Robert J. Shimonski

Defining a Security Policy

Security Polices are a necessary evil in today’s enterprise networks. Without a Security Policy, you leave yourself open and vulnerable to a lot of political attacks. In this article, we will begin to look at all the measures you will need to deploy to successfully define a security policy.

Minimizing Security Incidents

One of the most pertinent strategies you can implement is one of minimizing the number and of course the severity of Security incidents. One of the biggest issues that I see when looking at security infrastructure is the fact that there is not a great deal of effort put into the possibility that there may even be a problem. In fact, most times when I come to an organization, security is not even something anyone really gave a lot of thought to. Because of this, many security problems linger in the darkness of the networks in questions.

SMBDie: Crashing Windows Servers with Ease

In this article, we will look at Windows based Security tools, and in this article, we will look at how to easily crash a Windows server in about 5 seconds. What is SMBDie? SMBDie is a tool (proof of concept) that was created to exploit a problem with the Windows operating system and when activated, will crash and Blue Screen the server immediately.

Make an Incident Response Plan

Incident Response is when a problem occurs, it is identified and then you need to respond to it. Responding to such an incident would be deemed “Incident Response” and you need to know the underlying concepts to Incident Response for be able to run your network efficiently. In this article, we will look at all the underpinnings of Incident Response, Chain of Custody and how to deal with a problem that occurs on a Microsoft based network.

Denial of Service 101

A denial of service (DoS) attack is an incident in which a user or organization is deprived of the services of a resource they would normally expect to have. Typically, the loss of service is the inability of a particular network service, such as e-mail, to be available or the temporary loss of all network connectivity and services. In this article we will look at a DoS and a DDoS which is a “Distributed Denial of Service” attack where the attack comes from multiple hosts, not just one host, to maximize the resulting devastation.

Risk Assessment and Threat Identification

Although you’ve gathered a considerable amount of data to this point, you will need to analyze this information to determine the probability of a risk occurring, what is affected, and the costs involved with each risk. Once you’ve identified the risks that can pose a probable threat to your company, and determined how much loss can be expected from an incident, you are then prepared to make decisions on how to protect your company.

What You Need to Know About Intrusion Detection Systems

Firewalls and other simple boundary devices lack some degree of intelligence when it comes to observing, recognizing, and identifying attack signatures that may be present in the traffic they monitor and the log files they collect. Without sounding critical of such other systems’ capabilities, this deficiency explains why intrusion detection systems are becoming increasingly important in helping to maintain proper network security.

Scroll to Top