New articles added to WindowSecurity.com last month:
How Windows Server 2003’s Software Restriction Policies Improve Security
Allowing any unauthorized software to run on company computers, especially those connected to the network, poses many dangers. Even if the program isn’t infested with malicious code, incompatibility problems can result in operating system crashes, or interfere with the operation of other programs, and complicate tech support and troubleshooting – not to mention licensing issues. For this reason, Microsoft includes a new feature with Windows Server 2003 and Windows XP: software restriction policies.
Patch management with GFI LANguard N.S.S. & Microsoft SUS
Patch management is an essential network administration task and consists of scanning machines on the network for missing patches and deploying those patches as soon as they become available. This white paper provides an overview of how to use GFI LANguard Network Security Scanner (N.S.S.) and Microsoft Software Update Services (SUS) to keep your network updated.
Violating Database - Enforced Security Mechanisms
This paper discusses the feasibility of violating the access control, authentication and audit mechanisms of a running process in the Windows server operating systems. Specifically, it discusses the feasibility of totally disabling application - enforced access control in a running service, taking SQL Server 2000 as a sizeable and meaningful example. Topics relating to "runtime patching" exploits are discussed.
Wireless Security Primer (Part II)
In this article, we will discuss what every Wireless Administrator should do (or think about) to keep their Wireless LANs (WLANs) safe and secure. Every time you deploy a Wireless network, you should always ask yourself the following questions outlined within this article. Much has been done to secure wireless transmissions, but there are still items missed that can help your security posture, that many administrators are still not doing and are very important.
Security Scanner & Patch Management Tools Review
Security scanning & patch management is essential to prevent vulnerabilities on your network. Patch management in particular has become a hot topic and I review some of the leading security scanning & patch management tools available today. This review gives you a ‘birds eye’ view of each tool, to give you an idea how they work and what they they’re meant for. I also compare tools so you can decide which would be best for your network.
Defining a Security Policy
Security Polices are a necessary evil in today’s enterprise networks. Without a Security Policy, you leave yourself open and vulnerable to a lot of political attacks. In this article, we will begin to look at all the measures you will need to deploy to successfully define a security policy.
Windows 2000 allows unauthorized users to get administrator rights on computer
This article describes a security flaw which allows unauthorized users to get administrator rights on computers that are running Microsoft Windows 2000 operating system.
Intrusion Detection Systems (IDS) Part I - (network intrusions; attack symptoms; IDS tasks; and IDS architecture)
Due to a growing number of intrusions and since the Internet and local networks have become so ubiquitous, organizations increasingly implementing various systems that monitor IT security breaches. Intrusion Detection Systems (IDS) are those that have recently gained a considerable amount of interest. This is an introductory article to this topic. It gives an overview of several types of detectable attacks, symptoms that help in intrusion detection, describes IDS tasks, different architectures and concepts in this field.
Best Regards,
Stephen Chetcuti
ISAserver.org - MSExchange.org - WindowSecurity.com - ServerFiles.com - NTfaxFAQ.com
How Windows Server 2003’s Software Restriction Policies Improve Security
Allowing any unauthorized software to run on company computers, especially those connected to the network, poses many dangers. Even if the program isn’t infested with malicious code, incompatibility problems can result in operating system crashes, or interfere with the operation of other programs, and complicate tech support and troubleshooting – not to mention licensing issues. For this reason, Microsoft includes a new feature with Windows Server 2003 and Windows XP: software restriction policies.
Patch management with GFI LANguard N.S.S. & Microsoft SUS
Patch management is an essential network administration task and consists of scanning machines on the network for missing patches and deploying those patches as soon as they become available. This white paper provides an overview of how to use GFI LANguard Network Security Scanner (N.S.S.) and Microsoft Software Update Services (SUS) to keep your network updated.
Violating Database - Enforced Security Mechanisms
This paper discusses the feasibility of violating the access control, authentication and audit mechanisms of a running process in the Windows server operating systems. Specifically, it discusses the feasibility of totally disabling application - enforced access control in a running service, taking SQL Server 2000 as a sizeable and meaningful example. Topics relating to "runtime patching" exploits are discussed.
Wireless Security Primer (Part II)
In this article, we will discuss what every Wireless Administrator should do (or think about) to keep their Wireless LANs (WLANs) safe and secure. Every time you deploy a Wireless network, you should always ask yourself the following questions outlined within this article. Much has been done to secure wireless transmissions, but there are still items missed that can help your security posture, that many administrators are still not doing and are very important.
Security Scanner & Patch Management Tools Review
Security scanning & patch management is essential to prevent vulnerabilities on your network. Patch management in particular has become a hot topic and I review some of the leading security scanning & patch management tools available today. This review gives you a ‘birds eye’ view of each tool, to give you an idea how they work and what they they’re meant for. I also compare tools so you can decide which would be best for your network.
Defining a Security Policy
Security Polices are a necessary evil in today’s enterprise networks. Without a Security Policy, you leave yourself open and vulnerable to a lot of political attacks. In this article, we will begin to look at all the measures you will need to deploy to successfully define a security policy.
Windows 2000 allows unauthorized users to get administrator rights on computer
This article describes a security flaw which allows unauthorized users to get administrator rights on computers that are running Microsoft Windows 2000 operating system.
Intrusion Detection Systems (IDS) Part I - (network intrusions; attack symptoms; IDS tasks; and IDS architecture)
Due to a growing number of intrusions and since the Internet and local networks have become so ubiquitous, organizations increasingly implementing various systems that monitor IT security breaches. Intrusion Detection Systems (IDS) are those that have recently gained a considerable amount of interest. This is an introductory article to this topic. It gives an overview of several types of detectable attacks, symptoms that help in intrusion detection, describes IDS tasks, different architectures and concepts in this field.
Best Regards,
Stephen Chetcuti
ISAserver.org - MSExchange.org - WindowSecurity.com - ServerFiles.com - NTfaxFAQ.com
No comments:
Post a Comment
loan709@yahoo.com