The Network Security. Org

Improperly configured home PCs are one of the biggest risks to the Internet. At any given time there are hundreds of thousands or possibly millions of home PCs infected with viruses, worms, adware, spybots, or spambots. These users are causing a large volume of malicious traffic, which at the very least is a nuisance, and [...]

Continue Reading Entry... »

PineApp has released a free zombie test that can instantly discover whether an organization’s computer network might be an unwitting spamming machine, a “zombie” or ‘bot’ that can send thousands of infected spam messages to other networks without its knowledge.

Continue Reading Entry... »

Computer scientists in Menlo Park are releasing a free diagnostic program today to help network administrators find PCs infected with an insidious new type of virus that has already tainted millions of computers and used them to generate billions of spam e-mails. Since this malicious program, variously called Peacomm or the Storm Worm, appeared in [...]

Continue Reading Entry... »

Will full-disk encryption be hard to implement? Maybe not. It’s often not as bad as you think. "If you have a distribution tool in place, encryption software is just another package you send out," said John Girard, vice president and distinguished analyst at Gartner. He recommended giving users a certain time frame to perform the [...]

Continue Reading Entry... »

Corporate storage systems and networks are an attractive target for hackers looking to steal sensitive data or launch computer attacks, Alan Lustiger, security architect at TD Ameritrade Inc., told an audience at Computerworld’s Storage Networking World user conference here yesterday. In particular, he warned IT executives that network-attached storage (NAS) systems are a most attractive [...]

Continue Reading Entry... »

As an IT Pro, I routinely monitor employee’s computers and emails. It’s essential in a work environment for administrative purposes as well as for security. Monitoring email, for example, allows you to block attachments that could contain a virus or spyware. The only time I have to connect to a user’s computer and do work [...]

Continue Reading Entry... »

The following is an excerpt from the book Virtual Honeypots: From Botnet Tracking to Intrusion Detection. In this section of Chapter 11:Tracking Botnets (.pdf), authors Niels Provos and Thorsten Holz explain how virtual honeypots can be used in the real world to investigate botnets and their behaviour. Something that is interesting, but rarely seen is [...]

Continue Reading Entry... »

Today’s Washington Post carries my story about the the Russian Business Network, an entity based in St. Petersburg that provides Web hosting services that cater exclusively to cyber criminals. From the story: "The Russian Business Network sells Web site hosting to people engaged in criminal activity, the security experts say. Groups operating through the company’s [...]

Continue Reading Entry... »

ARP poisoning, SNMP snarfing, and "fuzzing" are common hacks perpetrated on Ethernet switch gear. Cisco networking expert Jimmy Ray Purser explains how to guard against these hacks.The only thing I enjoy more than seeing my mother-in-law head back to Ohio is hacking Ethernet switches. I do a presentation on hacking switch gear that seems to [...]

Continue Reading Entry... »

Everybody’s talking about the need to write more secure applications. But what if the bad guys sabotage the code during the development process? Researchers long have known about the potential for infection or a breach during the software-build process using open-source tools — there were cases in 2002 of hackers infecting OpenSSH, Sendmail, and IRC [...]

Continue Reading Entry... »