Comments for Secure Today http://www.securetoday.net Protecting your own for the future Sat, 17 Jul 2010 04:12:12 -0600 http://wordpress.org/?v=2.9.2 hourly 1 Comment on Understanding PHARMING by Rogue Spyware http://www.securetoday.net/2009/03/understanding-pharming/comment-page-1/#comment-44 Rogue Spyware Sat, 17 Jul 2010 04:12:12 +0000 http://www.securetoday.net/?p=66#comment-44 Wow, wall of sheep.. not heard this term. Good info. Built in website checker is a huge heads up I recommend. Wow, wall of sheep.. not heard this term. Good info. Built in website checker is a huge heads up I recommend.

]]> Comment on How to avoid rogue security software by Hogan http://www.securetoday.net/2010/02/how-to-avoid-rogue-security-software/comment-page-1/#comment-43 Hogan Sun, 27 Jun 2010 19:24:38 +0000 http://www.securetoday.net/?p=199#comment-43 <i>Usually, most of users wouldn’t even take a look at the valid security updates coming in their way (Might see this happening even in the corporate world No comments on that for now). And some users are even more wonderful that they keep continuing to hit the next & next, or go, or download, or just enable any options that they viewand start yelling at the system that its Slow, later something went wrong – Boom ~ the only thing that they do now is, to call the technicians and say “Fix it”. In such cases, applying security features would be really possible, Tuff, or Hard (:</i> +1 Usually, most of users wouldn’t even take a look at the valid security updates coming in their way (Might see this happening even in the corporate world No comments on that for now). And some users are even more wonderful that they keep continuing to hit the next & next, or go, or download, or just enable any options that they viewand start yelling at the system that its Slow, later something went wrong – Boom ~ the only thing that they do now is, to call the technicians and say “Fix it”. In such cases, applying security features would be really possible, Tuff, or Hard (:
+1

]]> Comment on How to avoid rogue security software by Angel...... On board. http://www.securetoday.net/2010/02/how-to-avoid-rogue-security-software/comment-page-1/#comment-41 Angel...... On board. Thu, 04 Mar 2010 22:12:15 +0000 http://www.securetoday.net/?p=199#comment-41 In the present world, almost everything is depended on Technology, Automation and so on. Computers have become just a basic one & there is less human intervention. But yet the major proportion of the users who are using them are not really techies & most of them are not even bothered to know about what would happen "if" the X factor happens. Usually, most of users wouldn't even take a look at the valid security updates coming in their way (Might see this happening even in the corporate world :) No comments on that for now). And some users are even more wonderful that they keep continuing to hit the next & next, or go, or download, or just enable any options that they viewand start yelling at the system that its Slow, later something went wrong - Boom ~ the only thing that they do now is, to call the technicians and say "Fix it". In such cases, applying security features would be really possible, Tuff, or Hard (: During this kind of a situation, is there any good option that may be enabled on the system level (built in) to prevent users from accessing specific links or sites that is malicious. (Without any external softwares or additional boxes). Of course, we might not have 100% security without putting additional stuffs into it. In general, to use the basic system with maximum level of security on it. Ideas shared would probably be helpful for the Tiny organizations or end-users. Thank you Everyone !!!!!! In the present world, almost everything is depended on Technology, Automation and so on. Computers have become just a basic one & there is less human intervention. But yet the major proportion of the users who are using them are not really techies & most of them are not even bothered to know about what would happen “if” the X factor happens.

Usually, most of users wouldn’t even take a look at the valid security updates coming in their way (Might see this happening even in the corporate world :) No comments on that for now). And some users are even more wonderful that they keep continuing to hit the next & next, or go, or download, or just enable any options that they viewand start yelling at the system that its Slow, later something went wrong – Boom ~ the only thing that they do now is, to call the technicians and say “Fix it”. In such cases, applying security features would be really possible, Tuff, or Hard (:

During this kind of a situation, is there any good option that may be enabled on the system level (built in) to prevent users from accessing specific links or sites that is malicious. (Without any external softwares or additional boxes).

Of course, we might not have 100% security without putting additional stuffs into it. In general, to use the basic system with maximum level of security on it.

Ideas shared would probably be helpful for the Tiny organizations or end-users.

Thank you Everyone !!!!!!

]]> Comment on Secure your PASSWORD by Angel http://www.securetoday.net/2009/02/secure-your-password/comment-page-1/#comment-40 Angel Sat, 20 Feb 2010 14:43:45 +0000 http://www.securetoday.net/?p=57#comment-40 Thank you.. That's good ! Thank you.. That’s good !

]]> Comment on Secure your PASSWORD by Rex http://www.securetoday.net/2009/02/secure-your-password/comment-page-1/#comment-38 Rex Wed, 17 Feb 2010 20:38:09 +0000 http://www.securetoday.net/?p=57#comment-38 Very true, all passwords will eventually be cracked. It is just a matter of time. So the password itself is no longer what we need to focus on now. But "time". The more complicated it is, the longer it will take for someone to crack it. Resetting or changing it often is a very good practice. This is also "time" driven as you are giving the cracker no time to figure out the correct password. Tokens are very good complements of passwords. Using a time- or challenged-based tokens appended to your existing password makes it harder for the password to be cracked. Because even though they have figured out your actual password, if they don't have the token to generate additional randomness, it is still an invalid password to the system. Very true, all passwords will eventually be cracked. It is just a matter of time. So the password itself is no longer what we need to focus on now. But “time”. The more complicated it is, the longer it will take for someone to crack it. Resetting or changing it often is a very good practice. This is also “time” driven as you are giving the cracker no time to figure out the correct password. Tokens are very good complements of passwords. Using a time- or challenged-based tokens appended to your existing password makes it harder for the password to be cracked. Because even though they have figured out your actual password, if they don’t have the token to generate additional randomness, it is still an invalid password to the system.

]]> Comment on Secure your PASSWORD by Angel http://www.securetoday.net/2009/02/secure-your-password/comment-page-1/#comment-36 Angel Sun, 14 Feb 2010 20:19:03 +0000 http://www.securetoday.net/?p=57#comment-36 Any kind of passwords, no matter how complex it is [with alpha, alpha numeric, alpha number + special characters] it can be cracked using brute force technique. So what would be your best advise to protect the passwords - Is resetting pwd frequently the only solution or what according to you is the best ? Any kind of passwords, no matter how complex it is [with alpha, alpha numeric, alpha number + special characters] it can be cracked using brute force technique. So what would be your best advise to protect the passwords – Is resetting pwd frequently the only solution or what according to you is the best ?

]]> Comment on MS Patch released: MS10-002 IE 0-day by Angel http://www.securetoday.net/2010/01/ms-patch-released-aurora-ms100-02/comment-page-1/#comment-35 Angel Sat, 23 Jan 2010 13:46:40 +0000 http://www.securetoday.net/?p=178#comment-35 Good information on the recent threat IE 0-day. Thank you Good information on the recent threat IE 0-day. Thank you

]]> Comment on Secure your PASSWORD by Petrie P. http://www.securetoday.net/2009/02/secure-your-password/comment-page-1/#comment-6 Petrie P. Sun, 19 Jul 2009 18:45:38 +0000 http://www.securetoday.net/?p=57#comment-6 Thanks for this. It's informative. Thanks for this. It’s informative.

]]> Comment on Welcome to SecureToday.net by Ganesh http://www.securetoday.net/2008/10/welcome/comment-page-1/#comment-5 Ganesh Sat, 18 Jul 2009 03:19:47 +0000 http://www.securetoday.net/?p=1#comment-5 Hi Rex /Anand Really its seems to good site to get new information about security ...You people rocks ...We are waiting for more... Ganesh Hi Rex /Anand

Really its seems to good site to get new information about security …You people rocks …We are waiting for more…

Ganesh

]]> Comment on Secure your PASSWORD by Zarex dela Cruz http://www.securetoday.net/2009/02/secure-your-password/comment-page-1/#comment-4 Zarex dela Cruz Tue, 14 Jul 2009 21:22:41 +0000 http://www.securetoday.net/?p=57#comment-4 One of the countermeasure I failed to include for security professionals in their corporate world is the implementation of "clipping level", where you set the threshold for invalid failed login attempts. This will counter any dictionary or brute-force attacks. On the contrary, accounts that exceeds these thresholds set will disable their account, which is an availability issue. Something you need to look into. One of the countermeasure I failed to include for security professionals in their corporate world is the implementation of “clipping level”, where you set the threshold for invalid failed login attempts. This will counter any dictionary or brute-force attacks. On the contrary, accounts that exceeds these thresholds set will disable their account, which is an availability issue. Something you need to look into.

]]>