server security.Servers are mission critical. Server security is a the key job of IT professionals in the new century. Server Security depends on the latest information. Server security means business.

Wednesday, June 01, 2005

The right Worm for the Job

The industrial espionage ring broken by Israeli police over the weekend, where private investigators hired a programmer to custom-create a Trojan horse that was then planted on rivals' PCs, is only the most recent evidence of a trend towards smart targeting by hackers, a security analyst said Wednesday.
security pipeline
It is easy to think of the threat to server security as coming from generalized worms which are simply destructive. However, worms can and as this story shows, are being used to access targetted information.

Watch out for tele-commuters

Viruses and spyware protection must exist both on the individual systems and at the perimeter. Perimeter protections can include firewalls and e-mail products and services. Companies need to block attacks before intrusion and catch those that get through as quickly as possible. Remote workers who can be a huge source of problems, particularly if they are using an inadequately protected VPN (Virtual Private Network) pipe.
security pipeline
If I want to access your system I might try to go through the main firewall; but why bother when you have workers at the end of insecure connections?

Wednesday, May 18, 2005

Eight Tips for Network Security

having the hardware and software isn't enough, says James Hurley, the Aberdeen Group's Vice President Risk, Security, and Compliance. Having the tools is not the same as knowing how to use them. "Looking at security only from a technology perspective leads organizations down the wrong path," Hurley says. "The most common error is the assumption that the security capabilities on network hardware and routers is all you need. Organizations that approach security solely from a technology perspective do it very poorly."
information week
This is critical - it is not all about the technology, it is about a security systm.

Friday, January 14, 2005

Google Hack

Last year two high profile worms used Google and other search engines to find potential targets. In August, a MyDoom variant used Google to find email addresses and a few months later the Santy worm found vulnerable bulletin board applications using various search engines. Security experts expect to see a lot more this year and advise enterprises to minimise their exposure to such attacks.

Andrew Collins, security manager in Asia/Pacific for CyberTrust, said that enterprises can avoid many of the potential dangers by ensuring that network resources -- such as Web cams -- are not indexed by search engines.

"We expect to see further automated attacks using Google searches to select potential targets as well as a continuing increase in the discovery of search strings that return unintended information such as error codes, Web-based cameras and restricted/private documents and Web pages. Network enabled physical security systems, such as Web cams and digital video capture systems, should be moved onto private networks that are not addressable from the Internet," said Collins.
znet uk
The Google bot is relentless. Once it starts in on your site it will index every page. Even pages you don't realize you are publishing such as web cam feeds. It will squeeze through any careless link to your private pages.

Whole websites are devoted to porn "open directory" situations where someone has found a back door into pics of naked girls or what have you.

Bots don't know your private network is private...if they can find a link they'll index the pages and people will be able to direct link in.

Wednesday, December 15, 2004


HOUSTON Former C-I-A Director Robert Gates said today at a conference in Houston that cyberterrorism could be the most devastating weapon of mass destruction yet.
And he says it could cripple the U-S economy.

Gates became Texas A-and-M University's president in 2002, about a decade after he left the C-I-A. He cited as an example the "love bug" virus that overwhelmed computer systems around the world in 2000.

Gates said at the conference at Rice University that the CIA and National Security Agency conducted an exercise six years ago, assigning 50 computer specialists to see how hard it would be to shut down the nation's electric grid.

He said it took only two days for the group to put itself in a position to do so.

Gates compared the war on terrorism to the Cold War and warned there is a long battle ahead.
The wonder of it is that the jihadis have not launched regular assaults on server integrity in the US. Or viruses. Or denial of service attacks.

Perhaps a bit difficult from a cave.

Monday, November 15, 2004

How much do we hate spam

A recent survey shows that spam is the number 1 pain point for IT pros, and spammers find new methods to avoid filters every day. Counter spam by learning the essentials for ensuring user productivity, increasing mail server efficiency, decreasing storage requirements, managing bandwidth, and controlling TCO.
windows IT Pro Magazine
A lot!

Monday, November 01, 2004

Pro Hackers and Server Security

Internet Security Systems' Robert Graham says hacker attacks and the motives behind them have become more coordinated, and many of the intruders are motivated by financial gain. "This year, things are changing, and you can see it from the FBI's activities in the U.S. this year," Graham said. "In one arrest by the FBI, the subject was a spammer who had thousands of machines under his control used to forward spam.
ecommerce times

Sunday, October 31, 2004

Microsoft's Virtual Lab

Did you know that Microsoft has a Virtual Lab? I recently learned about the lab which let's people test the company's latest software in a sandbox environment.

Handy for testing secure servers.

Server Security

Server Security is an enterprise critical issue. Server security is more than just patches. Server security is a whole attitude towards keeping firewalls, code and data away from hackers....and your competition. At Server Security News we provide up to date information in the critical areas of server security.