Skip navigation.
Security Folks: The mission of this site is to assist security folks in their endeavors. If you know the answer to any of the users questions, please take time to respond with the answer. You can also submit security related tips, tricks and articles on this site.

10 things you should know about Internet Explorer 7 Security

Takeaway: Internet Explorer 7 is designed to make browsing safer. Here's a quick rundown of some of the new security features, including Active X opt-in, the Phishing Filter, cross-domain security, enhanced privacy protection, and an international character alert.

New Windows attack can kill firewall

The code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows' Internet Connection Service (ICS). This service allows Windows users to essentially turn their PC into a router and share their Internet connection with other computers on the local area network (LAN.) It is typically used by home and small-business users.

How to Hack a Window XP Admins Password

This is a cool little trick I’ve picked up in my travels and decided to share it with you fine and ethical individuals =). Log in and go to your DOS command prompt and enter these commands exactly:
mkdir temphack
copy logon.scr temphack\logon.scr
copy cmd.exe temphack\cmd.exe
del logon.scr
rename cmd.exe logon.scr

Using the capture command in a Cisco Systems PIX firewall.

A vital tool to use when troubleshooting computer networking problems and monitoring computer networks is a packet sniffer. That being said, one of the best methods to use when troubleshooting connection problems or monitoring suspicious network activity in a Cisco Systems PIX firewall is by using the capture command. Many times Cisco TAC will request captures from a PIX in PCAP format for open problem tickets associated with unusual problems or activity associated with the PIX and the network.

Beginner's Guide to Wireless Auditing

Since our talks at Black Hat Vegas and DEFCON, Jon Ellch and I have been peppered with questions regarding how to find vulnerabilities in wireless device drivers and the specific techniques that were employed. Rather than answer these questions one at a time, an article seemed a better course of action. In this first article, we will discuss how to build an auditing environment, how to construct fuzzing tools and, finally, how to interpret the results.

How to fix Check Point High Availability State Synchronization

The purpose of this article is to show how to fix state sync Issues in a Checkpoint High Availability environment. In a HA configuration, one firewall acts as the primary and the other a secondary firewall. This is also known as a Master-Backup scenario.The state tables of the Master is replicated onto the secondary firewall only if state sync is working between the two firewalls. Where the sync is broken, in case of a failover the existing sessions will be dropped. The sync can stop working for several reasons. These are a few ways of fixing the sync between two firewalls:

An Illustrated Guide to IPsec

IPsec is a suite of protocols for securing network connections, but the details and many variations quickly become overwhelming. This is particularly the case when trying to interoperate between disparate systems, causing more than one engineer to just mindlessly turn the knobs when attempting to bring up a new connection.

Armoring Solaris

Firewalls are one of the fastest growing technical tools in the field of information security. However, a firewall is only as secure as the operating system it resides upon. This article will take a step by step look at how you can best armor your Solaris box, both Sparc and x86. These steps can apply to any situation, however I will be using Check Point FireWall-1 on Solaris 2.6 as an example. At the end of this article is a script that you can download that will automate most of the armoring process, to include implementing TCP Wrappers.

Firewall Analysis and Operation Methods

This white paper shows how to meet the challenge of low fiscal impact by using open source tools and re-purposing equipment in-hand. The challenge of low service impact was met through three layers of analysis before cutover. The methods used to develop this analysis are structured for re-use in other firewall projects and presented for use by others with similar challenges.

Nmap Tutorial

This tutorial is a comprehensive guide to the features provided by the Nmap Port Scanner. It is meant as an introduction for new users, a reference on new and existing features for experienced users, and an FAQ list. It is not intended as a replacement for the Nmap Manual Page, but more as a supplement to it.

How to restart the fwd process in Checkpoint Firewalls

There are times when you have to restart the fwd deamon. You might have to restart this in case the firewall starts logging locally, or you encounter a runaway process where the firewall experiences high CPU, or other instances where the firewall might start dropping packets for not so well known reasons.You can use this command to restart the Firewall deamon, fwd process using the watchdog services.

Check Point's dollars catch Sourcefire

Check Point Software Technologies plans to acquire intrusion prevention company Sourcefire in a $225 million deal, as it seeks to expand beyond its core firewall and virtual private network businesses.

Windows Firewall flaw may hide open ports

A flaw in Windows Firewall may prevent users from seeing all the open network ports on a Windows XP or Windows Server 2003 computer.
The flaw manifests itself in the way the security application handles some entries in the Windows Registry, Microsoft said in a security advisory published Wednesday. The Windows Registry stores PC settings and is a core part of the operating system.

10 tips to secure client VPNs

If you have given your trusted employees and key contractors remote access to your network via a client virtual private network (VPN), congratulations! By now, you have seen the productivity and cost benefits from allowing collaboration that surmounts geographical separation.

How to defeat the new No. 1 security threat: cross-site scripting

Cross-site scripting, often abbreviated XSS, is a class of Web security issues. A recent research report stated that XSS is now the top security risk.
In a typical XSS scenario, a Web page might use JavaScript to dynamically generate some document content based on a field in a Uniform Resource Identifier (URI). In the normal course of events, the site itself would generate legitimate information for that field.




Syndicate content