Wednesday , November 21 2018

March, 2018

  • 18 March

    Hardening DNS Servers

    Hardening DNS Servers

    Hardening DNS Servers: Domain Name Service (DNS) servers resolve hostnames to IP addresses. This service allows a website name such as www.sybex.com to be resolved to an IP address such as 192.168.1.110. NOTE: A registrar manages your domain name, and most require an annual renewal fee. If these fees are …

  • 17 March

    Hardening FTP Servers

    Hardening FTP Servers

    Hardening FTP Servers: File Transfer Protocol (FTP) servers are not intended for high-security applications because of their inherent weaknesses, Most FTP servers allow you to create file areas on any drive on the system. You should create a separate drive or subdirectory on the system to allow file transfers. If …

  • 15 March

    Hardening Email Servers

    Hardening Email Server: Email servers provide the communications backbone for many businesses they typically run either as an additional service on an existing server or as dedicated systems. Putting an active virus scanner on email servers can reduce the number of viruses introduced into your network and prevent viruses from …

  • 14 March

    Securing the Network

    Securing the Network

    Securing the Network: Obviously, network security is broad topic, and it will be addressed throughout these articles However, there are some essential concepts identified on the CompTIA Security + exam that are discussed in this section: MAC Limiting and Filtering: Limit access to the network to MAC addresses that are …

  • 13 March

    The Private – Public – Community and Hybrid Cloud

    The Private – Public – Community and Hybrid Cloud

    Private Cloud: According to NIST, a private cloud is defined as follows: The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it …

  • 12 March

    WRITING THE PENETRATION TESTING REPORT

    WRITING THE PENETRATION TESTING REPORT

    Writing the Penetration Testing Report: Like every other topic we have discussed, writing a good penetration testing report takes practice. Many penetration testers mistakenly think that they can simply provide the raw output from the tools that they run. This group of people will often collect and nearly organize the …

  • 11 March

    WIRESHARK: SNIFFING NETWORK TRAFFIC

    WIRESHARK: SNIFFING NETWORK TRAFFIC

    Sniffing Network Traffic: Another popular technique that can be used to gain access to systems is network sniffing. Sniffing is the process of capturing and viewing traffic as it is passed along the network. Several popular protocols in use today still send sensitive and important information over the network without …

  • 10 March

    SIFTING THROUGH THE INTEL TO FIND ATTACKABLE TARGETS

    SIFTING THROUGH THE INTEL TO FIND ATTACKABLE TARGETS

    Sifting Through the Intel to Find Attackable Targets: Once you have completed the steps in previously articles, you need to schedule some time to closely review all the reconnaissance and information you have gathered. In most cases, even light reconnaissance should produce a mountain of data. Once the reconnaissance step …

  • 9 March

    FIERCE: WHAT TO DO WHEN ZONE TRANSFERS FAIL

    FIERCE: WHAT TO DO WHEN ZONE TRANSFERS FAIL

    Zone Transfers Fail: As we have previously discussed, most administrators are savvy enough to prevent random people from completing an unauthorized zone transfer. However, all is not lost. If your zone transfer fails, there are dozens of good DNS interrogation tools. Fierce is an easy to use, powerful Perl script …

  • 8 March

    Extracting Information From DNS

    Extracting Information From DNS

    Extracting Information from DNS: DNS servers are an excellent target for hackers and penetration testers. They usually contain information that is considered highly valuable to attackers. DNS is a core component of both our local networks and the Internet. Among other things, DNS is responsible for the process of translating …