CISSP Fix

Firewall is used to protect the network from external attacks by hackers. Firewall prevents direct communication between computers in the network and the external computers, through the Internet. Instead, all communication is done through a proxy server, outside the organization s network, which decides whether or not it is safe to let a file pass through. The term firewall now denotes a component or set of components that restrict access, protects, and filters the content passing through a protected network from the Internet. Firewalls can protect a network by screening out harmful files or data from within or outside and prevent its clients from accessing prohibited or harmful websites. The use of a firewall on a router is possible. A number of different router brands or designs like the CISCO collection of routers have options on setting up a basic firewall. A router is a device that diverts or routes information along a specified network.

Security5 is an entry level professional certification for individuals interested in learning computer networking and security basics. This certification program insures an individual’s competency in basic security matters, such as the definitions and the safe implementation of Firewalls, ports, and Anti-virus software. The 5 in the Program name indicates the five components of IT Security, as defined by EC-Council:

• Intrusion Detection System (IDS)
• Firewalls
• Anti-Virus
• Networking
• Web Security

The field of information security has grown and evolved significantly in recent years. As a career choice, there are many ways of gaining entry into the field. It offers many areas for specialization including: securing networks and allied infrastructure, securing applications and databases, security testing, information systems auditing, business continuity planning, and digital forensics science, to name a few.

Information security professionals are the individuals who restrict the unauthorized access of information and resources. The field of information security has grown and evolved significantly in recent years. As a career choice, there are many ways of gaining entry into the field. It offers many areas for specialization including: securing networks and allied infrastructure, securing applications and databases, security testing, information systems auditing, business continuity planning, and digital forensics science, to name a few.

Ettercap is a Unix and Windows tool for computer network protocol analysis and security auditing. It is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of common protocols. It is a free open source software. Ettercap supports active and passive dissection of many protocols (including ciphered ones) and provides many features for network and host analysis.

Ettercap can be downloaded from the following link: http://ettercap.sourceforge.net/download.php

I was wondering from last couple of months with the tools and techniques used to perform penetration testing. So I thought my fellow readers also might be wondering with this tiedious task too. Finally I have decided to post about most helpful and comprehensive tools used in this process.

Starting with the Netcat. Please comment on this idea. Is it helpful? or need to do something else. New more things to come, just wait and watch.

NetCat:

Cryptographic attacks are methods of evading the security of a cryptographic system by finding weaknesses in such areas as the code, cipher, cryptographic protocol or key management scheme in the cryptographic algorithm. The following are the cryptographic attacks usually performed by an attacker: Known plaintext attack: In a known plaintext attack, an attacker should have both the plaintext and…copy of it with the encrypted data. This is used to find patterns in the cryptographic output that might uncover a vulnerability or reveal a cryptographic key.Chosen ciphertext attack: In this type of attack, an attacker can choose the ciphertext to be decrypted and can then analyze the plaintext output of the event. The early versions of RSA used in SSL were actually vulnerable to this attack.

Wireless networks today are the real needs of the business and technology world as it provides the interconnection between computers without any wires. The bottleneck of location and wires ,costs are all eliminated by the wireless technology. The wireless network setup concept is very much similar to that of a wired network where instead of the wires only wirelessly connections are made through wave spectrum.

It is a fairly simple setup. The Internet connection comes in from your provider and is connected to a wireless access point or router which broadcasts the signal. You connect wireless antenna network cards to your computers to receive that signal and talk back to the wireless access point and you are in business.

WHOIS is a famous protocol chiefly used for database query to determine the information of Internet resources like domain name, IP address, or any autonomous address. WHOIS lookup is basically performed with command user interface. Many web-based tools are available to perform WHOIS query. This service is usually communicated using the Transmission Control Protocol (TCP). Server listens to the request on the port number 43. The WHOIS system is originally developed for the system administrator to acquire contact information for different IP address or domain name administrators. Now a days WHOIS lookup query evolved into various different important aspects, including:

What is MD5?

Is CISSP certification is easy?

This is pretty controversial topic, some people think that it is easy but most of the people find it real hard. You should have experience of at least 3 years in IT security before you apply for the exam. You are required to come up with an extremely wide area of IT security such as physical security, very few people will have any experience in. And you will be expected to do enough reading and studying to get through CISSP certification exam: 250 questions to be answered in 6 hours. Hard to keep upwith much fun.