|
Written by LE Webmaster
|
|
Wednesday, 26 January 2005 |
Port scanning is way too common on the internet these days to get your knickers in a rut over. People might be interested to see this kind of thing on a home machine, but if you run a popular server on the internet and you checked back against every port scan launched against you, you will not get anything done, and for no good reason considering most port scans are harmless. Also note that port scan detection and NIDS in general are no replacement for firewalling, they are complementary. A firewall should by default deny all traffic except those that are allowed explicitly (sometimes that might include allowing all outgoing connections). An NIDS should be run on a machine that can see all the traffic that gets past the firewall, preferably not on the firewall machine itself because NIDS can be quite performance intensive. This way your NIDS will only report traffic that might possibly be a threat because it made it past your firewall.
 Be first to comment this article |  Add as favourites (40) | Read more...
|
|
Written by Bart Eers
|
|
Wednesday, 12 January 2005 |
Most people are familiar with the term firewall and realize that it is a device or system that keeps unwanted people and data out of computer systems or networks. However, the word means slightly different things to different people. This can lead to difficulty when discussing the concept. If you ask home users whether they have a firewall, they will probably think first of a software program installed on their home computers, like BlackICE Defender or ZoneAlarm, referred to as personal firewalls. At most they might have a Linksys dedicated router/firewall. These utilities range in price from $50 to 100. Ask a small office network administrator about firewall, and the person will probably think of something like the NETGEAR or NetScreen router/firewall, or a stronger, dedicated router/firewall system running software like SmoothWall or Astaro Linux. These are often referred to as small office/home office (SOHO) firewalls and cost anywhere from $100 to a few hundred dollars. Meanwhile, if an enterprise security specialist is asked what firewall means, he or she will think more of the heavy-duty enterprise network firewall systems such as a Cisco PIX, Check Point, or SunScreen, costing hundreds to thousands of dollars.
Comments (1) | Add as favourites (56) | Read more... |
|
Written by Informer
|
|
Wednesday, 02 June 2004 |
Recently much attention has been paid to e-mail viruses transmitted by flaws in
certain client software. Up the line from most of those clients, however, is a
larger-scale server that transmits mail across the Internet. Some might say that
security starts at the server. Some of these servers process millions of
messages during a week’s time how do you know if the server is secure?
Be first to comment this article | Add as favourites (49) | Read more... |
|
|
Written by LE Webmaster
|
|
Wednesday, 03 March 2004 |
A DoS (Denial of Service) could be described as an attempt to prevent legitimate
users of a particular service to access that service (resource). This includes
flooding the network, attempts to disrupt connections of machines in order to
block the use of service, attempts to block particular user or system to use the
service on server or client side. The server outages doesn't of course
necessarily need to be the result of malicious DoS, also the outage may be
caused by the attack indirectly (attacker's aim wasn't to block particular
service, but a nature of the attack blocked it unexpectedly). DoS can
effectively disable your computer, network or whole organizations from use of
the Internet. It can as well block a particular service. That's why it is
important to know, how to prevent such type of attacks, and what actions to take
when being attacked.
Be first to comment this article | Add as favourites (50) | Read more... |
|
|
Written by LE Webmaster
|
|
Friday, 06 February 2004 |
Regardless of the type of firewall you deploy, you will have to test and
maintain it carefully.You need to actively monitor your firewall so that you can
discover scanning attacks, connection attempts, and general weaknesses. Of
course, you will have to scan your firewall to ensure that all extraneous ports
and daemons are closed.You can use a scanner such as Nessus (www.nessus.org) to
do this. However, even an application such as Nessus cannot implement the
specific attacks necessary to truly test your firewall. You may never know that
a hacker has entered your network unless you carefully monitor your firewall
logs. Doing so is sometimes an unglamorous, thankless job. However, using
applications such as Firedaemon and Fwlogwatch, you can receive automatic
alerts. Fwlogwatch can even automatically reconfigure your firewall for you in
case of a scanning attack. Even if you choose to not automatically block traffic
Be first to comment this article | Add as favourites (68) | Read more... |
|
|
<< Start < Prev 1 2 3 Next > End >>
|
