Ask the Experts

Ask the Experts

• Secure DMZ Web server setup advice

  Network security expert Anand Sastry describes how to ensure a secure DMZ Web server setup involving network attached storage (NAS).  Continue Reading

• Tips on how to remove malware manually

  In this expert response, Nick Lewis explains how to remove malware manually, step by step.  Continue Reading

• Which tools will help in validating form input in a website?

  Find out how to validate form input in a website.  Continue Reading

• MD5 security: Time to migrate to SHA-1 hash algorithm?

  Many organizations have been replacing the MD5 hash algorithm with the SHA-1 hash function, but can the MD5 hash algorithm still be used securely?  Continue Reading

• Security report template: How to write an executive report

  Writing a security report for executives doesn't have to be difficult or extensive, but security management expert Ernie Hayden describes how to make it comprehensive and clear.  Continue Reading

• Is it possible to crack the public key encryption algorithm?

  Is it possible to create a PKI encryption key that is unbreakable? IAM expert Randall Gamby weighs in.  Continue Reading

• Personally identifiable information guidelines for U.S. passport numbers

  Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman.  Continue Reading

• How to protect employee information in email paystubs

  Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response.  Continue Reading

• What is an encryption collision?

  Michael Cobb reviews how encryption collision attacks on cryptographic hash functions could compromise the security of all kinds of digital systems.  Continue Reading

• How to prevent ActiveX security risks

  Application expert Michael Cobb explains why ActiveX security relies entirely on human judgment.  Continue Reading

• What are new and commonly used public-key cryptography algorithms?

  Expert Michael Cobb breaks down a variety of encryption algorithms and reviews the use cases for several types of cryptography.  Continue Reading

• What are the export limitations for AES data encryption?

  Although AES is free for any use public or private, commercial or non-commercial programs that provide encryption capabilities are subject to U.S. export controls. Expert Michael Cobb reviews the limitations.  Continue Reading

• Port scan attack prevention best practices

  While it's impossible to prevent against all port scanning attacks, there are best practices for port scanning security (such as a port scanning firewall) that can keep your network secure. Expert Mike Chapple weighs in.  Continue Reading

• Should enterprises be running multiple firewalls?

  While there may be scenarios where a single firewall is an appropriate architecture for an organization, it's equally true that many environments may benefit from the use of more than one network device  Continue Reading

• Comparing an application proxy firewall and a gateway server firewall

  There are many types of firewalls in use in today's enterprises, so it's easy to get confused about the functions of each. In this expert response, learn the difference between a proxy server firewall and a gateway server firewall.  Continue Reading

• How to analyze a TCP and UDP network traffic spike

  What does it mean when TCP and UDP network traffic spikes? Network security expert Mike Chapple explains what this means for enterprise network security management.  Continue Reading

• How to avoid HIPAA Social Security number compliance violations

  It can be difficult to decipher what a HIPAA Social Security number violation is. In this information security management expert response, David Mortman explains how to avoid HIPAA SSN violations as an employer.  Continue Reading

• How does a Web server model differ from an application server model?

  A Web server model and an application server model share many similarities but require different defense methods. Each model, for example, calls for distinct placement of application servers.  Continue Reading

• What are the ethical issues when consulting for two competing companies?

  Security consulting is a job in which privacy is paramount. Leaking security strategies to the wrong people -- especially a company's competition -- could lead to breaches or break ins. In this expert response, David Mortman gives best practices for...  Continue Reading

• What are the security risks of opening port 110 and port 25?

  If an external manufacturer wants to remotely access its leased copiers, is it risky to open both port 110 or port 25? Mike Chapple reveals a few security repercussions.  Continue Reading

• What is the cause of an 'intrusion attempt' message?

  Have you ever received a message from your endpoint security product stating that an intrusion attempt has been blocked? Mike Chapple gives three possibilities for the alert's likely cause.  Continue Reading

• Comparing FTP vs. TFTP

  There are some differences between FTP and TFTP, but here's the catch: both are inherently insecure protocols.  Continue Reading

• What OSI Layer 4 protocol does FTP use to guarantee data delivery?

  What OSI Layer 4 protocol does FTP use to guarantee data delivery?  Continue Reading

• What firewall features will best protect a LAN from Internet hack attacks and malware?

  In the case of a small network, the necessary firewall doesn't need to be anything complicated. Network security expert Mike Chapple reviews the key features of the network device.  Continue Reading

• Is it impossible to successfully remove a rootkit?

  In this expert Q&A, Michael Cobb takes a closer a look at the nature of rootkits to see why they can be so difficult to remove.  Continue Reading

• What are the basics of a Web browser exploit?

  John Strand explains how attackers target a flaw in either the browser or in an application that the browser calls to process a Web request.  Continue Reading

• What vendors would you recommend for software write-blockers?

  In a forensics investigation, a software write-blocker can be very helpful. But which vendors offer the best blockers? Security management expert Mike Rothman explains what to look for.  Continue Reading

• Is the Orange Book still relevant for assessing security controls?

  Is the Orange Book still the be-all and end-all for assessing security controls in the enterprise? Security management expert Mike Rothman explains what happened to the Orange Book, and the Common Criteria for Information Technology Security ...  Continue Reading

• How to hide system information from network scanning software

  Network scanning software is capable of obtaining sensitive system information. Mike Chappel explains how implementing various firewalls can stop intrusive software in its tracks.  Continue Reading

• Should iPhone email be sent without SSL encryption?

  SSL encrypts all of the communication between your iPhone and your mail server. Network security expert Mike Chapple explains how important that feature really is.  Continue Reading

• Should a domain controller be placed within the DMZ?

  When creating an Active Directory network, is it necessary to place domain controllers in the DMZ? Network security expert Mike Chapple explains.  Continue Reading

• Is Triple DES a more secure encryption scheme than DUKPT?

  Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions.  Continue Reading

• What is the purpose of RFID identification?

  RFID identification can be used to keep track of everything from credit cards to livestock. But what security risks are involved?  Continue Reading

• How to secure an FTP connection

  Network security expert Mike Chapple offers three tips that enable an FTP connection without opening up an enterprise to security risks.  Continue Reading

• Is centralized logging worth all the effort?

  Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure.  Continue Reading

• Does SOX provision email archiving?

  Although SOX may lack specificity regarding certain controls, it does have clear mandates for email retention.  Continue Reading

• What techniques are being used to hack smart cards?

  Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers.  Continue Reading

• What are the dangers of using radio frequency identification (RFID) tags?

  In this expert response, Joel Dubin discusses the dangers associated with radio frequency identification (RFID) tags, and how users can protect themselves.  Continue Reading

• What software development practices prevent input validation attacks?

  Improper input validation leads to numerous kinds of attacks, including cross-site scripting, SQL injection and command injection. In this expert Q&A, Michael Cobb reviews the most important application development practices.  Continue Reading

• What are the pros and cons of using stand-alone authentication that is not Active Directory-based?

  Password managment tools other than Active Directory are available, though they may not be the best access control coordinators.  Continue Reading

• Does Teredo present security risks to the enterprise?

  Teredo allows internal networks to transition to IPv6, interconnecting them through their NAT devices and across the IPv4 Internet. Ed Skoudis explains why this function isn't as innocent as it seems.  Continue Reading

• How can root and administrator privileges of different systems be delegated on one account?

  In this expert response, Joel Dubin discusses how corporations can manage "superuser" accounts by delegating root and administrator privileges.  Continue Reading

• Will FTP ever be a secure way to transfer files?

  A SearchSecurity.com member asks our network security expert Mike Chapple: Is the File Transfer Protocol a secure way to transfer files? As one of his many monthly responses to readers, Chapple reveals a better alternative to FTP.  Continue Reading

• What are the security risks of a corporate divestiture?

  Security management expert Mike Rothman discusses the data protection issues involved with a corporate divestiture .  Continue Reading

• How should sensitive customer data, such as driver's license information, be handled?

  In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license.  Continue Reading

• Choosing from the top PKI products and vendors

  In this expert response, security pro Joel Dubin discusses the best ways to compare PKI products and vendors for enterprise implementation of PKI.  Continue Reading

• Should a router be placed between the firewall and DMZ?

  Modern firewalls have the ability to serve as a router, negating the need of another device on a network. There are exceptions to this router rule, however. Network security expert Mike Chapple explains.  Continue Reading

• How does SSL 'sit' between the network layer and application layer?

  SSL is neither a network layer protocol nor an application layer protocol. In this SearchSecurity.com Q&A, Michael Cobb explains how SSL "sits" between both layers.  Continue Reading

• How secure is the Windows registry?

  In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains the weaknesses of the Windows registry and explores other OS alternatives.  Continue Reading

• What are the potential risks of giving remote access to a third-party service provider?

  In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin discusses the potential risks involved with providing remote access to a third-party service provider.  Continue Reading

• Is the use of digital certificates with passwords considered two-factor authentication?

  In this SearchSecurity.com Q&A identity management and access control expert Joel Dubin identifies the factors that contribute to two-factor authentication, such as smart cards and digital certificates.  Continue Reading

• How to test an enterprise single sign-on login

  In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin examines the best ways to test an enterprise single sign-on (SSO) login.  Continue Reading

• What are the drawbacks to application firewalls?

  Application-layer firewalls examine ingoing and outgoing traffic more carefully than traditional packet-filtering firewalls, so why are some holding back on deployment? In this SearchSecurity.com Q&A, Michael Cobb reveals some cost and performance ...  Continue Reading

• What should be done with a RAID-5 array's failed drives?

  Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data.  Continue Reading

• How secure are document scanners and other 'scan to email' appliances?

  Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices.  Continue Reading

• What are the alternatives to RC4 and symmetric cryptography systems?

  In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how RC4 encryption stacks up against public key cryptography.  Continue Reading

• How can header information track down an email spoofer?

  Spammers can use spoofed headers to hide the true origin of unwanted email. In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to trust where a message is coming from.  Continue Reading

• What is an Nmap Maimon scan?

  Systems are often designed to hide out on a network. In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how Nmap Maimon scans can get a response out of them.  Continue Reading

• How do a DMZ and VPN work together?

  In this SearchSecurity.com Q&A, network security expert Mike Chapple explains the three distinct network zones in a typical firewall scenario and reveals how the DMZ and VPN, in particular, co-exist.  Continue Reading

• How to verify 140-2 (FIPS 140-2) compliance

  In this SearchSecurity.com Q&A, identity management and access control expert, Joel Dubin, discuses several ways to verify that Federal Information Processing Standard 140-2 is being enforced.  Continue Reading

• How can hackers bypass proxy servers?

  Hackers are bypassing proxy servers all the time and doing so for a variety of reasons. In this SearchSecurity.com expert Q&A, Ed Skoudis points out the holes in your protective filtering tools.  Continue Reading

• How can attackers exploit RSS software flaws?

  RSS syndication feeds are a convenient way to get your news, blogs or other favorite content, but these popular tools are often left exposed. In this SearchSecurity.com Q&A, Ed Skoudis explains how malicious hackers can attack RSS software and ...  Continue Reading

• What's the harm in removing the RFID chip in credit cards?

  If you're concerned that a credit card's RFID chip is putting your personal data at risk, why not just drill the darn thing out? Not so fast, says Joel Dubin. In this SearchSecurity.com Q&A, the identity management and access control expert ...  Continue Reading

• Can a TCP connection be made without an open port?

  A company may claim it has an "application" that allows computers to communicate without opening any ports, but network security expert Mike Chapple reveals whether you should believe the hype or not. Read more in this SearchSecurity.com Q&A.  Continue Reading

• How should security and networking groups manage the firewall?

  When it comes to firewalls, the networking group often handles the installation, while the information security department writes the rules. Should these responsibilities be split? In this expert Q&A, security management pro Shon Harris reveals how ...  Continue Reading

• Will biometric authentication replace the password?

  Some security observers say user IDs and passwords are obsolete and can be easily cracked, but that doesn't mean you should fire up biometric authentication projects just yet. In this SearchSecurity.com Q&A, identity management and access control ...  Continue Reading

• Can single sign-on (SSO) provide authentication for remote logons?

  If you're accessing multiple applications through a remote Citrix server, you have two options. Identity management and access control expert Joel Dubin explains both in this SearchSecurity.com Q&A.  Continue Reading

• Will two different operating systems cause administrative problems?

  Using two different operating systems can often boost a company's security, but there are practical limitations to the enterprise practice. In this expert Q&A, Michael Cobb reveals how separate platforms can lead to deployment issues and higher ...  Continue Reading

• How to safely issue passwords to new users

  In this Ask the Expert Q&A, our identity management and access control expert Joel Dubin offers tips on safe password distribution, and reviews the common mistakes that help desks and system administrators make when issuing new passwords.  Continue Reading

• How much time does it take to prepare for the CISSP?

   Continue Reading

• How does 'arbitrary code' exploit a device?

   Continue Reading

• The difference between a two-tier and a three-tier firewall

   Continue Reading