Home / Blogs
Follow this blog:
RSS
Email Alert

IT Security

Selena Frye

Selena Frye

TechRepublic Staff

Selena Frye

Selena Frye
Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and IT Security blogs.
  • 0

    UNIX/Linux rootkits 101

    The term rootkit originated with a reference to the root user account on UNIX systems. Rootkits are not limited to UNIX, however, or even to administrative user accounts such as the UNIX root...

    Posted by Chad Perrin | July 30, 2007, 11:12 AM PDT

  • 1

    Reduce permissions to increase DNS security

    Every server process you run on your system provides another potential point of compromise. That's why it's so often recommended that you turn off unnecessary services on Windows machines and...

    Posted by Chad Perrin | July 26, 2007, 6:13 PM PDT | Latest comment by sirconquer+TechRepublic@...

  • 15

    Windows rootkits 101

    When administrators and security professionals hear the word rootkit, most think first of a UNIX-based system. Unfortunately, this only leads to a false sense of security for Windows-based...

    Posted by Mike Mullins | July 26, 2007, 2:27 PM PDT | Latest comment by andy@...

  • 2

    Apply the D.I.C.E. framework to determine your best antivirus solution

    This blog post is also available in PDF form as a TechRepublic download. If you use PCs for work, you must deal with the constant threat of viruses. Not only can they take an individual computer...

    Posted by Joshua Hoskins | July 23, 2007, 11:18 AM PDT | Latest comment by jsavage@...

  • 31

    FBI's secret spyware becomes public

    There's an interesting article on Wired about how the FBI used a spyware program to track a teenager who was making bomb threats against a Washington state high school. Also included in the...

    Posted by Michael Kassner | July 23, 2007, 6:02 AM PDT | Latest comment by AnsuGisalas

  • 18

    Myth: I'm not really at risk

    I regularly hear variations on a theme: "Security vendors blow the threat out of proportion. Don't worry so much about it." "I'm a careful computer user. I've been using computers for years...

    Posted by Chad Perrin | July 22, 2007, 6:34 PM PDT | Latest comment by apotheon

  • 3

    Check out the results of CNET's security vendor survey

    By now, we should all know that federal law enforcement is using keyloggers in surveillance activities, and a court ruled it constitutional -- even without probable cause. What this means to the...

    Posted by Chad Perrin | July 19, 2007, 6:33 AM PDT | Latest comment by Absolutely

  • 44

    Just say no to WEP

    Whether you're running a home wireless network or a corporate wireless network, you need to know the truth about Wired Equivalent Privacy (WEP). When WLAN hardware first came out, WEP was the...

    Posted by Mike Mullins | July 18, 2007, 12:03 PM PDT | Latest comment by smallcliques@...

  • 80

    Five steps to becoming the local security guru

    It's not difficult to become the local security expert -- the guy to whom others look when they need network resources secured, the guy they point to when they want to source someone in their...

    Posted by Chad Perrin | July 17, 2007, 6:49 AM PDT | Latest comment by aye.thin@...

  • 2

    VoIP threats: Beyond eavesdropping

    When it comes to phone calls, privacy is the most common security concern. Recently, we discussed how hackers can eavesdrop on VoIP calls to discover the content of participants' conversations....

    Posted by Deb Shinder | July 13, 2007, 12:06 PM PDT | Latest comment by dnvechoes@...

  • 10

    Manage patch deployment with these five steps

    While recently working on a network with roughly 10,000 hosts, I discovered two machines that had gone unpatched for 11 months. This might not seem like a big deal -- .02 percent of machines that...

    Posted by Mike Mullins | July 12, 2007, 10:51 AM PDT | Latest comment by folsom6

  • 4

    Take steps to safeguard sensitive data

    Is your organization responsible for complying with one or more of the many privacy-related pieces of legislation that the U.S. government has enacted over the past decade? It's a good bet that it...

    Posted by Mike Mullins | July 5, 2007, 11:43 AM PDT | Latest comment by mike@...

  • 9

    Keep hackers from eavesdropping on VoIP calls

    VoIP technology is becoming more popular because it costs less than traditional PSTN phone service -- and in the case of long-distance and international calls, it often costs a lot less. In...

    Posted by Deb Shinder | June 29, 2007, 10:53 AM PDT | Latest comment by game_insomniac@...

  • 9

    Phishing and pharming 101: Protect your identity

    Using a variety of nefarious methods, phishing and pharming are a consistent problem that threatens everyone with identity theft. If you recognize what these methods are and how malicious users...

    Posted by Mike Mullins | June 28, 2007, 11:54 AM PDT | Latest comment by techrepublic@...

  • 0

    Deal responsibly with identity data breaches

    Most security managers are aware of some form of the five steps for handling an incident: Prevent, detect, contain, eradicate, and recover. These steps are usually sufficient for those incidents...

    Posted by Tom Olzak | June 21, 2007, 4:34 AM PDT

  • 9

    FBI rounds up bot-herders, national security at stake

    During the May 2007 Anti-Phishing Working Group Counter eCrime summit in San Francisco, researcher Joe St. Sauver spoke about the need for a government agency to step up and help in the war...

    Posted by Tom Olzak | June 18, 2007, 4:42 AM PDT | Latest comment by tomb@...

  • 2

    Data owners aren't always the final word in data protection

    Data owners are responsible for determining who accesses sensitive information as well as the level of access (e.g., read, write, etc.), but at what point should data owner approval be checked by...

    Posted by Tom Olzak | June 14, 2007, 4:55 AM PDT | Latest comment by NatureBuff

  • 48

    Consumers 0, Cybercriminals 1: The public disclosure debate

    It's become great sport -- and often profitable -- to identify vulnerabilities in applications, operating systems, and LAN/WAN device controlling software. These activities are not in themselves...

    Posted by Tom Olzak | June 11, 2007, 4:46 AM PDT | Latest comment by Neon Samurai

  • 6

    The growing threat of cyberwarfare

    Recent events have shown that certain nations are ready and willing to use cyberwarfare to push national agendas. What does this mean to nations -- and businesses -- that rely on the Internet for...

    Posted by Tom Olzak | June 7, 2007, 5:00 AM PDT | Latest comment by Locrian_Lyric

  • 0

    Use the revised OWASP Top Ten to secure your Web applications -- part 7

    This article is also available as a TechRepublic download. The seventh installment in the 2007 OWASP Top 10 series takes a look at broken authentication and session management...

    Posted by Tom Olzak | June 6, 2007, 12:33 PM PDT

  • 2

    List open ports and listening services

    You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

    Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard

  • 151

    Hackers: From innocent curiosity to illegal activity

    Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.

    Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...

  • 103

    DropSmack: Using Dropbox to steal files and deliver malware

    Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

    Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner

  • 36

    Cloud-service contracts and data protection: Unintended consequences

    There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

    Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner

  • 36

    Battling the Google Redirect virus

    Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

    Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344

  • 36

    Understanding what motivates Chinese hackers

    Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.

    Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000

  • 15

    BoxCryptor vs. DropSmack: The battle to secure Dropbox

    Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

    Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner

  • 63

    How to spoof a MAC address

    MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

    Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale

  • 3

    Running the gauntlet: Tips for achieving your CISSP

    One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.

    Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen

  • 10

    The basics of using a proxy server for privacy and security

    Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

    Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson

  • 0

    DDoS attack methods and how to prevent or mitigate them

    Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

    Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT

  • 21

    Software-Defined Networking: How it affects network security

    SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.

    Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner

  • 64

    Dropbox: Convenient? Absolutely, but is it secure?

    A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

    Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...

  • 67

    Use PuTTY as a secure proxy on Windows

    Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

    Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa

  • 101

    Hacker vs. cracker

    The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...

    Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet

  • 5

    The future of IT security compliance: 201 CMR 17.00

    Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...

    Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...

  • 9

    New McAfee patent hints at a more walled-off online world

    A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

    Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain

  • 74

    10 services to turn off in MS Windows XP

    As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

    Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008

  • 89

    The FBI locked your computer? Watch out for new spins on ransomware

    The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

    Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen

  • 11

    The CIA Triad

    The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the...

    Posted by Chad Perrin | June 30, 2008, 3:13 PM PDT | Latest comment by white house

Keep Up with TechRepublic

Discover more newsletters

Follow us however you choose!

Media Gallery

View All

Hot Questions

Ask a Question
View All

Hot Discussions

Start a Discussion