• Data vs. perimeter vs. network security

    A short time ago, author Wes Noonan wrote some tips for SearchWindowsSecurity.com about deperimeterization. He explained how security is always pitted against business needs, and perimeters have become porous because businesses require traffic from SMTP, HTTP or VPNs to pass through the firewall....

    RobynLorusso230 pointsBadges:
  • Shouldn’t a person just RSA-encrypt the entire document?

    After doing some research on Security, I've finally figured out how to verify if an email / document was actually sent by the "sender". Here's the process I've figured out:The sender gives their public RSA key to the recipient.The sender also uses SHA1 to hash the document.Then he uses his private...

    ITKE352,565 pointsBadges:
  • Is there really a security advantage when it comes to spittling a password?

    I've been reading more and more about the LANMAN (LM) hash and I'm having trouble understanding some of the concepts. Is there really any security advantage when it comes to splitting a password, encrypting the two halves separately, and combining the halves to form one hash? Or is it just more of...

    ITKE352,565 pointsBadges:
  • User circumventing security

    We have a rogue user who knows more than she should. She can grant herself and other users the authority to access files that are supposed to be secured. Does anyone know of how we can monitor her activity or go back and review what she has done or anything that we can do. We think she may be using...

    Mouse3330 pointsBadges:
  • RSA: Doing a dictionary attack

    In my understanding of learning "Security", I'm looking to learn more about how RSA works. Here's my basic understanding of RSA:Having the public key allows you to encrypt things. Encrypting the same message "Hello" on two different computers using the same public key will produce the same...

    ITKE352,565 pointsBadges:
  • How secure is Identity-Based encryption?

    Over the past several years, I was always taught to never create my own crypto algorithm. But now I'm looking into Voltage SecureMail (which does use identity-based encryption) and I think I'm way over my head in trying to figure out the quality of the system.If you've used Voltage before, I'm...

    ITKE352,565 pointsBadges:
  • Are our powerline adapters secure?

    Our company is using 2 Zyxel PLA407 powerline adapters. We currently have one router downstairs that's connected to one adapter. The other is located upstairs (currently 30 feet away connected to a desktop). We've recently noticed that the speed is much faster when you just plugin, rather than...

    ITKE352,565 pointsBadges:
  • Security: How does a crypter actually work?

    I'm studying to become a security expert and I've recently come across the idea of a "crypter". I'm talking about how these crypters encrypt files (such as viruses and keyloggers) so they can bypass antivirus detection. But I'm curious on how they actually work. Can someone help me with a brief...

    ITKE352,565 pointsBadges:
  • Why does encryption take longer than decryption?

    Why does it take longer for a system to process encryption than decryption? That seems to be the case from my experience using AES. I would think the act of decrypting files would take much longer.

    ITKE352,565 pointsBadges:
  • Can I use off-the-record style encryption for my emails?

    I'm new to the security world but I know that instant messaging uses "off-the-record" encryption (which means that a user would get authentication, encryption and forward deniability). But for my email, all we use is GPG/PGP, which offers authentication and encryption but doesn't allow forward...

    ITKE352,565 pointsBadges:
  • Encryption: Using a static IV

    A part of our team has had to extend our website to try to communicate user credentials for a suppliers website. We're using a 256-bit key but they're using a static IV for decrypting the information. We've advised them not to use static because it's an a security risk. But we want to know how big...

    ITKE352,565 pointsBadges:
  • Why use 256 bit encryption instead of 128 bit?

    Why is that 256 bit encryption has become so popular? Isn't 128 bit security enough for most applications?

    ITKE352,565 pointsBadges:
  • Intercepting two-factor authentication (SMS)

    I'm trying to learn more about "IT Security" and I've come across two-factor authentication. I understand two-factor authentication mechanisms use SMS to deliver single-use passphrase to the user. But how secure is it? Is it hard to intercept the SMS message containing the passphrase? Do mobile...

    ITKE352,565 pointsBadges:
  • Password encryption: WEP, WPA and WPA2

    I'm pretty much a beginner when it comes to security but I do know that there are pretty much three different methods when it comes to Wi-Fi security: WEP, WPA and WPA2. My question is this: Does one method have better "strength" when it comes password encryption? Or are they pretty much all the...

    ITKE352,565 pointsBadges:
  • How do I find out what type of encryption is being used?

    I am testing a web application which stores the password in the database in an encrypted format. How do I determine what hashing or encryption is being used?

    ITKE352,565 pointsBadges:
  • Would versioning a file make it less secure?

    I'm using KeePassX as a password manager, and I've stored a KDB file in a Sparkleshare folder to back it up / sync with other devices.But just as a question (with the file being encrypted) if someone stole the file, they would several different versions of the file with minor variations. Would that...

    ITKE352,565 pointsBadges:
  • S/MIME and PGP: How do they differ?

    This is more of a general question but is S/MIME an abstracted system for MIME type encryption (Just as PGP is used more for email)? Why should I choose one over the other? Is it possible both could be used at the same time?

    ITKE352,565 pointsBadges:
  • Corporate laptop security/encryption

    Please can anyone offer any guidance or know what are the best products in the market place for encrypting/securing corporate laptops, preferably the solution should include hard disk wiping.

    Troubleshooter24755 pointsBadges:
  • How to Encrypt a Column in sql server 2000/2005

    How to Encrypt a Column in SQL Server 2000/2005 i.e I need something like this: @OriginalValue = 'Original Value' @EncryptedValue @Key int set @Key = '123#$2hj$dfgh*67kjugd45j45s4agd' --any unique key value for encrypting and decrypting set @EncryptedValue = fn_Encrypt(@OriginalValue, @Key) insert...

    Dot net lerner5 pointsBadges:
  • Unknown Threats

    Apart from honeypots, what are the different methods to find unknown threats which are prevalent? How do I find methods to mitigate them. PS: all the vulnerabilities are known to all the n/w administrators and then can take measures to mitigate attacks but this doesn't happen..Hackers are at least...

    Czarleo0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following