-
Botnets – What are botnets, what can they do & how to protect against them
Botnets are automated computer programs that install themselves on many unsuspecting victim machines and launch coordinated attacks against target systems. Spam bot is a type of botnet, but there are other (more vicious) botnets that are deployed for various purposes. In this article, let us look at - What are botnets, how botnets spread, what can botnets do and how to protect against botnets.
-
What are Network/ Internet Worms & A short story of Stuxnet
In this article, let us look at what computer worms are, some techniques used by them to infect systems, what they can do and how they spread. But before that, let us read a short story of the most famous worm - Stuxnet.
-
What is a Trojan Horse in Computer Networks and how to protect yourself from it?
A Trojan Horse is a computer program that is attached to a genuine program / gets disguised as a genuine program to install a back-door to the user computer (enabling the attacker to take control of it) when the user runs this program. They can be found in updates, free softwares and even pirated MP3/Videos that you download from the Internet. In this article, let us look a little deeper into a Trojan Horse, how it works and what steps one can take to prevent them.
-
What is – MAC Address, MAC Filtering, MAC Spoofing
MAC Address or Media Access Control Address is the permanent address (or physical address) embedded in NIC (Network Interface Cards) and Wireless Adapters. In this article, we present a short introduction to MAC address, MAC filtering & MAC spoofing.
-
Why is an SSL Certificate required?
An SSL Certificate might be required mainly for two reasons - 1. To validate the identity of a website / portal using digital certificates; 2. Encrypt communications between server and browser (or) between two systems. SSL refers to Secure Socket Layer. Read on to find out the applications of SSL Certificates, Encryption methods used in SSL, How to identify if a website has implemented an SSL certificate & Purchasing an SSL Certificate.
-
What do you think of accessing blocked sites & hiding IP address using personal VPN services?
If you are a network admin, you might be aware of the various techniques used by students/ employees to gain access to blocked sites. Right from typing IP address instead of URL, using URL shortener's, using various proxy servers available on the Internet - various methods might be used. A paid personal VPN service is also being employed these days to access blocked sites and hide IP address. Let us read more about personal VPN Service, in this article.
-
What are Database Firewalls, why are they required & how do they protect databases?
Most of the front end applications rely on a back-end database (like MySQL, PostGRE SQL, etc) to fetch the required data while performing their tasks. Databases are no longer restricted to internal applications in a Local Area Network, as many web based applications rely on them. In this article, let us see what Database firewalls do, where they are deployed, how they protect database specific attacks and some best practices for securing Database servers. What are Database Firewalls? Database Firewalls are a type of Web Application Firewalls that monitor databases to identify and protect against database specific attacks that mostly seek to access sensitive information stored in the databases. Database…
-
What is a Web Application Firewall?
Web Application Firewalls are quite different from normal packet inspection firewalls because they primarily operate in the application layer identifying and protecting web based applications/ servers from specific application based vulnerabilities, over the Internet. Let us find out more about these web application firewalls, in this article.
-
DLP – Data Loss Prevention : What & How Data Loss is Prevented?
With so many ways/ devices to transfer data, it is becoming difficult for companies to track and prevent confidential documents/ files from being copied and sent to unwanted sources. But there are Comprehensive DLP solutions in the market which analyze endpoint, network and storage systems continuously to monitor for confidential data from being leaked out. What more, they can even prevent the transfer of confidential information. Is it even possible for monitoring all the various enterprise systems (including the Internet communications, USB drives, NAS boxes, etc) and identify that certain confidential information is being sent/ stored in them? The answer, is surprisingly ‘yes’. There are comprehensive DLP (Data Loss Prevention)…
-
Two Factor Authentication with USB Tokens
In this article, we'll see what is two factor authentication and how USB tokens enable two factor authentication. We'll look at the advantages, as well as innovations that some vendors have created with the USB tokens to achieve two factor authentication and more.
-
An Introduction to DDoS – Distributed Denial of Service attack
As you might have heard, the famous blogging service WordPress.com was recently unavailable for around an hour due to a huge Distributed Denial of Service attack carried out by many infected computers on the Internet. In this article, let us look at what a Distributed Denial of Service attack is, why it is hard to detect and mitigate, few types of DDoS attacks & some measures one can take to prevent/ mitigate them. What is DDoS – Distributed Denial of Service Attack? DDoS stands for Distributed Denial of Service attack. It is a form of attack where a lot of zombie computers (infected computers that are under the control of…
-
You can use OTP – One Time Password for stronger authentication
If your finance department personnel do quite a number of bank transfers/ financial transactions over the Internet (web portal) everyday, there is a chance that their user-names/passwords can be stolen and misused. So authenticating users with just their user-names and passwords are not secure enough, at least for such critical functions. With a One Time Password (OTP) system, you can authenticate users using passwords that keep changing (say every 90 seconds).
-
An illustration of DMZ : De-Militarized Zone in Computer Networking through Infographics
Well, this is not exactly Infographics! It is just an attempt to explain the basic concepts of DMZ – Demilitarized Zone (Computer Networking) through an image. These days, the web-servers and mail servers (which form the common components of DMZ) are mostly hosted in a cloud/ Data-Center environment. But a DMZ can be even used to host specific web-facing applications of an organization (Like web-based CRM, etc). Anyways, please refer to the below picture for a basic understanding of DMZ. excITingIP.com In case you want to add any additional points or have any questions, you could use the comment form below or contact us using the contact form. You could…
-
Subdivide your Physical Firewall into multiple Virtual Firewall instances
In bigger organizations and service providers, multiple Firewalls are routinely utilized for each department or class of subscribers as some of them require individual Firewall policies. And more importantly, they want to administer, monitor and manage their own Firewall in order to have a full control over the types of traffic traversing over their networks. Fortunately, some of today's Firewalls (Or UTMs - Unified Threat Management devices) allow subdividing a single high capacity Firewall in to multiple (Virtual) Firewall Instances.