Security
Get flash to fully experience Pearltrees
OpenDNS - What is OpenDNS and Why You Absolutely Need It ?
OpenDNS Review – learn the advantages of OpenDNS and how this service can make internet a safer place for you and your family. Its OpenDNS not OpeDSN. When you type an address like www.yahoo.com in your browser address bar, the computer doesn’t know where yahoo.com points to and it will therefore ask the DNS server. The job of a DNS server is to translate this human-readable web address (like www.yahoo.com) into a computer-readable number also known as an IP address (209.131.36.158). Once your computer knows the IP location of a web domain name, it opens the website in your browser. DNS is such an integral part of our Internet life working behind the scenes every time we connect to a website.
SSL
Disabling USB Storage With Group Policy
<a href="http://adserver.adtechus.com/adlink/3.0/5159/425846/0/16/ADTECH;loc=300;key=key1+key2+key3+key4;grp=[group]" target="_blank"><img src="http://adserver.adtechus.com/adserv/3.0/5159/425846/0/16/ADTECH;loc=300;key=key1+key2+key3+key4;grp=[group]" border="0" width="1" height="1"></a> by Mitch Tulloch 11/15/2005 The security threat posed to companies by USB flash drives has been known for some time now. LabMice has a good summary of both the tremendous usefulness of these devices and the dangers they pose to businesses, both in terms of being a potential malware vector and a channel for stealing sensitive information from companies. What can be done to prevent such misuse of technology? Policy FirstHow to disable USB sticks and limit access to USB storage devices on Windows systems | Diary Products - Hannes Schmidt
Submitted by Hannes Schmidt on Sat, 08/20/2005 - 09:50. USB storage - a possible security risk? Decent IT administrators secure their networks behind firewalls. They install mail filters on their SMTP servers and deploy anti-virus software on all client workstations. But securing the network is not sufficient -- what happens if the users bring their own USB memory sticks and connect them to the computers at their office?
Recently our company was working on a custom authentication scheme for users of a web - based application. It was suggested that we use the native NTLM user database to make an additional security check for the credentials of incoming users. However there were two important differences: 1) All users log on using a custom component, and their username and password are transmitted as elements of an authentication XML document that is passed to a service provider component. They are running their browsers under the IUSER account on the main webserver, so traditional browser authentication methods couldn't be used. 2) We didn't want to have to pop up a native NT login dialog box in order to force login to check the user against the NT User database since they had already "logged in" under our custom component.
Authenticate users Transparently
Digital certificate warnings in Web browsers are not an effective security measure, according to Carnegie Mellon researchers. The researchers, who plan to present their findings on August 14 at the Usenix Security Symposium in Montreal, found over the course of two experiments that certificate warnings were ineffectual. The warnings appear when a browser detects a problem with a Web site's certificate and arrive as a pop-up with a message such as: "There is a problem with this Web site's security certificate." In an online study conducted among 409 participants, the researchers found that the majority of respondents would ignore warnings about an expired Secure Sockets Layer (SSL) certificate.
Web users ignoring security certificate warnings | Security
A Stick Figure Guide to the Advanced Encryption Standard (AES)
(A play in 4 acts. Please feel free to exit along with the stage character that best represents you. Take intermissions as you see fit. Click on the stage if you have a hard time seeing it. If you get bored, you can jump to the code .