Network_Security_Hakin9_02_2011.pdf

(5767 KB) Pobierz
433286828 UNPDF
433286828.009.png
PRACTICAL PROTECTION IT SECURITY MAGAZINE
02/2011 (37)
team
Dear Readers,
We always try to meet your expectations and follow the
most recent issues in the IT security field. Based on the
most popular discussions among IT security experts and the
results of the survey on our website, we decided that network
security would be one of the most appreciated topics.
In this issue you will find several topics with a strong focus
on network security. Our ID fraud expert – Julian Evans talks
about network security in terms of data breaches with an
emphasis on protecting our personal and financial information.
Matt Jonkman warns you about the so called 100% secure
products. In the Defense section Mohsen shows you how to
scan your network using Nmap.
I would also recommend you to take a look at the article
about data security on Blackberry devices by Yury Chemerkin.
You will find an introduction to Blackberry and its security
aspect in Basic section.
We have also prepared some useful info on certifications,
since it has become a must-have for all who wants to be in the
IT security field.
Editor in Chief: Karolina Lesińska
karolina.lesinska@hakin9.org
Editorial Advisory Board: Matt Jonkman, Rebecca Wynn,
Steve Lape, Shyaam Sundhar, Donald Iverson, Michael Munt
DTP: Ireneusz Pogroszewski
Art Director: Ireneusz Pogroszewski
ireneusz.pogroszewski@software.com.pl
Proofreaders: Allan Konar, Michael Munt
Top Betatesters: Rebecca Wynn, Bob Folden, Shyaam Sundhar,
Steve Hodge, Nick Baronian.
Special Thanks to the Beta testers and Proofreaders who helped
us with this issue. Without their assistance there would not be a
Hakin9 magazine.
Senior Consultant/Publisher: Paweł Marciniak
CEO: Ewa Łozowicka
ewa.lozowicka@software.com.pl
Enjoy your reading
Editor in Chief: Karolina Lesińska
Editor-in-Chief
Production Director: Andrzej Kuca
andrzej.kuca@hakin9.org
Marketing Director: Karolina Lesińska
karolina.lesinska@hakin9.org
Subscription: Iwona Brzezik
Email: iwona.brzezik@software.com.pl
Publisher: Software Press Sp. z o.o. SK
02-682 Warszawa, ul. Bokserska 1
Phone: 1 917 338 3631
www.hakin9.org/en
REGULARS
6 in Brief
Latest News From the IT Security World
Armando Romeo, eLearnSecurity
ID Theft Protect
Whilst every effort has been made to ensure the high quality of
the magazine, the editors make no warranty, express or implied,
concerning the results of content usage.
All trade marks presented in the magazine were used only for
informative purposes.
8 Tools
Wuala – Secure Online Storage
by Michael Munt
All rights to trade marks presented in the magazine are
reserved by the companies which own them.
To create graphs and diagrams we used program
by
9 Book review
A Beginners Guide to Ethical Hacking
by Shyaam Sundhar
The editors use automatic DTP system
Mathematical formulas created by Design Science MathType™
DISCLAIMER!
The techniques described in our articles may only
be used in private, local networks. The editors
hold no responsibility for misuse of the presented
techniques or consequent data loss.
36 ID fraud expert says...
Network Security – Data Breaches
by Julian Evans
40 Emerging Threats
What is Good Enough Coverage?
by Matthew Jonkman
4
02/2011
4
433286828.012.png 433286828.001.png 433286828.002.png 433286828.003.png 433286828.004.png 433286828.005.png 433286828.006.png
 
CONTENTS
BASICS
10 A Security System That Changed The World
by Yury Chemerkin
it’s over integrity is an issue of superior business cycle model to any
commercial or government organization.
ATTACK
Armitage
by Raphael Mudge
IT professionals have a dated image of hacking. Many picture the process as
running nmap, finding an exploit, and running it to compromise a server. This
romantic scenario was alive around 2003, but it has since gone out of style.
by Rich Hoggan
There’s no way around it, cryptography is an aspect of our digital lives
that’s becoming more and more prevalent. It’s because we interact in a vast
social network that is the internet.
DEFENSE
22 Is Data Secure on the Password Protected
Blackberry Device?
by Yury Chemerkin
protect their private data. There are, however, several ways to steal a lot of
information in spite of the fact that device locked by password. These ideas
are not complicated to first-time malware developer.
Scanning?
by Mohsen Mostafa Jokar
Network scanning is an important part of network security that any system
administrator must be comfortable with. Network scanning usally consists
of a port scanner and vulnerability scanner.
CERTIFICATIONS
by Alexandre Teixeira
Do you remember the time when you used to read a lot of underground e-
zines? How many years of professional experience do you have? These
really count. Enhance your skill set by challenging this certification exam!
48 Certification Smart?
by Douglas Chick
the next best thing is a computer certification.
www.hakin9.org/en
55
433286828.007.png 433286828.008.png
 
Zgłoś jeśli naruszono regulamin