Domain Name System (DNS) Vulnerabilities
The original design of the DNS did not include robust security features. DNS vulnerabilities open networks to various types of attacks, cache poisoning and DDoS attacks being the most common. More ...
What is Network AAA (Authentication, Authorization, and Accounting)?
The acronym AAA stands for three network procedures and processes that help to make a network more secure and reliable. The A's stand for Authentication, Authorization, and Accounting. The difference between authentication, authorization, and accounting is described here. More ...
Cyber Security Tips for Small and Medium Business (SMB)
When it comes to small or medium enterprise the impact of security threat is even more severe. Cyber criminals love to target small business largely due to the fact that SMBs cannot afford to implement strong security protocols. More ...
Denial of Service Attack (DoS) Detection and Mitigation
A Denial of Service Attack is when a hacker attempts to consume such a large amount of a server's resources that it's services will be unavailable to its intended users. For example a DoS attack against a web server attempts to prevent it from serving web pages to
legitimate Internet clients. More ...
How to Protect Your Business From a Cyber Attack
Hackers can be crippling for small businesses who, many times, never recover from the theft. Here are some precautions you can take to help keep your business protected against hackers. More ...
The Role of Security Penetration Testers
An ethical hacker is a person who performs most of the same activities a hacker does but with the owner or company's permission. Ethical hackers are usually contracted to perform penetration tests or security tests. More ...
How to Use the Open Source Intrusion Detection System SNORT
In terms of raw power and features, SNORT, the most commonly used Open Source Intrusion Detection System, (IDS) has begun to eclipse many expensive proprietary IDSes. In terms of documentation or ease of use, however, SNORT can seem overwhelming. More ...
Are You Meeting ISO 27000 Standards for Information Security Management?
The ISO 27000 standard developed by The (IEC) and (ISO) is an internationally accepted industry standard for Information Security Management (ISM). More ...
Types of Computer Security Threats
No book nor any checklist or method can show you all the kinds of harm that can happen to computer assets. There are too many ways to interfere with your use of these assets. Two information sources are of value however. The CVE list and the CVSS measurement system. More ...
What is Cross Site Scripting?
Cross-site scripting attacks are used to steal information from your browser when you visit websites such as ecommerce stores, forums, and even your email accounts. More ...
Remote Access Authentication Protocols
A remote access authentication protocol is the method by which remote users will be authenticated when they log on the network. Some options are EAP, CHAP, and PAP, explined here. More ...
What is a SQL Injection Attack?
SQL injection can be used by an attacker to inject code into a website in order to access and manipulate the database behind the site. More ...
Data Encryption
There are two kinds of key encryption: private key and public key. In private key encryption a single key is used. Public key encryption uses two keys. One key, called the private key can only be used to decrypt a document. The other key, called the public key, can only encrypt a document. More ...