As much as we would all like to say that our systems are impenetrable, the truth of the matter is that they aren’t. No matter how much we patch, upgrade, and tune our systems, there are still vulnerabilities that have yet to be discovered. There is always the chance that some recently discovered exploit will be used against your system(s) before a patch is even available from your vendors. That being said, let’s take a look at what your first responses to a break in should be. […]
In our last issue, we looked at what data you need to collect before attempting to build a Linux kernel. This is very important information so you may want to take a look at the first article if you are a little rusty. I have also written an article about using the command line in Linux that may be helpful for you. […]
More often than not, when your machine has been the victim of a cracker’s attack, the best solution is to completely reinstall the operating system, being sure to apply all relevant patches to the machine. In other words, go to your software vendor’s website and double-check all of the security announcements and patches… you may have been hit by a brand new exploit. I have many times been asked if a complete reinstall is absolutely necessary. The short and simple answer is “yes”. […]
First of all let’s look at ports and what they are. When two machines across a TCP/IP network communicate with each other via a service (such as NetBIOS, HTTP, FTP, etc…) each machine will need to know not only the IP address but the port number that translates to the service that is being used. For instance, when someone is “surfing the web” the service that they will be using will be HTTP, which uses port number 80 by default.
Most port numbers can be changed so that vulnerable services can be disguised by using a non-standard port number. For instance, if you knew that certain software exposed a vulnerability in a service, you could try to change the port number in order to circumvent that weakness. However, you would need to be sure all machines on the network are configured as such in order to continue using the service. […]
Most cracks involve a tool as simple as a Trojan horse, which will leave a backdoor account open to the cracker. Young teenagers have been known to utilize such tools effectively, even against corporate giants. It is because of these types of attacks that users (even if it is your family hooked up to a small LAN on a cable modem) need to be educated about some basics that will stop most typical hackers. First of all, lets talk about passwords. Many of these tools that I have mentioned will expose null passwords. This means that if you do not enter a password when you log in, these scanners will show that to the potential offender, and then the hacker can easily take control of your system. […]
Remote Installation Services (RIS) is a tool included with Windows 2000 Server products that is used to install Windows 2000 Professional over a network. I have heard that this can/may work with Windows 2000 Server now (it did not in the past), but I have not tried it and cannot verify that it does work. […]
Today’s article is about security (authentication in particular) in PostgreSQL, the most advanced open-source database available anywhere (as its developers claim!!). So what about it? We know that security is a very important concern in the present day IT world. It’s no different with databases. […]