Storage News
Security News
Networking News 
FREE NEWSLETTERS
search
 

internet.commerce
Be a Commerce Partner
Condos For Sale
T-Shirts
PDA Phones & Cases
Promotional Pens
Corporate Gifts
Online Degrees
Mortgage Refinance
Health Insurance
Pens
New Car Prices
Promotional Gifts
Computer Deals
Economy Server Racks
Price Search

internet.com
Developer
International
Internet Lists
Internet News
Internet Resources
IT
Linux/Open Source
Personal Technology
Small Business
Windows Technology
xSP Resources
Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers


Whitepaper: Top Five Instant Messaging Security Risks for 2006
Though widely adopted, IM is generally unprotected and unmonitored in consumer and enterprise environments, leaving it vulnerable to attacks and exploits. These attacks have grown exponentially over the past three years, increasing the need for real-time threat response for IM and peer-to-peer (P2P) applications. >>
 
Whitepaper: E-Mail Discovery–Worst Case Scenarios Versus Best Practices
Searching through volumes of back-up tapes for requested e-mails is costly and time-consuming, with no guarantee that all the requested records will be recoverable. Veritas Enterprise Vault, now from Symantec, enables organizations to implement automated, policy-based archiving of e-mail and related files to a fully indexed, searchable online archive. >>
 
Article: Message Retention and Archiving Boost Data Collection, Discovery, and Corporate Governance Initiatives
Internal policies, industry regulations, & the impending risk of litigation involving the discovery of e-mail should have businesses thinking about a messaging retention & archiving solution sooner than later. Learn how one of the largest general contractors in CA solved the problem. >>
 
Whitepaper: Best Practices for Instant Messaging Archiving & Compliance
Many organizations have adopted IM as a core component of their messaging infrastructure with upwards of 85 percent of all organizations citing IM use. As usage spreads within organizations, the need for the enforcement of corporate policies has increased. >>
 
Whitepaper: Using Backup and Archiving Technology to Meet Compliance Objectives
Along with an increasing amount of information to store, enterprises are subject to a number of data retention requirements. Backup and archiving solutions can help address these challenges. They will even help you remain flexible for future developments and changes, such as the next generation of regulations and policies that are sure to come along. >>
For more whitepapers, webcasts, articles, and resources on data archiving and storage management, click here.

Security Products
 Campus Manager (Bradford Networks)
 Informant (RippleTech, Inc)
 AppRadar (Application Security, Inc)
 SecurSurf (SecurStar GmbH)
 PrivacyPost (Privacy Networks)
 Install-Block (Bash Software)

Security features



FREE 30-day trial of WS_FTP Server! Powerful security. Granular file access control. Event driven automation. Best-in-class performance. HIPAA & SOX compliant. No special training required!

AntiOnline Spotlight: Hardening the Windows TCP/IP Stack
February 25, 2005

If you're running a Windows-heavy IT department, you have undoubtedly endured countless ribbings from your open-source enthusiast friends. Linux, by virtue of its "for all to see" underpinnings, is so secure, flexible, extensible, blah, blah, blah...

Don't let those Linux-savvy colleagues hold it over your head. You can configure a nearly impenetrable Windows server, even without access to the kernel.

All it takes is a registry editor.

In this tutorial from newcomer guardian alpha, Windows admins will learn how to dive into the registry and harden the operating system's TCP/IP stack to make it immune to SYN-based floods and DoS attacks.

A word of caution before you dive in: backup your registry! Now, with that out of the way, it's time to get started...


Note: The opinions expressed below are solely those of the individual posters on the AntiOnline forums.

This Week's Spotlight Thread:
Hardening the Windows TCP/IP Stack

guardian alpha provides some background:

...after reading proper white-page documentation and experimentation you learn that you can alter the Windows kernel just like Linux/BSD kernel module configuration files. Through vi'ing .config scripts to pico'ing module options, the Linux kernel has shown an amazing ability to become continually flexible in terms of usability and security.

And while not as well documented, Windows allows you a very similar level of security flexibility. How? The Registry. While many scoff and stomp at the thought of having to sort and filter through what many see as a Byzantine maze, the Windows registry can be likened to a combination of the kernel module configuration tree and /etc combined. In other words, it has the capability to control both kernel usability and 3rd party program configurations, all within nice and neat little cubbyholes.

You might be itching to get started but the following warning deserves your attention:
Note: Editing the registry always involves a certain amount of risk involved, especially if you typo a new key. I've done my best to ensure that these work without a hitch, but backup your registry before making any changes to your registry! You can back up the registry by going into your start menu, choosing 'Run..', entering the program name: regedit.exe, highlighting the My Computer field on the left-side pane, and then doing the File menu, followed by Export. Save it to a floppy, email it to an address you can reach later. But make sure you've backed it up!
Now it's time to get our hands dirty.
SYN Flood and other SYN-based DoS protections

Attack Description: To quote ISS: "The SYN flood attack sends TCP connections requests faster than a machine can process them." In regards to the other minor SYN attacks, those will be explained per fix.

Prevention Description: We need to place a delay on the speed in which the SYN/ACK handshake can be tried over and over. This property has three registry options: 0, which offers no form of protection or delay; 1, which will limit the number of SYN retry attempts when the maximum number of open TCP Connections and Retries has been met; and finally 2, which is very similar to option 1 but with the additional feature of delaying WinSock notifications until the three-way handshake involving the offending SYN process is completed. Option 2 is going to offer the most benefit for protecting against SYN flood attacks.

Grab the rest of this tutorial here.


What is AntiOnline?

AntiOnline (AO) is home to many of the most popular network security discussion forums online. Here, participants engage in candid, thought-provoking and enlightening exchanges on the latest hazards and how to protect your systems against them.

We invite you to join the AO community (it's free!), share your wisdom and learn a few things in the process.


Security Features Archives

Join IT Research Panel and Get Paid: Influence the direction of IT research by taking brief online surveys. Join now!
WEBCAST: Using End-User Based IT Management to Monitor Infrastructure & Apps. Nov. 30th Sign up now.
Webcast: Safe Email Practices. Nov.12th, 2pmEDT, 11amPST. Is email extinction near? Separate the hype from reality.
Windows Genuine Software: Counterfeit software puts you at risk. Make sure your software is genuine.
WEBCAST: The Role of Security in IT Service Management. Get invaluable insight. Sign up now!


JupiterWeb networks:

internet.comearthweb.comDevx.comGraphics.com

Search JupiterWeb:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterWeb

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Web Hosting | Newsletters | Tech Jobs | Shopping | E-mail Offers