Handling Rogue Access Points
A Rogue access point is any wireless access points that exist on your network without the consent of the business. If an insider were to use a laptop to act as an access point, regardless of the intent, it poses a security risk. More ...
Designing Physical Network Security
Network security covers a multitude of issues. The first issue to address is physical access to your network. More ...
