How Hackers Protect Themselves From Getting Hacked. When Adrian Lamo goes online, he leaves nothing to chance.
To log in to personal accounts, he uses a digital password generator -- a plastic key chain-like device that displays a new string of digits every 60 seconds. He adds an extra layer of security to some accounts by entering a special code that he receives via text message. And he uses browser extensions to avoid downloading malware by accidentally visiting dangerous Web sites. Some techniques “may seem like a ‘Mission Impossible’ level of security to the average user," Lamo said. But the average user could learn a thing or two from hackers like Lamo, who are not only skilled at breaking into others' PCs, but have devised sophisticated -- in some cases, extreme -- methods for protecting their own. It has become increasingly easy to fall victim to hackers, from downloading malicious email attachments to logging in to fake banking sites.
Two summers ago, I attended DefCon, which Moss hosts every August in a Las Vegas hotel. Security and hacking. Security. Web Security Dojo - Training Environment for Web Application Security Penetration Testing. Colección de herramientas de "pentesting" para entornos Windows. Wire Shark. 6 free network vulnerability scanners. Though you may know and follow basic security measures on your own when installing and managing your network and websites, you'll never be able to keep up with and catch all the vulnerabilities by yourself.
Vulnerability scanners can help you automate security auditing and can play a crucial part in your IT security. They can scan your network and websites for up to thousands of different security risks, producing a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can even automate the patching process. + ALSO ON NETWORK WORLD 8 free Wi-Fi security tools + Though vulnerability scanners and security auditing tools can cost a fortune, there are free options as well. 1. The Open Vulnerability Assessment System (OpenVAS) is a free network security scanner platform, with most components licensed under the GNU General Public License (GNU GPL). The OpenVAS Manager controls the scanner and provides the intelligence. 2. 3. 4. Understanding and selecting authentication methods.
If you are serious about computer/network security, then you must have a solid understanding of authentication methods.
Debra Littlejohn Shinder takes a moment to lay out the role authentication plays in a security plan. Computer/network security hinges on two very simple goals:Keeping unauthorized persons from gaining access to resourcesEnsuring that authorized persons can access the resources they needThere are a number of components involved in accomplishing these objectives. One way is to assign access permissions to resources that specify which users can or cannot access those resources and under what circumstances. (For example, you may want a specific user or group of users to have access when logged on from a computer that is physically on-site but not from a remote dial-up connection.) Access permissions, however, work only if you are able to verify the identity of the user who is attempting to access the resources.
How does authentication work? Five free network analyzers worth any IT admin's time. If you work on a network, you then know the value of information.
Solid information leads to a strong and worry-free network (or at least as worry-free as you can manage). In order to gather that information, you need the right tools. The tools I speak of are network analyzers. Once you start looking, you can find analyzers of every shape, size, and price. But for most network admins, the free tools do a solid-enough job to get you the information you need. But which of these tools are the best? This blog post is also available as a TechRepublic Photo Gallery. Five Apps 1. Wireshark is one of the most powerful network protocol analyzers on the market (free or paid). NAST (Network Analyzer Sniffer Tool) is an ncurses-based tool that has, admittedly, not been under development for quite some time. 3. Zenmap is the official GUI for the Nmap Security Scanner.
Nmap - Free Security Scanner For Network Exploration & Security Audits. IPv6: The security risks to business. Predictions about when the world will end are about as consistent as the predictions about when IPv4 internet addresses will finally run out, but some IT security professionals say that is really the least of our worries.
A much bigger concern, they say, should be the security holes that will open up in many business organisations as the world moves over to internet protocol version six (IPv6). This is an important aspect of the changeover that has been lost in all the hype around how IPv4 is about to run out of IP addresses assigned to each internet-connected device because of the explosion of internet users, devices and web services. IPv6 will solve this problem because it provides over four billion times more addresses than IPv4, but in solving that problem, it could expose businesses to cyber attacks as hackers use IPv6 to bypass security controls and filters designed and configured for IPv4 traffic. IPv6 attacks likely to increase with adoption Security advantages of IPv6 Email Alerts.
Understanding and selecting authentication methods.