Security Information and Review

Collection of security information and review

Basic Concept Domain Security Authority and Active Directory

Author : Admin

Domain concept in the Microsoft Windows was introduced by Microsoft in Windows NT technology such Windows NT 4.0, Windows 2000 and other Microsoft Windows based on NT. A domain defines as the first place a management boundary. It’s an administrative grouping of users, machines and resources that can be managed by the same domain administrator whereby a user may be granted access to a number of machines and resources with the use of a single username and password combination. It’s called single sign on ( SSO ). … continue reading : Basic Concept Domain Security Authority and Active Directory.

11 August 2009 at 14:58 - Comments

Windows Security Authority with Local Security Authority LSA

Author : Admin

In the Microsoft Windows operating system, there are two types of security authority : the local security authority and the domain security authority. In this discussion, we will explain Local Security Authority ( LSA ). Simple describe of Local Security Authority is a process in Microsoft Windows operating system that is responsible for enforcing the security policy on the system. The Local Security Authority will provides role in the authentication and authorization security process in the local machine, including the auditing policy, user logon, privileges and others rules of security policy. It also describes how to create and call authentication packages and security packages. … continue reading : Windows Security Authority with Local Security Authority LSA.

4 August 2009 at 01:10 - Comments

Step by Step to Combat Malicious Code Attacks

Author : Admin

In the previous discussion, overview, explanations and solutions malicious code, we already know the definition and types of malicious code and how to prevent this attack with simple solutions. In this discussion, we will discuss how step by step to combat malicious code attacks.

 

As Administrator or user, we should understand how basic steps contribute to the goal of countering malicious code attacks. See following list below for detail instructions how to combat malicious code. … continue reading : Step by Step to Combat Malicious Code Attacks.

3 August 2009 at 16:43 - Comments

Overview, Explainations and Solutions of Malicious Code

Author : Admin

In this discussion, we will provides an overview of malicious code and explain the basic principles of how malicious code works. Malicious code is simply one of an attacker tools to penetrate or disrupt systems. So, when a malicious code attack occurs, administrators will be focus on restoring operations as quickly as possible so that the loss of productivity and or other types of impact can be minimize.

 

If we understanding how malicious code works can help to develop defensive strategies, select the best security product such as antivirus program or firewall and train employees on how to identify potential threats. We will explain the various types of malicious code that have caused computer users problems in the past. … continue reading : Overview, Explainations and Solutions of Malicious Code.

3 August 2009 at 14:24 - Comments

Guidelines Basic Security Policy of the Web Services

Author : Admin

If we want to build an enterprise web application services, we should not only focus on the features but the most important is to create the availability and security of the web application services. We also must focus to make good overall web services security. Many people focus only on the security mechanisms to make web application more secure. Security mechanisms are only valuable if they are part of an overall security fabric that provides the level of protection both desired and thought to be in place. It’s important that an enterprise’s security policy be comprehensive and thorough. So, It’s developing good policies more important that must provide for enterprise’s security strategy. … continue reading : Guidelines Basic Security Policy of the Web Services.

25 July 2009 at 23:51 - Comments

Security Challenges of the Web Application Service

Author : Admin

An enterprise web application service, we can configure and use a web application services in many ways. See detail at Introduction and Guide How to Build Web Application Service, find more about many ways that can be used to provide web application services. In this discussion, we must give more attention about security of web application services. Each of ways to build web application services has unique security challenges. Whatever way we take to build web application services. … continue reading : Security Challenges of the Web Application Service.

25 July 2009 at 14:39 - Comments

Hardening Web Application Security with SSL

Author : Admin

These days, internet or world wide web is a network for everyone, with thousands of businesses, large and small. When data travels from one point of the internet to another, it goes through a number of computers such as router, gateways and others network devices and interception is a possibility at one of these nodes. So, we need a security protocol that ensures secured transactions between the customer’s web browser and the web server. It’s called SSL / TLS protocol, provides endpoint authentication and communications confidentiality over the internet using cryptography and designed to prevent eavesdropping, tampering and message forgery. … continue reading : Hardening Web Application Security with SSL.

23 July 2009 at 11:39 - Comments

The Guideline to Improve Web Application Security

Author : Admin

In the previous discussion, The Essential Guidelines for Securing Platform Web Application that there are two category in the web vulnerability. In this discussion we will discuss about how to create web application more secure, with high availability and stable. There are several things that must be considered to building web application more secure and stable. We will discuss more detail in this discussion.

 

If our application supports individual users, then record how users must authenticate to the application with some of the authenticate methods, such HTTP Basic, HTTP Digest, HTTP NTLM and Form Based. Keep in mind that challenge / response mechanisms do not protect passwords with 100 percent security. … continue reading : The Guideline to Improve Web Application Security.

19 July 2009 at 03:34 - Comments

The Essential Guidelines for Securing Platform Web Application

Author : Admin

In this discussion, we will discuss about how to a make secure web application. As we know, there are two categories into which web vulnerabilities, the platform of web server and web application itself. The first category contain vulnerabilities within the platform of web server such Linux, MS Windows, Apache, IIS, MySQL, MS SQL, Oracle and others. The other category is web application itself such programming errors, enable malicious code and an attacker to execute arbitrary database query and others type of the web application vulnerabilities. … continue reading : The Essential Guidelines for Securing Platform Web Application.

19 July 2009 at 02:28 - Comments

Virtualmin Multiple Vulnerabilities

Author : Admin

Virtualmin is one of the famous web hosting management or web server control panel based on Webmin. It’s offers a wide array of productivity enhancing tools for hosting providers, web developers, web designers and end users. With Virtualmin, we can manage our virtual domains, mailboxes, databases, application and entire server resources from one comprehensive interface.

In July 14, 2009, Filip Palian has discovered multiple vulnerabilities, such unprivileged port use, cross side scripting / xss, anonymous proxy, information disclousure and symlink attacks. … continue reading : Virtualmin Multiple Vulnerabilities.

15 July 2009 at 16:30 - Comments