SearchSecurity: Network Security Tactics

How to prevent iPhone spying: mobile phone management tips

Michael Cobb, Contributor — Tue, 16 Mar 2010 08:27:59 EST

So you have an iPhone, you don't access the Internet, you use a PIN to authenticate and you never let the device out of your site. Michael Cobb explains why iPhone spying still isn't out of the question.

Scapy tutorial: How to use Scapy to test Snort rules

Judy Novak, Contributor — Tue, 09 Mar 2010 08:37:42 EST

When creating Snort rules, it's often difficult to test them before they go live. In this Scapy tutorial, Judy Novak explains how to use Scapy, a tool that simplifies packet crafting, to test new Snort rules.

Securing naming and directory services for application defense-in-depth

Corey Scott, Contributor — Tue, 02 Mar 2010 08:44:28 EST

There are several aspects of naming and directory services when it comes to security. In this tip, part of the SearchSecurity.com Application Security School lesson, learn how to secure LDAP, as well as how application security teams can work with infrastructure security teams to secure naming and directory services.

How to use hping to craft packets

Peter Giannoulis, Contributor — Tue, 23 Feb 2010 08:34:11 EST

A packet crafting tool that's been around for a long time, hping can be used to test if ports are open, as well as for firewall testing. Learn how to use hping in this tutorial.

Five endpoint DLP deployment data security tips

Rich Mogull, Contributor — Tue, 16 Feb 2010 09:01:46 EST

Deploying data loss prevention technology on endpoints requires a careful roll-out. Expert Rich Mogull offers five tips, including the need to start slowly with a set of power users and how to manage endpoint discovery.

How to properly implement firewall egress filtering

Scott Floyd, Contributor — Wed, 10 Feb 2010 09:41:25 EST

Deploying outbound rules on a firewall is easier said than done. Scott Floyd reviews how to block outbound network traffic while avoiding mistakes that may lead to business process interruptions.

VMware security: The administrator's ultimate resource guide

Hannah L. Drake — Wed, 03 Feb 2010 10:09:55 EST

In 2009, Gartner predicted that 60% of VMs would be less secure than their physical counterparts. Keep these resources on hand and avoid being part of a similar statistic.

What to do with network penetration test results

David Meier, Contributor — Tue, 02 Feb 2010 09:31:42 EST

It takes a lot of time and effort to plan and conduct an enterprise network penetration test, but the work doesn't stop there. Contributor David Meier explains how to conduct an analysis of pen testing results.

How to use TrueCrypt for disk encryption

Peter Giannoulis, Contributor — Tue, 26 Jan 2010 08:44:00 EST

Learn how to use TrueCrypt to create an ecrypted drive on a Windows PC, as well as how to create a hidden drive within a drive as an additional data protection measure.

Protecting enterprise networks from new mobile application downloads

Sandra Kay Miller, Contributor — Wed, 20 Jan 2010 08:59:58 EST

Thanks to the proliferation of mobile application download sites, enterprise users now have a nearly unlimited number of third-party apps installed on their handhelds. Sandra Kay Miller explains how administrators can keep their networks safe while still allowing employees to use their devices.