Archive for July 2014

Keylogger

          



   A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer's keyboard. As a hardware device, a keylogger is a small battery-sized plug that serves as a connector between the user's keyboard and computer. Because the device resembles an ordinary keyboard plug, it is relatively easy for someone who wants to monitor a user's behavior to physically hide such a device "in plain sight." (It also helps that most workstation keyboards plug into the back of the computer.) As the user types, the device collects each keystroke and saves it as text in its own miniature hard drive. At a later point in time, the person who installed the keylogger must return and physically remove the device in order to access the information the device has gathered.
              A keylogger program does not require physical access to the user's computer. It can be downloaded on purpose by someone who wants to monitor activity on a particular computer or it can be downloaded unwittingly as spyware and executed as part of a rootkit or remote administration (RAT) Trojan horse. A keylogger program typically consists of two files that get installed in the same directory: a dynamic link library (DLL) file (which does all the recording) and an executable file (.EXE) that installs the DLL file and triggers it to work. The keylogger program records each keystroke the user types and uploads the information over the Internet periodically to whoever installed the program.

              Although keylogger programs are promoted for benign purposes like allowing parents to monitor their children's whereabouts on the Internet, most privacy advocates agree that the potential for abuse is so great that legislation should be enacted to clearly make the unauthorized use of keyloggers a criminal offense.
Monday, 28 July 2014
Posted by Unknown

CISCO SECURITY



Take Advantage of the Cisco Technology Migration Program
Get 15 percent credit for trading in competitive web security products.  the Cisco Web Security Competitive Technology Migration Program today.

Today's enterprise needs to use the power of the web without undermining business agility or security. Securing every device that crosses the enterprise network means implementing an architecture that is adaptive and responsive to today’s security attacks.

Improve your web security posture and take advantage of this migration program to experience:
·    Simplified deployment to protect users and customers
·    Exceptional web security, optimized for all users in any location
·    Excellent visibility, reporting, and control
·    Reduced costs and an extended value of the existing infrastructure
·    Flexible and effective policy controls
Understand more about web security for today's business environment and learn how to improve your security posture.


Monday, 21 July 2014
Posted by Unknown
Tag :

Security Testing





Security testing verifies whether a system under test only allows designated users and processes access to business functionality and data.  Security Testing should verify that the business security is maintained through test conditions that verify a system's integrity and confidentiality during active attacks (Penetration Testing) and during passive states.  Security testing should also validate whether a system's authentication processes provide transmission and access to verified and measured resources.
·         Identify and remove vulnerabilities in applications and networks
·         Assess and mitigate risks
·         Meet regulatory and compliance requirements of business
Testing Performance provide a hardware testing solution to inject load and active attacks against your firewalls.
Firewall Testing Services:
There is no test more robust to ensure the security of your systems and to ensure that your firewall solutions are fit for purpose. The testing can be conducted on-site, in a controlled testing environment, or off-site at a testing lab.This combination of load testing and security testing will provide you with a comprehensive set of test results that clearly demonstrates the performance characteristics of your firewalls.


Friday, 18 July 2014
Posted by Unknown

Windows Server 2008 Security


Windows Server 2008 includes an impressive array of new security applications and features that further enhance enterprise deployments, particularly within hostile environments or under potentially threatening scenarios. Today’s Internet is a brightly illuminated world that casts shadows, and from those shadows arise criminal aspirations that seek to infiltrate, pilfer, and undermine Internet-accessible businesses. Microsoft has stepped up its Windows Server 2008 defenses to better serve the computing public that can’t always defend against unforeseen, persistent, or stealthy attack.




The following paragraphs briefly summarize some of the new and newly enhanced security features of the Windows Server 2008 family:

• Bit Locker Drive Encryption is a security feature of both Windows Vista and Windows Server 2008 (again sharing a common base) to provide strong cryptography protection over stored sensitive data within the operating system volume. Bit Locker encrypts all data stored in the Windows volume and any relevant configured data volumes, which includes hibernation and paging files, applications, and application data. Furthermore, Bit Locker works in conjunction with Trusted Platform Module (TPM) frameworks to ensure the integrity of protected volumes from tampering, even — and especially — while the operating system isn't operational (like when the system is turned off).

• Windows Service Hardening turns Internet-facing servers into bastions resistant to many forms of network-driven attack. This restricts critical
Windows services from performing abnormal system activities within the file system, registry, network, or other resources that may be leveraged to install Malware or launch further attacks on other computers.

• Microsoft Forefront Security Technologies is a comprehensive solution that provides protection for the client operating system, application servers, and the network edge. In the Forefront Client Security role, you may provide unified malware protection for business notebooks, workstations, and server platforms with easier management and control. Server security can fortify Microsoft Exchange messaging environments
or protect Office SharePoint Server 2007 services against viruses, worms, and spam.

• Internet Security and Acceleration (ISA) Server provides enterprise worthy firewall, virtual private network (VPN), and Web caching solutions to protect IT environments against Internet-based threats. Microsoft’s Intelligent Application Gateway is a remote-access intermediary that provides secure socket layer (SSL) application access and protection with endpoint security management.

• User Account Control (UAC) enables cleaner separation of duties to allow non-administrative user accounts to occasionally perform administrative tasks without having to switch users, log off, or use the Run As command. UAC can also require administrators to specifically approve applications that make system-wide changes before allowing those applications to run. Admin Approval Mode (AAM) is a UAC configuration that creates a split user access token for administrators, to further separate administrative from non-administrative tasks and capabilities.

• Windows Firewall and Advanced Security is an MMC snap-in that handles both firewall and IP Security (IPSec) configurations in Windows Sever 2008. This edition is the first to have the Windows Firewall enabled by default. It can create filters for IPv4 and IPv6 inbound or outbound traffic and protect information entering or exiting the computer through IPSec. This component replaces both the firewall applet and the IPSec and IPSec-related tool sets.


• Network Access Protection (NAP) is a policy enforcement platform built into Windows Server 2008 that maintains a social health order for the network environment by specifically requiring that connecting client computers meet certain criteria. Such requirements include having a current, functional firewall enabled with recent operating system updates already in place. NAP helps create custom health code requirements driven through policy enforcement to validate compliant computers before making any connections to the protected network.
Sunday, 6 July 2014
Posted by Unknown

Follow by Email

Total Pageviews

- Copyright © REDBACK COUNCIL - RISC -- Powered by Redback - Designed by Redback Council -