The recent MyDoom Worm successfully infected enough victims in order to shut down SCO's web site, followed by new variants that targeted Microsoft's web site. This paper isn't intended to discuss the motives of the author, instead it will help you understand how worms enter your network, how you can block them before they even reach your internal network, and how to act in case they get in.
One of the things that drove many of us crazy about ISA Server 2000 firewalls was the lack of support for IPSec tunnel mode site to site VPN links. This was a major problem for ISA firewall administrators who wanted to bring ISA firewalls into the corporate network by placing one at a branch office. These firewall admins reasoned that if they could bring the ISA firewall into the branch office, they would be able to show off its strong application layer filtering and user/group based authentication, and then they’d be able to bring the ISA firewalls into the Main office. ISA 2004 firewalls fix this problem. Check inside to find out how!
In this article we'll discuss the claim made by proponents of open source software that such software is more secure. Is open source really inherently more secure than closed source commercial software? If so, why? And if not, why do so many have that perception?
In this article, we’ll take a look at some of the factors you should consider when buying a firewall, features available on some of the most popular offerings, and how to compare the real cost of each (hint: the initial purchase price is only a starting point).
Windows Server 2003 includes a number of interesting and useful new features, and one that will be especially helpful to administrators who are struggling with a way to keep a large number of systems updated with the appropriate patches and fixes is the Software Update Service (SUS). SUS can also run on Windows 2000. In this article, we’ll describe how SUS works and give you some pointers on deploying SUS within your organization.
The daily deluge of unsolicited commercial or offensive messages (more commonly known as spam) comprises one of the biggest problems facing network administrators and users today. In this article, we will examine how spam presents a security threat to your network, and we’ll discuss the most effective way to deal with it: a multi-layered or “defense in depth” approach that addresses spam at the firewall, server and client levels.
ALF, not a nickname for Alfred but an acronym for Application Layer Filtering, is one of the hottest new buzzwords in a jargon-laden security subfield: firewall technology. Firewall vendors are rushing to implement ALF into their firewall products, and/or beefing up their ALF implementations to compete with those of other vendors. But exactly what is ALF and is it a “must have” feature to look for when you buy a firewall, or just another bit of marketing hype?
Web servers, by their very nature, are usually exposed to outsiders and thus are vulnerable to compromise and attack. Internet Information Services (IIS) version 6, included with Windows Server 2003, provides a number of new security features designed to increase web server security. One of these is URL authorization, which works in conjunction with Server 2003’s Authorization Manager. In this article, we’ll take a look at how URL authorization is implemented in IIS 6.0, the practicalities of using it in your web services environment, and how it enhances the security of your web sites and services.
Microsoft’s Windows Terminal Services (built into Windows 2000 Server and Windows Server 2003) and Windows XP’s Remote Desktop, which is based on Terminal Services, provide an easy, convenient way for administrators to implement thin computing within an organization or for users to connect to their XP desktops from a remote computer and run applications or access files.
This article will focus on the applications that are installed on your network and home computers, which many security professionals and organizations do not know exist. These applications run in a discrete background operation and function as a spy reporting on user activity and habits that are recorded in day to day use of the computer system.
