Technologies and tools for safer networks
Is your data safe? Are your borders protected? This month we examine some expert techniques for building more secure networks.
Real admins think about security all the time, and even if you're a casual user, it pays to know what the intruders know. Services that once were safe are now wide open unless you keep current with the changing times. This month, we examine some security strategies from the experts.
We start with a study on how to protect Voice over IP (VoIP) networks from eavesdroppers and other intruders. You'll learn about some of the encryption technologies available with VoIP and get some practical tips on isolating and protecting voice communications.
Next we'll examine the state of wireless network security. We'll present some strategies for how to make the best of a WEP network, and we'll show you how to maximize the security of later protocols such as WPA and WPA2.
Our next article describes how to use one-time passwords to add two-factor authentication to a secure website. You'll learn about the OTPauth PHP library, and we'll provide a detailed example showing how to set up your own online one-time password system.
The last article in this month's cover set looks at hping, a handy tool for creating test packets to explore intrusion scenarios and check the functionality of firewalls. But that's not all. If you're still looking for more inspired reading on security, turn to our Sysadmin section for an interesting case study on how to hack NFS 3.
You'll never have the perfect network or the perfect tools – the world of network security is changing all the time – and since you can never really pin it down, maybe the best strategy is to read on …
Buy this article as PDF
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.