The Rainbow Books are a set of Department of Defense documents on computer security. The Rainbow Books are called that because each book is bound in brightly colored paper. Orange Book DoD 5200.28-STD Department of Defense Trusted Computer System Evaluation Criteria. Green Book CSC-STD-002-85 Department of Defense Password Management Guideline. Yellow Book CSC-STD-003-85 Computer Security Requirements — Guidance for Applying the Department of Defense Trusted Computer System Evaluation Criteria in Specific Environments. Yellow Book CSC-STD-004-85 Technical Rationale Behind CSC-STD-003-85: Computer Security Requirements. Guidance for Applying the Department of Defense Trusted Read More

Just about anyone that gets online is at risk. Online security threats are one of the biggest challenges on the Internet today. The problem is that the people that want to attack your computer and the computers of the people that you know don't create difficult methods to create problems, instead they focus on common failures that will give them access. When those that get on the Internet know how these attacks take place, these attacks can be lessened and even prevented in most cases. The best thing you can Read More

A port scanner is a program which attempts to connect to a list or range of TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) ports on a list or range of IP addresses. Port scanners are used for network mapping and for network security assessments. The first decision to make when running a port scanner is to determine the network range you want to scan. This could be a single IP address, a list of IP addresses, or a range of IP addresses. The second decision is to determine Read More

IP address spoofing denotes the action of generating IP packets with fake source IP addresses in order to impersonate other systems or to protect the identity of the sender. Spoofing can also refer to forging or using fake headers on emails or netnews to – again – protect the identity of the sender and to mislead the receiver or the network as to the origin and validity of sent data. Basics of IP Address Spoofing The Internet Protocol or IP is the fundamental protocol for sending/receiving data over computer networks Read More

LDAP (Lightweight Directory Access Protocol) is a protocol for communications between LDAP servers and LDAP clients. LDAP servers store "directories" which are access by LDAP clients. LDAP is called lightweight because it is a smaller and easier protocol which was derived from the X.500 DAP (Directory Access Protocol) defined in the OSI network protocol stack. LDAP servers store a hierarchical directory of information. In LDAP parlance, a fully-qualified name for a directory entry is called a Distinguished Name. Unlike DNS (Domain Name Service) FQDN's (Fully Qualified Domain Names), LDAP DN's Read More

In most cases, disabling the firewall on a Netgear router is a really bad idea. In fact, it is such a bad idea that Netgear does not even make a button in their GUI that does this. Nevertheless, users can effectively disable a Netgear router firewall just by adding a rule or two to the firewall configuration. Netgear Router Firewall Default Rules Netgear devices with firewalls have two default rules: Outbound Services: Allow all access from the inside to the outside. Inbound Services: Block all access from the outside to Read More

Honey monkeys are a new way of detecting malicious codes from websites that try to exploit certain vulnerabilities of Internet browsers. The honey monkey system works as an automated web/internet patrol system that is designed to detect harmful materials in the Internet, to be able to come up with solutions, and to catch the people behind these malicious acts. A Honey monkey is actually a virtual computer system that works by logging on to websites just like a normal computer system or personal computer does. However, it is actually a Read More

An Intrusion Detection System (IDS) is a system for detecting misuse of network or computer resources. An IDS will have a number of sensors it utilizes to detect intrusions. Example sensors may be: A sensor to monitor TCP connection requests. Log file monitors. File integrity checkers. The IDS system is responsible for collecting data from it's sensors and analyzing this data to give the security administrator notice of malicious activity on the network. IDS technologies are commonly divided into NIDS (Network Intrusion Detection Systems) and HIDS (Host Intrusion Detection Systems). Read More

Port forwarding, also known as tunneling, is basically forwarding a network port from one node to the other. This forwarding technique allows an outside user to access a certain port (in a LAN) through a NAT (network address translation) enabled router. Advantages of Port Forwarding Port forwarding basically allows an outside computer to connect to a computer in a private local area network. Some commonly done port forwarding includes forwarding port 21 for FTP access, and forwarding port 80 for web servers. To achieve such results, operating systems like the Read More

AAA (Authentication, Authorization, and Accounting) is a model for access control. Authentication Authentication is proving who you are. Authentication answers the question Who is this person? Authentication is the first component of the AAA (Authentication, Authorization, and Accounting) model for access control. Authentication must precede Authorization, because you must prove who you are before the identity management system can determine what you are authorized to do. Authentication is traditionally accomplished using passwords. More secure authentication technologies include two factor authentication and biometrics. Authorization Authorization is defining what you are allowed Read More