Follow this blog:: RSS; Email Alert

IT Security

Selena Frye

TechRepublic Staff

TechRepublic

Contact
Bio

Newest
Hottest

27

Use PuTTY as an SSH client on Windows

The SSH protocol was developed as a secure, encrypted replacement for the RSH protocol. RSH is used for remote shell access to a UNIX (or UNIX-like) system and was once popular among sysadmins...

Posted by Chad Perrin | March 7, 2008, 3:21 PM PST | Latest comment by Neon Samurai
12

Make your data self-destruct with BackStopp

Your mission, if you choose to accept it, is to prevent would-be thieves from accessing your critical data. Find out how BackStopp can help.

Posted by Brian Smith | March 5, 2008, 7:53 AM PST | Latest comment by apotheon
1

Security news roundup: March 2

Hereâ€™s a collection of recent security vulnerabilities and alerts, which covers Symantec releasing security fixes for both its Backup Exec for Windows Server and the Symantec Scan Engine...

Posted by Paul Mah | March 2, 2008, 11:59 PM PST
1

Use GnuPG with Mutt to sign or encrypt e-mail

One of the most common uses of OpenPGP applications like PGP and GnuPG is digitally signing and encrypting email. While this can be accomplished "manually" with Mutt every time you want to send...

Posted by Chad Perrin | February 29, 2008, 8:44 AM PST

8

10 tips for effective use of OpenPGP with GnuPG

Using a private encryption system based on the OpenPGP standard can provide a great improvement to the security of your sensitive data. To maximize the value of that improvement, however, you...

Posted by Chad Perrin | February 28, 2008, 10:07 AM PST | Latest comment by Michael Kassner
9

Basic e-mail security tips

There's a lot of information out there about securing your e-mail. Much of it is advanced and doesn't apply to the typical end user. Configuring spam filters such as SpamAssassin, setting up...

Posted by Chad Perrin | February 25, 2008, 1:33 PM PST | Latest comment by vinothjus4u
2

Security news roundup: February 24

Hereâ€™s a collection of recent security vulnerabilities and alerts, which covers Opera releasing an update that patches three security vulnerabilities, multiple flaws found and fixed in EMC...

Posted by Paul Mah | February 24, 2008, 11:51 PM PST | Latest comment by PhilippeV
0

Security news roundup: February 17

Here's a collection of recent security vulnerabilities and alerts, which covers a serious vulnerability fixed in ClamAV, FreeBSD closing a couple of vulnerabilities, additional flaws discovered in...

Posted by Paul Mah | February 17, 2008, 11:59 PM PST
16

Use OpenSSH as a secure Web proxy

Making sure your computers are secure is, in some respects, a full-time job. It gets even more complicated when you have to worry about wireless security too. An important concern for travelers...

Posted by Chad Perrin | February 17, 2008, 10:52 PM PST | Latest comment by stux@...
3

How private is your Web-based service?

As I have said many times before, the two major components of security are privacy and control over your resources. Each of these plays a part in the other. Remote Web-based service providers are...

Posted by Chad Perrin | February 15, 2008, 12:40 PM PST | Latest comment by apotheon
1

Security threats in a unified world

Amid all the excitement surrounding the unification of our communications technologies, the issue of security sometimes gets lost in the shuffle. Maybe some are assuming that the threats are the...

Posted by Deb Shinder | February 15, 2008, 10:28 AM PST | Latest comment by Michael Kassner
2

Using OpenPGP on UNIX/Linux systems with GnuPG

PGP is the name of an encryption program created in 1991 by Philip Zimmerman. Since then, PGP has become the dominant model for personal privacy encryption software. In July 1998, PGP Inc....

Posted by Chad Perrin | February 14, 2008, 4:18 PM PST | Latest comment by doug@...
0

Security news roundup: February 10

Hereâ€™s a collection of recent security vulnerabilities and alerts, which covers a vulnerability in the multiuser version of the popular WordPress, a new release of the Windows client for Skype...

Posted by Paul Mah | February 10, 2008, 11:59 PM PST
29

Five must-have security resources

It's important for a security professional to have good security resources in his or her virtual toolbox. Here's a simple list of some of the resources I keep handy these days. This list covers a...

Posted by Chad Perrin | February 8, 2008, 12:28 PM PST | Latest comment by ejhonda
14

Protect your network with the Cisco IOS Firewall

Why buy another expensive device if your router can also provide firewall functionality? Any "Firewall Feature Set" version of the Cisco IOS contains the IOS Firewall, a built-in firewall inside...

Posted by David Davis | February 7, 2008, 12:42 PM PST | Latest comment by darks0ul
15

Pop-up windows: Know the difference between the good, the bad, and the annoying

Pop-up windows can often be a pain, but they sometimes indicate a more serious problem. Find out how to differentiate between a pop-up that's just wasting your time and one that might be trying to...

Posted by Mike Mullins | February 7, 2008, 8:50 AM PST | Latest comment by seanferd
40

Security is an ecosystem, not a product

People talk about security as though it's something you can buy and sell. They don't always think of it as something you can buy with money; sometimes they think of it as something they can buy...

Posted by Chad Perrin | February 4, 2008, 3:05 AM PST | Latest comment by Absolutely
0

Security news roundup: February 3

Hereâ€™s a collection of recent security vulnerabilities and alerts, which covers multiple unpatched vulnerabilities in the open sourced Mambo CMS, Gento's vulnerability to DOS and remote...

Posted by Paul Mah | February 3, 2008, 8:24 PM PST
4

Establish a strategy for security breach notification

Even if your organization takes every possible precaution to protect its data, a security breach is often inevitable. What do you do if it happens? Here are some pointers for notifying those affected.

Posted by Mike Mullins | January 31, 2008, 11:42 AM PST | Latest comment by sarah.kahler@...
0

Security news roundup: January 27

Here's a collection of recent security vulnerabilities and alerts, which covers an SQL injection hole found in PHP Nuke, a reboot vulnerability found in Cisco's PIX and ASA, a new version of...

Posted by Paul Mah | January 27, 2008, 11:50 PM PST

Page 48 of 57

2

List open ports and listening services

You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
36

Battling the Google Redirect virus

Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
7

BGP and Internet security: Is it better to be lucky or good?

Does "it's not a problem until it actually happens" apply to Internet security? Michael P. Kassner interviews a networking expert who's wondering about the same thing.

Posted by Michael Kassner | June 10, 2013, 9:11 AM PDT | Latest comment by wdewey@...
105

DropSmack: Using Dropbox to steal files and deliver malware

Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner

10

New Android malware should be wake-up call for security admins

Security firm Kaspersky reported on a new malware threat that it calls the most sophisticated it has seen in targeting Android phones.

Posted by Patrick Lambert | June 12, 2013, 10:29 AM PDT | Latest comment by Michael Kassner
27

The anatomy of a phishing operation

There are far better things than being phished, like writing about how not to get phished. Michael P. Kassner reviews a research paper that provides amazing insight into a successful phishing...

Posted by Michael Kassner | June 3, 2013, 7:04 AM PDT | Latest comment by JCitizen
63

How to spoof a MAC address

MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
8

Aaron Swartz legacy lives on with New Yorker's Strongbox: How it works

Strongbox was Aaron Swartz's final project. Michael P. Kassner explains why The New Yorker requested a way to keep sources and their information secret.

Posted by Michael Kassner | May 20, 2013, 7:17 AM PDT | Latest comment by tylerpitchford
10

The basics of using a proxy server for privacy and security

Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
15

BoxCryptor vs. DropSmack: The battle to secure Dropbox

Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
11

Virtualizing apps could be the bridge over the BYOD security gap

Allowing BYOD has unfavorable implications for both the company and employees. Michael P. Kassner explores what businesses are doing to mitigate the risk.

Posted by Michael Kassner | May 28, 2013, 6:33 AM PDT | Latest comment by Michael Kassner
6

How to successfully implement the principle of least privilege

Least privilege is a core security principle, but it's one that often meets with resistance by users. Here are tips for how to implement it and get the point across to others.

Posted by Dominic Vogel | May 29, 2013, 9:27 AM PDT | Latest comment by o_p_i
0

DARPA's Plan X and the future of the U.S. cyber defense infrastructure

Plan X sounds like a summer sci-fi movie, but it's actually one of DARPA's latest projects, aimed at improving the nation's defense of critical infrastructure targets.

Posted by Patrick Lambert | June 4, 2013, 5:30 AM PDT
36

Cloud-service contracts and data protection: Unintended consequences

There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner
0

DDoS attack methods and how to prevent or mitigate them

Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
297

Is uncovering digital vulnerabilities doing more harm than good?

A noted virtual-reality technologist and author views "security through obscurity" as the only true way security can exist. Michael P. Kassner looks at what this uniquely divergent viewpoint means.

Posted by Michael Kassner | March 25, 2013, 8:48 AM PDT | Latest comment by mla_ca520@...
64

Dropbox: Convenient? Absolutely, but is it secure?

A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
67

Use PuTTY as a secure proxy on Windows

Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
89

The FBI locked your computer? Watch out for new spins on ransomware

The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen
74

10 services to turn off in MS Windows XP

As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008