Special Reports
Special Report on AntiOnline Spotlight Enterprise IT Planet's column that highlights a timely and thought-provoking discussion on computer security. Corporate Monitoring or Big Brother?
[June 22, 2007] AntiOnline Spotlight: What do you say to management types that want to be able to pry into everything? OpenVPN Ready for Business?
[June 6, 2007] AntiOnline Spotlight: A question about this open source VPN software yields meaningful insight into the world of corporate security. Also, Ubuntu experiences; efficient network design; and adventures in botched data recovery. Drive Encryption Rewards and Risks
[May 11, 2007] AntiOnline Spotlight: Do you encrypt your drives? If you're considering this method of safeguarding your data, make sure you have a complete picture of the protections it offers. Also, lessons in concealing malware; thoughts PHP and MySQL injections; and tools for banishing spyware. Not So SIMple
[May 4, 2007] AO Spotlight: Deciding on a SIM (security information management) product? Be sure to consult our members first. Also: stories of survival after encountering dimwitted users and the effect of virtual machines on network security. Intrusion Detection and Honeypots
[April 27, 2007] AO Spotlight: Catch up on the latest AntiOnline security and tech discussions. This week: the difference between IDSes and honeypots; starting a career in information security; keeping data safe in a Web 2.0 world; and an OS usage poll. AO Security Discussion Roundup
[April 20, 2007] Catch up on the latest AntiOnline security and tech discussions. This week: using TOR; the regulatory compliance implications of attaching a personal PC to a corporate network; and a handy list of informative security podcasts. Wireless Security Checklist
[August 31, 2006] AntiOnline Spotlight: Want to keep the wardrivers off your network? Our members share some handy tips for worry-free Wi-Fi connectivity. The Value of Pen Testing
[August 3, 2006] AntiOnline Spotlight: If your organization's network hasn't undergone penetration testing, it may be more than just a prime target for hackers. It may also end up drawing the ire of regulatory bodies. Catching Flies with Honey
[June 23, 2006] AntiOnline Spotlight: Though it's a monumental waste of time to attack a honeypot, security geeks can watch in mild amusement as hackers' tactics are laid bare. Summer Fun for the Security Administrator
[June 15, 2006] AntiOnline Spotlight: Grab the sunscreen, your laptop, a chilled drink and settle into your favorite lawn chair for some summer reading. Let's start with some 419 hijinks... A Career in Network Security
[May 26, 2006] AntiOnline Spotlight: Members discuss what to expect on the network security career path and how they landed their gigs. Grappling with RFID
[May 11, 2006] AntiOnline Spotlight: The technology is changing the way people pay for things, how stores stock their shelves and how workers access their offices. But is there a price to pay for this convenience? Going Mano a Mano with Spyware
[April 7, 2006] AntiOnline Spotlight: Roll up your sleeves; this might get a little messy. Your Money or Your Data
[March 17, 2006] AntiOnline Spotlight: What's worse than losing your data to malware? Paying a ransom to get it back. How Spammers Slip Through
[March 3, 2006] AntiOnline Spotlight: Are you finding that more spam is slipping by your filters? Time for a closer look at their methods. Coffee Shop Privacy
[February 17, 2006] AntiOnline Spotlight: Some of your workers might be plugging away at the local coffee haunt for a change of pace and a delicious espresso. Trouble is, they might be doing it right next to a hacker. Outsmarting a Zero-Day
[February 3, 2006] AntiOnline Spotlight: Is a debilitating network attack inevitable in the wake of a zero-day? Not if you take some precautions and keep your ear to the ground.
Ethical Disclosure
[January 20, 2006] AntiOnline Spotlight: If you should ever stumble upon a software vulnerability, this tutorial examines how a responsible person goes about letting the right people know without tipping off malware coders. Patching Strategies
[January 13, 2006] AntiOnline Spotlight: In a perfect world, admins would deploy patches as soon as they became available. But in reality, they have to account for a host of factors including countless users, critical applications and software compatibility. Admins to Microsoft: WMF?!
[January 6, 2006] AntiOnline Spotlight: It's not mistyped online shorthand. Security pros were rankled by the Windows WMF flaw and had many nervously counting the minutes until a patch arrived or taking more drastic measures. The Dangers of Dormant Accounts
[December 2, 2005] AntiOnline Spotlight: Aside from a messy directory, disabled accounts are pretty harmless, right? Until they inexplicably wake up... AntiOnline Spotlight: Sony Rootkit Backlash, Week 2
[November 11, 2005] Last week Sony had to endure the ire of computer security professionals. This week the lawyers get involved. AntiOnline Spotlight: Sony Rootkit Backlash
[November 4, 2005] Inject hidden software to combat piracy? Sony learned a hard lesson in employing technologies that can compromise a user's security. AntiOnline Spotlight: Anatomy of a Strong Password
[October 21, 2005] 'Tis the season! The holiday online shopping rush is nearly upon us. For safe and secure transactions, now is a good time to review your passwords and strengthen those that fall short. AntiOnline Spotlight: What You Don't Know...
[October 14, 2005] To disclose or not to disclose? Security researchers are discovering that what they discuss in public may land them in hot water. AntiOnline Spotlight: Physical Security and Your Datacenter
[October 6, 2005] Think all you need is a bare space and some good locks? Think again. AntiOnline Spotlight: Rootkits Lie in Wait
[September 29, 2005] If you thought spyware and viruses were nuisances, they can't hold a candle to the way rootkits dig their claws into your systems. AntiOnline Spotlight: Network Printers Share Secrets
[September 21, 2005] During the time you spent securing your servers and workstations, your printers may have been giving up the goods. AntiOnline Spotlight: Data Classification
[September 9, 2005] As tempting as it is to blame leaks on sneaky attackers or shoddy security, the more likely explanation is that your workers may not have a good grasp on how to treat your company's information. It's time for a clear and unambiguous data classification system. AntiOnline Spotlight: The Great Google Snub
[August 12, 2005] Google is shunning CNet over a controversial article dealing with privacy in an era of find-anything search engines. Is it a tempest in a teapot or are other forces at play? AntiOnline Spotlight: Advanced Web-based Honeypot Techniques
[August 5, 2005] Tutorial: Google may be the Internet's white knight, but it has a dark side... AntiOnline Spotlight: Insight #14
[August 1, 2005] The latest AntiOnline newsletter explores the different facets of physical security, how to implement protection against rogue DHCP servers, a look at authentication proxies and lessons in talking to end-users. AntiOnline Spotlight: Florida Wi-Fi Arrest
[July 8, 2005] Borrowing some poorly guarded bandwidth? You may want to think twice before hopping onto your neighbor's network in one Florida town. AntiOnline Tutorial: Adware and Spyware Removal
[June 10, 2005] The best way to enhance security and improve system performance? Let's start with removing all that junk that's spying on you. AO Spotlight: Wireless Security Overhaul
[June 3, 2005] So, your organization is finally getting serious about wireless security. Good. Now comes the hard part... AntiOnline Spotlight: Unmasking Mystery Machines
[May 20, 2005] Don't wait for a new system to mysteriously pop up on your network. AO members discuss how to keep rogue PCs away and how to track them down if they ever set foot. AntiOnline Spotlight: Account Lockouts
[May 6, 2005] This week, we examine a security policy that is reviled by absent-minded users but necessary for curbing unauthorized access attempts. AntiOnline Spotlight: When Updates Attack
[April 29, 2005] Trend Micro unintentionally released an update that proved more damaging than most of the viruses and worms it was meant to protect against. Now the company has its hands full, not only salvaging its antivirus software, and but its reputation as well. AntiOnline Spotlight: Windows 2003 SP1 Overview and Security Configuration
[April 22, 2005] With every service pack release from Microsoft, worried looks adorn the faces of administrators far and wide. But with a few pointers, they can embark on a stress-free upgrade. AntiOnline Spotlight: Essential Firewall Hardening Guide
[April 1, 2005] Configuring corporate firewalls can be a daunting task. This week, we spotlight a tutorial that puts your IT staff on the right track and your security concerns at ease. AntiOnline Spotlight: Backup Procedures
[March 18, 2005] From the average home user to the largest businesses, the best method to prevent a catastrophic loss of data is to institute a systematic backup policy. But no matter how many times you drill it into their heads, some never seem to listen... AntiOnline Spotlight: Spam Declining?
[March 11, 2005] Conventional wisdom states that spam is a growing problem and efforts to eliminate it have done little to turn the tide. Or have they? AntiOnline Spotlight: Phishing and Cyber Scam Forum
[March 4, 2005] Phishers are reeling in ill-gotten gains simply because Web users keep falling for the bait. AntiOnline launches a forum that blows the lid off online scams. AntiOnline Spotlight: Hardening the Windows TCP/IP Stack
[February 25, 2005] Annoyed that you can't tinker with Windows' closed-source inner workings? Just fire up your registry editor and craft a secure box of your own. AntiOnline Spotlight: Google Hack Honeypot
[February 16, 2005] Many a word has been written about how Google can be used to expose security holes. How about doing something about it for a change? AntiOnline Spotlight: Evil Twin Hotspots
[February 10, 2005] Sounds like a hokey plot device, right? Yet 'evil twins', in the wireless sense at least, can pose a real threat to Wi-Fi users. AntiOnline Spotlight: ID Thieves Rake in a Half Billion Dollars
[February 3, 2005] The FTC reports that fraudsters have scored well over a half billion dollars through identity theft scams, though most of it 'offline'. Nonetheless, phishers and other online scammers are rapidly elevating their game. AntiOnline Spotlight: HijackThis Tutorial
[January 26, 2005] As many an online support forum user will attest, thousands of stymied spyware victims have flocked to this tool. But unbeknownst to many, HijackThis also has some other handy abilities. AntiOnline Spotlight: Network Security Made Easy?
[January 14, 2005] It's easy to get worked up and lost in a tangle of security bulletins. But it only takes a 'bird's eye view' of the problem, and a few easy steps, for admins to greatly diminish the risk to their networks. AntiOnline Spotlight: Microsoft AntiSpyware First Impressions
[January 7, 2005] Microsoft kicked off the New Year with a beta of its GIANT-powered anti-spyware utility. See what the security experts at AntiOnline found when they put it through its paces. Thumbs up or thumbs down? AO Spotlight: Good Riddance to 2004
[December 30, 2004] This year, we invited AntiOnline's members to discuss the network security problems that made 2004 a year for the history books. AntiOnline Spotlight: Recovering from Getting Hacked
[November 19, 2004] When the shock subsides and the finger pointing comes to an end, it's time to take steps to prevent your Web site from getting hacked again. AntiOnline Spotlight: Simply Irretrievable
[November 12, 2004] You don't want snoops rifling through your hard drive data after you've disposed of it. But to what lengths are you willing to go? AntiOnline Spotlight: Internet Security Basics
[November 5, 2004] You do your best to ensure that your network's defenses are impenetrable and its systems pristine. Yet employees somehow keep tracking all manner of online dirt through the door. It's time to tackle online security at the home. AntiOnline Spotlight: Corporations Oblivious to Spyware
[October 28, 2004] Businesses are mounting a formidable defense against viruses, worms and spam. So why are they leaving a gaping hole open for spyware? AntiOnline Spotlight: Security Tutorial Central
[October 21, 2004] Online computer security community launches a one-stop resource for the tricks of the trade. AntiOnline Spotlight: MS Security Debate Rages
[October 8, 2004] The world's most beloved OS is often times the most maligned. Will Windows security always be a thorn in an admin's side or are things finally turning around? AntiOnline Spotlight: Freshly Baked Security Tutorials
[October 1, 2004] Technology evolves at a brisk pace, so why aren't your tutorials keeping up? Get up-to-the-minute tips on securing your systems from experts in the field. AntiOnline Spotlight: MS "JPEG of Doom" Week Two
[September 24, 2004] Fears of an impending JPEG virus epidemic took a step closer to reality as exploit code surfaces. AntiOnline Spotlight: JPEG Hacking
[September 17, 2004] Update: Exploits are circulating! Microsoft has already provided a patch but the possibility of getting hacked via a .jpg file has the security community abuzz. AntiOnline Spotlight: Free Anti-Virus
[September 10, 2004] You may be a pro at protecting your network. But what product would you recommend when your thrifty workers require virus protection at home? Oh, and it has to be free, gratis, $0.00! AntiOnline Spotlight: IPv6 Looms
[September 3, 2004] IPv6 is set to deliver a near-limitless number of IP addresses (for the foreseeable future), including some key security enhancements. But will it cause more problems that it solves? AntiOnline Spotlight: Staving Off Google
[August 19, 2004] While the world seems caught up in its IPO, webmasters are fighting to keep it from blowing their sites wide open.
AntiOnline: Early XP SP2 Reactions
[August 12, 2004] The forums are buzzing with SP2 talk. A look at some of the early reactions to the update from Microsoft that's supposed to usher in a new era of secure computing for the masses. AntiOnline Spotlight: Locking Down SUSE Linux
[August 5, 2004] A few pointers on securing the OS that's become a popular choice for enterprise deployments. AntiOnline Spotlight: Firewall Recommendations
[July 29, 2004] Stuck on which firewall to deploy? AO members bring first-hand experience into play as they select their favorites. AntiOnline Spotlight: Tips for Secure Wi-Fi
[July 22, 2004] Maybe your business just doesn't see the need for wireless access, but rest assured, eventually it will. Prepare yourself with these handy tips. AntiOnline Spotlight: DoS and DDoS Examined
[July 15, 2004] Think a hardy firewall will end your denial of service attack woes? Think again. AntiOnline Spotlight: Will XP SP2 Break Windows Apps?
[July 8, 2004] Service Pack 2 for Windows XP is supposed to dramatically reduce the chances of your PC succumbing to malicious code. Will it also cause problems for your day-to-day 'benign' code? AntiOnline Spotlight: IE, I Dump Thee
[June 30, 2004] Fed up with the gaping security holes in Microsoft's Internet Explorer, users are starting to look at alternatives. AntiOnline Spotlight: A Tale of Two Logfiles
[June 24, 2004] Intrigue, suspense, clever twists... The AO crowd enjoys some summer reading in this tale that also a serves as a tutorial on corporate incidence response. What would you do if you got the dreaded call? AntiOnline Spotlight: Your Cell Phone is Next
[June 17, 2004] Worm outbreaks on cell phones? This doomsday scenario (for mobile gabbers at least) appears to be close at hand with the recent news of Cabir. But is it all blown out of proportion? AntiOnline Spotlight: Buffer Overflows
[June 10, 2004] You're aware that buffer overflows are not a good thing, but is this the extent of what you know (or care) about the topic? Learn how they work and why they've been a thorn in the side of the security-minded. AntiOnline Spotlight: Bandwidth Hogs
[June 3, 2004] On the surface, heavy Internet use may not seem like a grave security concern. But excessive use of network resources can be indicative of behavior that can potentially leave your systems open to attack, namely P2P activity and unauthorized downloads. AntiOnline Spotlight: Network Vulnerability Assessment
[May 27, 2004] A chore, certainly, but a necessary one if you want to keep one step ahead of attackers. AntiOnline Spotlight: Our Intern Is a Hacker!
[May 21, 2004] Administrators are accustomed to keeping hackers out. But what if HR lets one in right through the front door? AntiOnline Spotlight: Google as a Hacking Tool
[May 14, 2004] Why is Google so popular? Mostly because of its relevant search results. To achieve this, Google indexes aggressively. If your Web server isn't properly configured, this 'net user's best friend can become your worst enemy. AntiOnline Spotlight: VoIP Security
[May 7, 2004] More and more businesses are ditching their old analog phone service and jumping on the VoIP (voice over IP) bandwagon. Will this herald a rise in attacks against voice communications? AntiOnline Spotlight: Spyware Protection for Networks
[April 29, 2004] Stopping spyware is usually just an easy (and mostly free) download away. Even ISPs are getting into the act by helping their users banish the intrusive code. But where do admins turn when they want to provide the same protection for their networks? AntiOnline Spotlight: TCP Doom and Gloom
[April 22, 2004] A TCP flaw has the potential to bring the Internet crashing down, laying waste to e-commerce as we know it. Or does it? AntiOnline Spotlight: Gone Phishing
[April 15, 2004] Best Buy, Symantec, Citibank, eBay... What do these companies have in common? Scammers are banking on their good name to trick users into coughing up valuable information. Protect yourself and your staff. AntiOnline Spotlight: Securing Laptops
[April 8, 2004] Unlike their deskbound cousins, portables regularly venture outside of the safe confines of your network. You may not be able to control where they go, but you definitely have some say in what hitches a ride back with them. AntiOnline Spotlight: Trojan Force
[April 1, 2004] Despite the notion that 'true' hackers wouldn't be caught dead using trojans, legions of attackers still rely on them to prop open network defenses. AntiOnline Spotlight: Wireless Security
[March 22, 2004] Roaming workers don't want to hunt for jacks and all of upper management wants to sip espressos at the coffee shop while catching up on e-mails. Make sure you're ready when Wi-Fi makes a play for your corporate network.
AntiOnline Spotlight: Microsoft Metadata Forensics
[March 11, 2004] What secrets are your Word docs revealing about your company? AntiOnline Spotlight: Admins and Users at Odds
[March 4, 2004] The blame game: Where do an administrator's responsibilities end and a user's begin? AntiOnline Spotlight: SP2 Tackles Windows Security
[February 26, 2004] Months before its official release, AO members weigh in on SP2's security enhancements. AntiOnline Spotlight: Footprinting with Host
[February 19, 2004] Learn how the venerable host command can reveal more about your network than you think, not to mention what hackers probably already know. AntiOnline Spotlight: The Security Pro's Open Source/Freeware Toolbox
[February 12, 2004] If you're an administrator on a budget, you can still provide effective network security with these best-in-class open source and freeware recommendations. AntiOnline Spotlight: Held Hostage
[February 5, 2004] What if your Web business were held at virtual gunpoint? AO members discuss coping with demands of payment under the threat of getting DDoSed into oblivion. AntiOnline Spotlight: MyDoom Testing Your Patience?
[January 29, 2004] MyDoom is quickly making the days of SoBig and Blaster seem like a walk in the park. AntiOnline Spotlight: Linux as a Firewall Foundation
[January 22, 2004] In keeping with this week's Linux-centric festivities (a.k.a. LinuxWorld), we examine some AO member recommendations on basing firewalls off of the open source OS. AntiOnline Security Spotlight: IDS with an Open Source Twist
[January 15, 2004] An introduction to intrustion detection systems and basics on protecting your network with Snort. AntiOnline Security Spotlight: The Evils of Default Security
[January 8, 2004] Are 'hardened by default' systems lulling computer users into a false sense of security?
AntiOnline Security Spotlight: Retribution
[December 18, 2003] AO members debate the legality of defending your systems by going on the offensive. AntiOnline Security Spotlight: Wargames
[December 11, 2003] Want to test your mettle against hackers? Our resident security professor outlines a challenging activity that helps keep the InfoSec crowd on their toes. AntiOnline Spotlight: VLAN Intro
[December 4, 2003] Setting up a complex network? Discover how VLANs can work in your favor, but not before exploring some security implications. AntiOnline Security Spotlight: Ironclad Passwords
[November 20, 2003] More often than not, a weak user password is the only thing standing in the way between an intruder and your company's valuable data. Lay the foundation for a strong password policy with this week's spotlight AO discussion.
AntiOnline Security Spotlight: How Hackers Pick Their Victims
[November 13, 2003] Are you an easy target? Delve into the factors that motivate an attacker to breach your network's security. AntiOnline Security Spotlight: Tripwire Tutorial
[November 6, 2003] Another tool for your bag of tricks! Get to know a technology that can detect even the stealthiest of intrusions, regardless of how lightly a hacker treads. AntiOnline Security Spotlight: CD-Wrecker
[October 30, 2003] Granted, a new OS install is bound to cause an incompatibility or two. Rarely, however, does it actually wreck your hardware! Sadly, a certain Linux distro can do just that. AntiOnline Security Spotlight: Trust Your OS Again!
[October 23, 2003] Don't trust your server any farther than you can throw it? Relax. Discover some of the steps administrators can take to guard against unauthorized access and potentially devastating intrusions. AntiOnline Security Spotlight: Trojan and Backdoor Myths
[October 16, 2003] Think your anti-virus apps and firewalls provide you with total immunity to keyloggers and other nasty pieces of code? Think again.
AntiOnline Security Spotlight: Loose Valve
[October 9, 2003] Slowly and deliberately, Valve's prized Half-Life 2 source code trickled out of their networks and onto the Internet at large. Bad news for their ardent following and even worse for a developer in the intensely competitive video game market. AntiOnline Security Spotlight: No Good Deed
[October 2, 2003] As the old saying goes, no good deed goes unpunished. Such was the case of an alert computer user at a school's library. AntiOnline Security Spotlight: Linux a Hacker's Delight?
[September 25, 2003] Sure, Microsoft seems to be suffering a relentless assault on Windows security. However, data suggests that Linux is becoming a hacker's paradise. AntiOnline Security Spotlight: Wardriving
[September 18, 2003] That suspicious sedan parked outside your office... A spy? The feds? A wardriver! Administrators would do well to learn the tricks of the trade before their networks become 'drive-thru' access points. AntiOnline Security Spotlight: Adrian Lamo
[September 11, 2003] The media buzz surrounding the 'homeless hacker' is beginning to take on Mitnick-esque proportions. What do sysadmins think of Adrian Lamo and his run-in with the New York Times? AntiOnline Security Spotlight: Social Engineering
[September 4, 2003] Intrusion attempts can take many forms, including phone calls and e-mails that appear to come from your sysadmins or other trusted personnel. Don't let your network fall victim to lapses in judgement or quirks in human behavior. AntiOnline Security Spotlight: Image Theft
[August 28, 2003] Why let your graphic designers toil away on images that anyone can swipe? Learn how to become more protective of your online assets.
AntiOnline Security Spotlight: Firewalls and Honeypots
[August 21, 2003] This week we spotlight firewalls and honeypots -- tools that savvy network admins use to help build impenetrable defenses. AntiOnline Security Spotlight: Blaster Worm
[August 14, 2003] Despite some headline-grabbing security bulletins, systems are falling victim to this worm. Read up on what AO community members have to say about it, including some interesting tidbits from those that have 'dissected' it. AntiOnline Security Spotlight: Hacking Culture
[August 7, 2003] We're kicking off our AO coverage by taking a look at one of the most popular AntiOnline tutorials called 'Hacking Culture: Ethics' authored by Ennis, one of AO's intrepid moderators.
|