Get APLawrence.com by RSS30 results. Narrow Selection By Tag MDesrosiers AND
Other:
- Networking
- Administration - Cryptography - Disks/Filesystems - Fortinet - Install/Upgrade - Reviews
- Unix - Web
- Networking
- Administration - Cryptography - Disks/Filesystems - Fortinet - Install/Upgrade - Reviews
- Unix - Web
AIX Operating System Hardening Procedures & Security Guide
Some security packages address the problem by stripping all (or nearly all) network services and then instruct you to be careful about what you add to the system. That's a great approach but requires that you "get your hands on" the system before anyone laye rs anything onto it and you understand what you're adding to the system when you add it back in. These are two conditions that do not apply at many sites.\xa0 The approach here is different. We will consider services offered by the AIX 5.1 operating system, try to explain what each does, note the risks involved with each and make recommendations about what one ought to do to mitigate the risk.
| Title | Date | Comments | |||
|---|---|---|---|---|---|
| AIX Operating System Hardening Procedures & Security Guide | 2005 04 | ||||
| - System Hardening Procedures for AIX - | |||||
| Protect your Laptop with TrueCrypt | 2009 08 | ||||
| - Truly affordable hard drive, laptop and USB Drive encryption software for your business critical data - | |||||
| AIX Secure Image Installation Procedures | 2002 11 | ||||
| - NOTE: Screenshots are from an ASCII installation of AIX 5.1 using Windows HyperTerminal. - | |||||
| GIAC Enterprises Goes Cyber! | 2002 10 | ||||
| - With this in mind, GIAC Enterprises will make every concerted effort to follow a best practices policy, in regards to its network topology. Because we have a tight budget to work with, we will have to become very creative in our schemes, but not our methods. - | |||||
| GIAC Enterprises Goes Cyber! | 2002 10 | ||||
| - GIAC Enterprises Goes Cyber! - | |||||
| HIPAA Security Rule gap analysis | 2004 06 | ||||
| - HIPAA Security Rule gap analysis - | |||||
| Employee Monitoring | 2003 09 | ||||
| - It is estimated that employee Internet misuse and abuse causes over four billion dollars in lost work productivity. Several surveys reveal that 1 in 5 employees view online pornography at work and that 70% of adult web sites are hit between the hours of 9am-5pm. Not only do employees surf sex sites but they also visit sport sites like espn.com, bid on ebay.com,trade stocks on etrade.com, shop online at avon.com or just send tasteless jokes to their coworkers. This type of misuse not only hurts employee job performance but increases threats to information security and drains valuable network and corporate resources. Corporations can also be held liable for harassment due to sexually or racially discriminatory email sent through corporate Intranets. To prevent such abuses, companies have instituted proper use policies, and have actively written both filters and firewall rules(egress filtering) that block Net access to certain web sites. - | |||||
| Forinet FortiGate-50 - What Network Security should be | 2003 07 | ||||
| - Fortinet FortiGate-50 - What Network Security shouldbe - | |||||
| Recovery Time Objectives | 2009 04 | ||||
| - The RTO is a goal or an ideal time in which you need a specific resource or service to be available following an interruption or outage. In essence - | |||||
| Insider Threat | 2009 02 | ||||
| - An enormous threat exists within each and every organization. - | |||||
| Vendor Management Techniques | 2008 07 | ||||
| - Risks of granting system access to a third-party provider - | |||||
| Security Information Management (SIM) solutions | 2008 03 | ||||
| - Security Information Management (SIM) solutions - | |||||
 | |||||
| Endpoint Security | 2008 01 | ||||
| - Enforcing endpoint security to better protect and secure remote access to your infrastructure - | |||||
| PCI DSS and ISO 17799 | 2007 07 | ||||
| - differences between the ISO 17799 and PCI DSS information security standards - | |||||
| Security and Trust | 2007 02 | ||||
| - Last month's data breach disclosure from retail giant TJX Companies, will have a far reaching impact on their branding for years to come. We still refer to the BJ's Warehouse data breach from 2 years ago and last year's ChoicePoint incident. One of the major lessons that must be learned from these breaches is the impact of security and privacy on brand reputation and customer loyalty. To back up the assumption that security can be a competitive advantage or detractor for a business, one should read the following study called "Secure the Trust of Your Brand". - | |||||
| Did TJX act properly? | 2007 01 | ||||
| - Did TJX take appropriate steps after their data infrastructure was breached - | |||||
| Browser Security | 2007 01 | ||||
| - Improving Browser Security: Scandoo is a free service from ScanSafe that delivers safer Internet searches. Acting as a virtual search detective, Scandoo adds an icon next to each resulting link so you can tell at a glance whether it leads to a good site, suspect site or a bad site. This site works for Internet Explorer and Firefox. - | |||||
| Choosing an information security services provider | 2006 12 | ||||
| - tapping into a security service provider might be the best way to protect your company - | |||||
| Hardening your perimeter | 2006 11 | ||||
| - techniques available to harden or secure your network perimeter. - | |||||
| How to respond to a Security Incident | 2005 04 | ||||
| - isecurity incident response - | |||||
| ASP's and security | 2004 09 | ||||
| - A growing number of companies are using software hosted by application service providers. That means that business information is running on systems managed by a third party and accessed over a virtual private network (VPN) or over the Internet using secure socket layer (SSL). - | |||||
| Wireless Network Security | 2004 04 | ||||
| - Wireless networks are not just popular and convenient for mobile computer users. Crackers are finding them an easy target to gain entry into corporate networks. Digital intruders are compromising defenseless air space at corporations, public hot spots and homes to gain illegal entry to computers. A hot spot is an area within range of a wi-fi antenna, which allows internet access or network connectivity to happen by sending the packets via radio waves. - | |||||
| Phishing | 2004 02 | ||||
| - Phishing, also called "carding," is a high-tech scam that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive information. - | |||||
| Hardening your Perimeter | 2003 12 | ||||
| - Hardening your Perimeter - | |||||
| Security Analysis and Audit | 2003 11 | ||||
| - Security Analysis and Audit, a systematic, measurable technical assessment of how a security policy is employed at a specific site. - | |||||
| Trojans | 2003 09 | ||||
| - If you use a high speed connection, there are hundreds of "crackers" out lurking on the internet, looking to get a remote-access trojan horse or listener installed on your system, access it and find out what's on it. This isn't an exception anymore. Trojans and worms using trojan elements are the new viruses of the Internet. A trojan infection can allow total remote access to your computer by a third party. - | |||||
| I don't need no stinkin patches!! | 2003 09 | ||||
| - By providing updated patches to your environment, security experts agree, that up to 80% of known exploits and vulnerabilities would be rendered trivial. - | |||||
| Windows RPC flaw | 2003 08 | ||||
| - An attack tool, also known as an autorooter, is being used to compromise Windows servers - | |||||
| Poly (morphic) want a server…or Runaway worm | 2002 10 | ||||
| - Worms that are active will be able to 'learn' and change characteristics as they spread from system to system. - | |||||
| Browser Hijacking | 2002 10 | ||||
| - Browser Hijacking. None of this has to happen. Beyond the usual benefits of running an up-to-date antivirus software and firewall program and regularly downloading Microsoft's critical updates, two of the biggest security flaws behind browser hijacking can be fixed with a pair of quick downloads and a third can be remedied by installing a better browser. - | |||||
 | |||||
