Who
said analyzing firewalls and network devices was something tedious and cumbersome?
Well your problems are over: Introducing Nipper, the network device configuration
parser. I have found that nipper aids tremendously in helping audit and analyze network
devices during our assessments, reducing tremendously the time it takes to analyze
a network device configuration file. Nipper offers comprehensive and detailed reports
which anyone can understand. Nipper helps security administrators to check their network
devices for known vulnerabilities and configuration flaws, and attending the need
for industry standards and compliance controls such as PCI, HIPAA, ISO and BITS, and
the best part of using Nipper is the fact that this tool is absolutely free.
(continue reading…)
The use of a centralized log server has often been highlighted in many of today’s security
best practices. The constant need to collect, retain and protect these sensitive security
event log files sometimes overwhelm security and systems administrators, especially
in large corporate environments. When properly configured, security event logs are
used to track user activity and access on specific systems or objects, and is a key
element when tying to piece up the chain of events leading to a security incident.
Many security administrators might know how cumbersome it is to manage such security
event log files, and sometimes seek third party vendors to help them manage their
security log files. The truth is that
many of these problems can be solved using native features of your server operating
system.
(continue reading…)
While conducting most of our penetration
tests, we often find a very common DNS vulnerability. In order for us to understand
this vulnerability, we first need to know what a DNS server is. DNS servers are responsible
for name resolution, convertingName Addressesto IP addresses. It is true
that a company’s DNS server contains records of a variety of objects such as hosts,
server and services. In order to synchronize and update, DNS servers transfer
their records to other requesting DNS servers. DNS servers should only transfer zone
information between authorized servers. This
is where the problem resides; sometimes these servers are configured to allow “anonymous”
transfers, meaning that anyone can request a zone transfer without proper authentication
or authorization. By not restricting Anonymous Zone Transfers, companies sometimes
jeopardize the overall security of their infrastructure.
(continue reading…)
< ?xml:namespace prefix = v ns = "urn:schemas-microsoft-com:vml" />
(continue reading…)
Red
November:
Understanding the Red Flag Rule.
(continue reading…)
