Home / IT Security / Security+

Security+

Passwords and Physical Security

Passwords and Physical Security

Passwords and Physical Security: Passwords are perhaps one of the best primary lines of defense for an environment. Although not commonly thought of as a protective measure for physical intrusions, they do indeed fulfill this purpose. However, the downside is that unless passwords are carefully and thoughtfully implemented they tend …

Read More »

What is Enumeration?

What is Enumeration?

What is Enumeration: Enumeration is the process of extracting information from a target system to determine more of the configuration and environment present. In many cases it is possible to extract information such as usernames, machine names, shares, and services from a system as well as other information, depending on …

Read More »

Commonly Exploited Services

Commonly Exploited Services

Commonly Exploited Services: The Windows OS is popular with both users and attackers for various reasons, but for now let’s focus on attackers and what they exploit. Windows has long been known for running number services by default, each of which opens up a can of worms for a defender …

Read More »

Services and Ports of Interest

Services and Ports of Interest

Services and Ports of Interest: As we wade into the enumeration phase, let’s make sure you understand more details about ports. You should expect during your scanning phase to uncover a number of ports, some of which may be useful to you for enumeration and other less so. Here are …

Read More »

Understanding the Steps of Ethical Hacking

Understanding the Steps of Ethical Hacking

Understanding the Steps of Ethical Hacking: For an overview of the process, let’s look at the steps of ethical hacking to see where Footprinting fits in as well as what future phases hold. Phase 1: Footprinting Footprinting is the first phase of the ethical hacking process and is the subject …

Read More »

So, What is an Ethical Hacker?

So, What is an Ethical Hacker?

What is an Ethical Hacker: When you explore this blog and the tools it has to offer, you are learning the skills of the hacker. But we can’t leave it at that, because you need to be an ethical hacker, so let’s explore what that means. Ethical hackers are employed …

Read More »

Competitive Analysis

Competitive Analysis

Competitive Analysis: We have covered some great tools so far, but there is another way of gathering useful data that may not seem as obvious; Competitive Analysis. The report created through competitive analysis provides information such as product information, project data, financial status, and in some cases intellectual property. Good …

Read More »

Complying with Privacy and Security Regulations

Complying with Privacy and Security Regulations

Complying with Privacy and Security Regulations: An organization’s security management policies don’t exist in a vacuum. Regulatory and governmental agencies are key components of a security management policy. These agencies have made large improvements over the last several years to ensure the privacy of information; several laws have been passed …

Read More »

Typo Squatting and URL Hijacking

Typo Squatting and URL Hijacking

Typo Squatting and URL Hijacking: Typo squatting (also spelled typosquatting) and URL hijacking are the one and the same. Difficult to describe as an attack, this is the act of registering domain that are similar to those for known entity but based on a misspelling or typographical error. As an …

Read More »