Types of Computer Security Threats
No book nor any checklist or method can show you all the kinds of harm that can happen to computer assets. There are too many ways to interfere with your use of these assets. Two information sources are of value however. The CVE list and the CVSS measurement system. More ...
Domain Name System (DNS) Vulnerabilities
The original design of the DNS did not include robust security features. DNS vulnerabilities open networks to various types of attacks, cache poisoning and DDoS attacks being the most common. More ...
Security Issues with Wireless LANs
Wireless LAN (WLAN) security threats include war dialing, war driving, war chalking, WEP and WPA security cracking, and rogue access points. This artilce discuses approaches to WLAN Security. More ...
What is a SQL Injection Attack?
SQL injection can be used by an attacker to inject code into a website in order to access and manipulate the database behind the site. More ...
Overview of IPsec with IKEv1
VPN (Virtual Private Network) technologies such as IPsec (IP Security) with IKE (Internet Key Exchange) offer the ability to transmit over broadband securely. More ...
Network Security
Network security starts with physical security. Network components such as servers, hubs, and routers should be located in a secure equipment room. Part of physical security is protecting your cable plant from damage and electronic eavesdropping. More ...
What is a Password Hash and Salt?
Never store a user's password as plain-text. A Hashing algorithm is similar to encryption. To increase the security of a hashed password, a random value called salt is added to the hash. More ...
Understanding the Different Classes of Firewalls
A firewall is able to achieve its functions through the capabilities it is able to provide. These are the capabilities determine the type of firewall to needed to meet a certain and specific set of security needs. More ...
Elementary Information Security
This book is certified to comply fully with the NSTISSI 4011 federal training standard for information security professionals. The text emphasizes both the technical and non-technical aspects of information security and uses practical examples and real-world assessment tools. More ...
How SSL (Secure Sockets Layer) Works
SSL is a security protocol standard that encrypts communication between a web browser and a web server. Any organization that uses their website to transmit, receive, store, or display confidential or sensitive information such as passwords, credit card or bank account numbers, social security numbers, and so on, needs to use an SSL Connection. More ...
Man in the Middle Attack
In a Man in the Middle (MIM) attack the hacker places eavesdropping equipment between the sending device and the receiving device. He intercepts the data, records it and possibly modifies it, then sends it on to the intended receiving device. More ...
Methods to Combat Distributed Denial of Service (DDoS) Attacks
DDOS attacks are costly in terms of lost revenue and added costs. DDoS attack protection plays a fundamental role in keeping businesses online. Here are some strategies that can be used to protect against a DDoS attack. More ...
Top Ways to Prevent Data Loss
Data loss is crippling for any business, especially in the age of big data where companies rely on digital information to refine their marketing, contact prospects, and process transactions. The first goal should be to prevent data loss from occurring in the first place. More ...
