Design a Network Security Policy
A security policy is a statement of what your systems' users are and are not allowed to do. Make sure that the policy is consistent and clearly-written. More ...
Digital Signatures and Certificates
The construction of the Digital Signature entails applying a hash function to the message by concatenation of the message with a known secret key and then applying a mathematical function which will produce a fixed length output known as the digest. More ...
What is Penetration Testing?
This book serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. More ...
Difference Between Network Firewall and Web Application Firewall
A Network Firewall acts as a security barrier between a trusted network, such as the local network (LAN), and an untrusted network, such as the Internet. A >Web Application Firewall (WAF) monitors and allows or blocks data packets as they travel to and from a Web application. More ...
What is Network AAA (Authentication, Authorization, and Accounting)?
The acronym AAA stands for three network procedures and processes that help to make a network more secure and reliable. The A's stand for Authentication, Authorization, and Accounting. The difference between authentication, authorization, and accounting is described here. More ...
Domain Name System (DNS) Vulnerabilities
The original design of the DNS did not include robust security features. DNS vulnerabilities open networks to various types of attacks, cache poisoning and DDoS attacks being the most common. More ...
Firewall Perimeter Network (DMZ)
A DMZ (Demilitarized Zone) or Perimeter Network is the area between the firewall that protects the network from untrusted external networks (the Internet) and the firewall that protects the internal network. More ...
Elementary Information Security
This book is certified to comply fully with the NSTISSI 4011 federal training standard for information security professionals. The text emphasizes both the technical and non-technical aspects of information security and uses practical examples and real-world assessment tools. More ...
Designing Physical Network Security
Network security covers a multitude of issues. The first issue to address is physical access to your network. More ...
How to Become a Professional Ethical Hacker
As a Professional Ethical Hacker you need to understand the various kind of hacking, which can be classified into White Hat, Grey Hat and non-ethical hacking. Only a deep knowledge can help in combating any sort of breach or unauthorised access in the information system. More ...
ARP, MAC, Poisoning, and WiFi Security
In this article we cover the basics on Address Resolution Protocol (ARP), Media Access Control Addresses (MAC), Wireless (WiFi), and layer 2 communications. I explain how a 'Man in the Middle Attack' works. The common name for this is ARP poisoning, MAC poisoning, or Spoofing. More ...
Avoid Hacks by Rogue Wireless Devices
Watch out for hacking from unauthorized routers and wireless clients that are attached to your network. By using NetStumbler or your client manager software, you can test for access points (APs) and ad-hoc devices that don't belong on your network. More ...
How to Stop Hackers from Invading Your Network
Large corporations, banks, financial institutions, security establishments are particularly favorite targets for hackers. However, this menace can be prevented to a great extent if proper security measures are taken. More ...
