Category: Uncategorized

Access Control Models

Important Access Control Concepts Access control follows the identification and authentication process, and once users are authenticated, security and network administrators use access controls to ensure that only authenticated users get access to the resources they are authorized to access. There are several models of access control, but before we can discuss these different models, ...

Kerberos Authentication

Kerberos is a Single Sign-On (SSO) authentication protocol developed by the Massachusetts Institute of Technology in the 1980s. It is also a written standard in RFC 4120. As an SSO technology, users don't have to worry about entering different login credentials every time they access a resource. If we didn't have SSO technology, it wouldn't ...

Understanding the CIA Triad

No, I'm not referring to the Central Intelligence Agency, I'm referring to the three security principles: Confidentiality, Integrity, and Availability. In the cybersecurity world, these 3 principles are our core security goals. Confidentiality We keep sensitive and personal information "confidential," that is, the confidentiality principle enshrouds itself in preventing the unauthorized disclosure of data. We ...

PenTest Edition: Creating A Man-in-the-Middle Attack using Cain & Abel [Tutorial]

A man-in-the-middle attack occurs when an attacker sits in the middle of the communication between two victim devices, secretly relaying information back-and-forth on their behalf. It can be thought of as active eavesdropping. The attacker cannot only see the communication traveling to-and-from the victim devices, but can also inject his own malicious traffic. With this ...