Security Folks: The mission of this site is to assist security folks in their endeavors. If you know the answer to any of the users questions, please take time to respond with the answer. You can also submit security related tips, tricks and articles on this site.
There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments.The members of this culture originated the term ‘hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers run Usenet. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you're a hacker.
The purpose of this article is to help in troubleshooting VRRP related issues on NOkia Checkpoint Firewalls. One of the most common problems faced in Nokia VRRP Implementations is that interfaces on active and standby firewalls go into the master master state. THe main reason for this is because the individual vrids of the master and backup firewall are not able to see the vrrp multicast requests of each other.
After determining the initial state of insecurity in an existing corporate firewall, the following discusses the process of building a hardened Solaris 8 Sun clone with SSH connectivity for remote firewall console access with Checkpoint NG FP1 firewall, an upgrade to FP3 then HF2, hardened further with JASS, and the last step remote syslog. Discussed below is the detailed account of the pre-existing insecurity, a brief note of the catalytic event precipitating the actual changes to the firewall, a discussion of the implementation, and the results and ultimate success of the procedure "hardening" the corporate firewall.
This article shows how to recover password in a Nokia Checkpoint Firewall.
Network Address Translation, or NAT as commonly referred to, was initially designed as a temporary fix, before IPv6, to allow additional workstations to access routable networks across the Internet, without utilizing a routable, or valid IP address. NAT is simply defined as connecting multiple computers to the Internet, using one IP address. Today, a multitude of proxies, firewalls, VPN devices, routers and SOHO devices now use NAT to allow internal hosts to the Internet. This document will examine how NAT is implemented, specifically on Checkpoint Firewall-1 4.1 for Windows NT 4.0.
Intrusion detection systems have come a long way over the past few years. Almost all organizations have some sort of intrusion detection system (IDS) running at the network and/or host-based level, and almost every IDS will automatically report bad or anomalous behavior via a console and e-mail or paging.If configured properly, the IDS will do a good job of catching intrusion events that it knows about. It's typically the job of the security staff to monitor these events and report any problems to the manager and/or network administrator.
Finding and fixing vulnerabilities on your systems is not a task you can complete once and then cross off your list�it's an ongoing process that requires diligence and consistent attention. There's never a point when you can feel confident you've discovered every possible vulnerability.Of course, you've hopefully signed up to receive notifications on patches and security updates for every product deployed on your organization's network, which can go a long way toward keeping things secure. However, the only way you can verify that you've successfully closed the vulnerabilities is to perform a vulnerability assessment.
Patch management is an issue that will always plague your organization's network. There will always be patches, updates, and security fixes to apply. Unfortunately, there will not always be unlimited time to evaluate and distribute fixes to close a security hole that attackers are currently exploiting.
The goal of this article is to present a few effective methods to revamp the way you work in a restricted corporation-like network. In order to achieve it we’re going to use SSH tunneling to bypass the firewall rules applied by your system administrator. We’ll start with breaking through simple restrictions and gradually pass to more and more elaborate firewalls while we move on.
Securing your organization's LAN and WAN traffic from prying eyes is an ongoing struggle. In the past, I've written about securing that traffic using IPSec policies. If you followed my recommendations, then good for you!But what if you've been experiencing problems with your IPSec implementation? We can usually trace most IPSec problems to difficulties during the Internet Key Exchange (IKE) phase of authentication.
I think everyone has heard of this one, recently evolved into the 4.x series.
Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.
Takeaway: In Windows Vista, Microsoft has bolstered the security of the Windows Firewall, keeping the GUI accessible through the Control Panel for novice users but allowing savvy users to configure advanced features through an MMC snap-in. Here are some of the highlights.
This article is also available as a PDF download.
Microsoft has made significant changes to the Windows Firewall in Vista that enhance security and make it more configurable and customizable for advanced users, while retaining the simplicity required by novices. Here are some key aspects of the changes.
The Data Encryption Standard (also known as DES) is a cipher (method of encryption) selected as an official Federal Information Processing Standard (FIPS) for the U.S in 1976, and was subsequently used internationally as a widespread encryption method. The algorithm was initiall controverssial, with classied design elements, a relatively short key length annd suspicions about a National Security Agency (NSA) backdoor. DES consequently came under intense academic scrutinty and motivated the modern understanding of block ciphers and their cryptanalysis.
Takeaway: Whether you are talking security or user experience, properly configuring any VPN connection is essential. Here are the basic configuration steps you need to take when configuring the SonicWALL PRO 1260 series router for VPN tunneling.
This article is also available as a TechRepublic download.
Hundreds of thousands of organizations turn to SonicWALL hardware to fulfill their firewall and network switching needs. SonicWALL firewalls also power effective VPN connections, providing secure remote access for everyone from mobile employees to executive staff.