What is Cross Site Scripting?
Cross-site scripting attacks are used to steal information from your browser when you visit websites such as ecommerce stores, forums, and even your email accounts. More ...
Network Security
Network security starts with physical security. Network components such as servers, hubs, and routers should be located in a secure equipment room. Part of physical security is protecting your cable plant from damage and electronic eavesdropping. More ...
What's the Difference Between Sniffing, Snooping, and Spoofing?
Network sniffing and snooping involve tapping into network traffic for the purpose extracting usernames, passwords, account numbers, and other information. Spoofing is when a hacker creates an email or a website that appears to genuine but is designed for the purpose extracting usernames, passwords, account numbers. More ...
Detecting Network Sniffers
A packet sniffer is a program or device that eavesdrops on network traffic and gathers data from packets. Malicious intruders may install packet sniffers in order to retrieve usernames and passwords. More ...
Avoid Hacks by Rogue Wireless Devices
Watch out for hacking from unauthorized routers and wireless clients that are attached to your network. By using NetStumbler or your client manager software, you can test for access points (APs) and ad-hoc devices that don't belong on your network. More ...
Use of Taps and Span Ports in Cyber Intelligence Applications
SPAN stands for Switched Port Analyzer, a dedicated port on a switch that takes a mirrored copy of network traffic from within the switch and sends it to, typically, a monitoring device, or other tool for troubleshooting or traffic analysis. More ...
Methods to Combat Distributed Denial of Service (DDoS) Attacks
DDOS attacks are costly in terms of lost revenue and added costs. DDoS attack protection plays a fundamental role in keeping businesses online. Here are some strategies that can be used to protect against a DDoS attack. More ...
Public Key Infrastructure
PKI (Public Key Infrastructure) uses a public and private key pair obtained and shared through a trusted authority. Public and private keys are used to lock (encrypt) and unlock (decrypt) data. Certificates are the cornerstones of the PKI. More ...
Why Become a CISSP?
As a Certified Information Systems Security Professional (CISSP), you will be seen as a security professional of proven ability who has successfully met a predefined standard of knowledge and experience that is well understood and respected throughout the industry. More ...
Difference Between Network Firewall and Web Application Firewall
A Network Firewall acts as a security barrier between a trusted network, such as the local network (LAN), and an untrusted network, such as the Internet. A >Web Application Firewall (WAF) monitors and allows or blocks data packets as they travel to and from a Web application. More ...
The Role of Security Penetration Testers
An ethical hacker is a person who performs most of the same activities a hacker does but with the owner or company's permission. Ethical hackers are usually contracted to perform penetration tests or security tests. More ...
ARP, MAC, Poisoning, and WiFi Security
In this article we cover the basics on Address Resolution Protocol (ARP), Media Access Control Addresses (MAC), Wireless (WiFi), and layer 2 communications. I explain how a 'Man in the Middle Attack' works. The common name for this is ARP poisoning, MAC poisoning, or Spoofing. More ...
Data Encryption
There are two kinds of key encryption: private key and public key. In private key encryption a single key is used. Public key encryption uses two keys. One key, called the private key can only be used to decrypt a document. The other key, called the public key, can only encrypt a document. More ...
