Archive for July 2014
Keylogger
A keylogger, sometimes called a
keystroke logger, key logger, or system monitor, is a hardware device or small
program that monitors each keystroke a user types on a specific computer's
keyboard. As a hardware device, a keylogger is a small battery-sized plug that
serves as a connector between the user's keyboard and computer. Because the
device resembles an ordinary keyboard plug, it is relatively easy for someone
who wants to monitor a user's behavior to physically hide such a device
"in plain sight." (It also helps that most workstation keyboards plug
into the back of the computer.) As the user types, the device collects each
keystroke and saves it as text in its own miniature hard drive. At a later
point in time, the person who installed the keylogger must return and
physically remove the device in order to access the information the device has
gathered.
A keylogger program does not
require physical access to the user's computer. It can be downloaded on purpose
by someone who wants to monitor activity on a particular computer or it can be
downloaded unwittingly as spyware and executed as part of a rootkit or remote
administration (RAT) Trojan horse. A keylogger program typically consists of
two files that get installed in the same directory: a dynamic link library
(DLL) file (which does all the recording) and an executable file (.EXE) that
installs the DLL file and triggers it to work. The keylogger program records
each keystroke the user types and uploads the information over the Internet
periodically to whoever installed the program.
Although keylogger programs are
promoted for benign purposes like allowing parents to monitor their children's
whereabouts on the Internet, most privacy advocates agree that the potential
for abuse is so great that legislation should be enacted to clearly make the
unauthorized use of keyloggers a criminal offense.
CISCO SECURITY
Take Advantage of the
Cisco Technology Migration Program
Get 15 percent credit for trading in
competitive web security products. the Cisco Web Security Competitive
Technology Migration Program today.
Today's enterprise needs to use the power of the web without undermining business agility or security. Securing every device that crosses the enterprise network means implementing an architecture that is adaptive and responsive to today’s security attacks.
Improve your web security posture and take advantage of this migration program to experience:
Today's enterprise needs to use the power of the web without undermining business agility or security. Securing every device that crosses the enterprise network means implementing an architecture that is adaptive and responsive to today’s security attacks.
Improve your web security posture and take advantage of this migration program to experience:
·
Simplified deployment to protect users and customers
·
Exceptional web security, optimized for all users in any
location
·
Excellent visibility, reporting, and control
·
Reduced costs and an extended value of the existing
infrastructure
·
Flexible and effective policy controls
Understand more about web security for today's
business environment and learn how to improve your security posture.
Tag :
Security
Security Testing
.jpg)
Security
testing verifies whether a system under test only allows designated users and
processes access to business functionality and data. Security Testing should verify that the
business security is maintained through test conditions that verify a system's
integrity and confidentiality during active attacks (Penetration Testing) and
during passive states. Security testing
should also validate whether a system's authentication processes provide
transmission and access to verified and measured resources.
·
Identify
and remove vulnerabilities in applications and networks
·
Assess
and mitigate risks
·
Meet
regulatory and compliance requirements of business
Testing
Performance provide a hardware testing solution to inject load and active
attacks against your firewalls.
Firewall Testing Services:
There is
no test more robust to ensure the security of your systems and to ensure that
your firewall solutions are fit for purpose. The testing can be conducted
on-site, in a controlled testing environment, or off-site at a testing lab.This
combination of load testing and security testing will provide you with a
comprehensive set of test results that clearly demonstrates the performance
characteristics of your firewalls.
Windows Server 2008 Security
Windows Server 2008
includes an impressive array of new security applications and features that
further enhance enterprise deployments, particularly within hostile
environments or under potentially threatening scenarios. Today’s Internet is a
brightly illuminated world that casts shadows, and from those shadows arise
criminal aspirations that seek to infiltrate, pilfer, and undermine
Internet-accessible businesses. Microsoft has stepped up its Windows Server
2008 defenses to better serve the computing public that can’t always defend
against unforeseen, persistent, or stealthy attack.
The following
paragraphs briefly summarize some of the new and newly enhanced security
features of the Windows Server 2008 family:
• Bit Locker Drive
Encryption is a security feature of both Windows Vista and Windows Server 2008
(again sharing a common base) to provide strong cryptography protection over
stored sensitive data within the operating system volume. Bit Locker encrypts all
data stored in the Windows volume and any relevant configured data volumes,
which includes hibernation and paging files, applications, and application
data. Furthermore, Bit Locker works in conjunction with Trusted Platform Module
(TPM) frameworks to ensure the integrity of protected volumes from tampering,
even — and especially — while the operating system isn't operational (like when
the system is turned off).
• Windows Service
Hardening turns Internet-facing servers into bastions resistant to many forms of
network-driven attack. This restricts critical
Windows services from
performing abnormal system activities within the file system, registry, network,
or other resources that may be leveraged to install Malware or launch further
attacks on other computers.
• Microsoft Forefront
Security Technologies is a comprehensive solution that provides protection for
the client operating system, application servers, and the network edge. In the
Forefront Client Security role, you may provide unified malware protection for
business notebooks, workstations, and server platforms with easier management
and control. Server security can fortify Microsoft Exchange messaging
environments
or protect Office
SharePoint Server 2007 services against viruses, worms, and spam.
• Internet Security and
Acceleration (ISA) Server provides enterprise worthy firewall, virtual private network (VPN), and Web caching solutions to protect IT environments against
Internet-based threats. Microsoft’s Intelligent Application Gateway is a
remote-access intermediary that provides secure socket layer (SSL) application
access and protection with endpoint security management.
• User Account Control
(UAC) enables cleaner separation of duties to allow non-administrative user
accounts to occasionally perform administrative tasks without having to switch
users, log off, or use the Run As command. UAC can also require administrators
to specifically approve applications that make system-wide changes before
allowing those applications to run. Admin Approval Mode (AAM) is a UAC
configuration that creates a split user access token for administrators, to
further separate administrative from non-administrative tasks and capabilities.
• Windows Firewall and
Advanced Security is an MMC snap-in that handles both firewall and IP Security
(IPSec) configurations in Windows Sever 2008. This edition is the first to have
the Windows Firewall enabled by default. It can create filters for IPv4 and
IPv6 inbound or outbound traffic and protect information entering or exiting the
computer through IPSec. This component replaces both the firewall applet and
the IPSec and IPSec-related tool sets.
• Network Access
Protection (NAP) is a policy enforcement platform built into Windows Server
2008 that maintains a social health order for the network environment by
specifically requiring that connecting client computers meet certain criteria.
Such requirements include having a current, functional firewall enabled with
recent operating system updates already in place. NAP helps create custom
health code requirements driven through policy enforcement to validate
compliant computers before making any connections to the protected network.