Intrusion Detection and Prevention Systems

The process of intrusion detection involves the monitoring of systems or networks for any signs and occurrences of events or incidents deemed either suspicious or in violation of to an organization's security policy or rule set. An "Intrusion Detection System (IDS)" is a hardware appliance or software that has the ability to detect signs of... Continue Reading →

Common Endpoint Vulnerabilities and Their Proper Remediation

Endpoints are end-user devices (think mobile, desktop, peripherals, or otherwise). Mobile smartphones, especially, are common attack vectors. Here, I'll discuss the more predominant vulnerabilities facing our endpoints and what we can do to prevent and mitigate these problems. Malicious E-Mail Attachments Malicious e-mail attachments are always concerning because many employees click on them and end... Continue Reading →

Active Reconnaissance and Port Scanning Using Nmap

Nmap, or "Network Mapper," is a network discovery, analysis, and auditing tool utilized by both network defenders and network attackers. As an exceedingly flexible tool with dozens of methods for mapping out networks, Nmap has become a critically acclaimed and well-supported cyber tool. Using Nmap, we can perform network sweeps to discover available hosts on... Continue Reading →

Tips for Securing Your Network

Before I begin, let's address two obvious questions. Number one, what kind of network are we talking about here? I'm referring to a large or enterprise network. However, you can implement some of these security solutions on your home or SOHO network. Well, maybe you wouldn't want a network access enterprise server at your home.... Continue Reading →

The Ping of Death

The "Ping of Death" abuses the "Internet Control Message Protocol," which we rely on for troubleshooting and reporting utilities on our network, such as the "Ping" command. Network folks usually "ping" another host or system, either on the local network or on the Internet, to test its reachability. For example, you could ping a Web... Continue Reading →

Understanding and Identifying Logical Ports

Identifying Logical Ports There are two types of ports: physical and logical ports. Physical ports are the RJ-45 female jacks that are attached to a switch, router, firewall, server, patch panel, or Ethernet outlet. I've provided some examples below. The ports I'm talking about, however, are logical ports. Understanding Logical Ports In computer science, a... Continue Reading →

Control Types

Control Types After a user has been identified and authenticated, the next security measure involves authorization and access control. From a broad standpoint, there are three main security control classifications that cybersecurity professionals base on their implementation. They are technical, management, and operational. Technical Controls Technical controls are any controls (both hardware and software) utilizing... Continue Reading →

The 5 Factors of Authentication

Many people confuse authentication with authorization. They both start with "auth," so I can see how these terms might be mistakenly used interchangeably. The reality is authentication comes before authorization. Authentication is simply proving you are who you say are. For example, you provide your identity, such as a username or E-mail, and then you... Continue Reading →

Up ↑