Difference Between Rule and Role Based Access Control
Access control is the method used to block or allow access to a network or network resources. Two types of access control are rule-based and role-based. The difference between rule-based and role-based access control is explained here. More ...
Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
"Most organizations use both IDS and an IPS. The IPS automatically blocks attacks where it is accurate, while the IDS logs and notifies network administrators of suspicious activity so they can use their judgment as to what countermeasures to take. More ...
The Role of Security Penetration Testers
An ethical hacker is a person who performs most of the same activities a hacker does but with the owner or company's permission. Ethical hackers are usually contracted to perform penetration tests or security tests. More ...
What is Penetration Testing?
This book serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. More ...
Security Issues with Wireless LANs
Wireless LAN (WLAN) security threats include war dialing, war driving, war chalking, WEP and WPA security cracking, and rogue access points. This artilce discuses approaches to WLAN Security. More ...
Avoid Hacks by Rogue Wireless Devices
Watch out for hacking from unauthorized routers and wireless clients that are attached to your network. By using NetStumbler or your client manager software, you can test for access points (APs) and ad-hoc devices that don't belong on your network. More ...
What is a SQL Injection Attack?
SQL injection can be used by an attacker to inject code into a website in order to access and manipulate the database behind the site. More ...
How to Stop Hackers from Invading Your Network
Large corporations, banks, financial institutions, security establishments are particularly favorite targets for hackers. However, this menace can be prevented to a great extent if proper security measures are taken. More ...
Network Security Model - Defining an Enterprise Security Strategy
These are the five primary security groups that should be considered with any enterprise security model. These include security policy, perimeter, network, transaction and monitoring security. These are all part of any effective company security strategy. More ...
Designing Physical Network Security
Network security covers a multitude of issues. The first issue to address is physical access to your network. More ...
ARP, MAC, Poisoning, and WiFi Security
In this article we cover the basics on Address Resolution Protocol (ARP), Media Access Control Addresses (MAC), Wireless (WiFi), and layer 2 communications. I explain how a 'Man in the Middle Attack' works. The common name for this is ARP poisoning, MAC poisoning, or Spoofing. More ...
Network Security Across the Enterprise
Today's business networks consist of numerous remote access connections from employees and outsourcing firms. Often, the security risks from connections outside the network are overlooked. The proper security solution for your organization will neutralize virtually all of these threats to your network. More ...
What's the Difference Between Sniffing, Snooping, and Spoofing?
Network sniffing and snooping involve tapping into network traffic for the purpose extracting usernames, passwords, account numbers, and other information. Spoofing is when a hacker creates an email or a website that appears to genuine but is designed for the purpose extracting usernames, passwords, account numbers. More ...
