Category: Network and Web Security

SSL Secure socket layer

Stands for “Secure Sockets Layer.” SSL is a secure protocol developed for sending information securely over the Internet. Many websites use SSL for secure areas of their sites, such as user account pages and online checkout. Usually, when you are asked to “log in” on a website, the resulting page is secured by SSL. SSL […]

Digital signature standard

This Standard specifies algorithms for applications requiring a digital signature, rather than a written signature. A digital signature is represented in a computer as a string of bits. A digital signature is computed using a set of rules and a set of parameters that allow the identity of the signatory and the integrity of the […]

One way hash function

A one-way hash function, also known as a message digest, fingerprint or compression function, is a mathematical function which takes a variable-length input string and converts it into a fixed-length binary sequence. Furthermore, a one-way hash function is designed in such a way that it is hard to reverse the process, that is, to find […]

Authentication Functions

Message authentication is concerned with: Protecting the integrity of a message Validating identity of originator Non‐repudiation of origin Fundamental levels of message authentication: Lower level There may be some sort of function that produces an authenticator: a value to be used to authenticate a message. Higher level The lower layer function is then used as […]

Digital signature

A digital code (generated and authenticated by public key encryption ) which is attached To an electronically transmitted document to verify its contents and the sender’s identify. A digital signature is a most mathematical scheme for demonstrating the authenticity of a digital message or documents . A valid digital signature gives a recipient reason to […]

Message digest functions

Message digest functions also called hash functions, are used to produce digital summaries of information called message digests. Message digests (also called hashes) are commonly 128 bits to 160 bits in length and provide a digital identifier for each digital file or document. Message digest functions are mathematical functions that process information to produce a […]

MD5

MD5 algorithm was developed by Professor Ronald L. Rivest in 1991. According to RFC 1321, “MD5 message-digest algorithm takes as input a message of arbitrary length and produces as output a 128-bit “fingerprint” or “message digest” of the input. The MD5 algorithm is intended for digital signature applications, where a large file must be “compressed” […]

SSH

Secure Shell (SSH) Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users. SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary. There are several […]

Cryptography

Cryptography is the technique message from a non-readable format back to a readable format without knowing how they initially converted from readable format to non-readable format. Cryptography is heavily based on mathematical theory and computer science practice, cryptographic algorithms are designed around computational hardness assumptions, making such algorithms hard to break in practice by any […]

Cryptography attacks

Cryptography Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography is closely related to the disciplines of cryptology and cryptanalysis. Cryptography is most often associated with scrambling plaintext or ordinary text, sometimes referred to as cleartext […]

Intrusion terminology

1.Alert\Alarm A signal suggesting that a system has been attacked. 2.Firewalls The network security door. A firewall is not an IDS but their logs can provide valuable IDS information. A firewall works by blocking unwanted connections based on rules or criteria, such as source address, ports etc. 3.Appliance Rather than install an IDS onto an […]

Categories of security assessments

CATEGORIES OF SECURITY ASSESSMENTS There are following categories of security Assessments: Vulnerability Assessment Penetration Test White/Grey/Black-Box Assessment Risk Assessment Threat Assessment 1.Vulnerability Assessment: Vulnerability assessment, is also known as Vulnerability analysis. It is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. It is used by […]

Intrusion detection tool

Security onion OSSEC OpenWips-ng Suricata Bro IDS 1.Security Onion: Security Onion is an Ubuntu-based Linux distribution for network monitoring and intrusion detection. The image can be distributed as sensors within the network to monitor multiple VLANs and subnets, and works well in VMware and virtual environments. This configuration can be used as an IDS only. […]

Intoduction to intrusion

Introduction Intrusion-detection systems aim at detecting attacks against computer systems and networks or, in general, against information systems. Indeed, it is difficult to provide provably secure information systems and to maintain them in such a secure state during their lifetime and utilization. Sometimes, legacy or operational constraints do not even allow the definition of a […]

Security terminologies and principals

The different security principles and there terminology are as below Confidentiality: The confidentiality principle means that only the sender and the intended recipient should be able to access the message. Confidentiality is not achieved if an unauthorized person is able to access a message. Authentication: The authentication principle help to establish proof of identities. The […]

Categories of security assessments

There are following categories of security Assessments: Vulnerability Assessment Penetration Test White/Grey/Black-Box Assessment Risk Assessment Threat Assessment 1.Vulnerability Assessment: Vulnerability assessment, is also known as Vulnerability analysis. It is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. It is used by network administrators to evaluate […]

Intrusion detection tool

Introduction: 1.An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. 2.Any detected activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. 3.A SIEM system combines outputs from multiple […]

Introduction to network security

Network security refers to any activities designed to protect the network. Network security targets a variety of threats and stops them from entering or spreading on your network. Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Key […]

Computer and cyber security

Computer Security: Computer Security is the protection of computing system and the data is access or stored. Computer Security is the protection of information system from theft or damage to the hardware, software and the information inside it, as well as from disruption or misdirection of service they provide. Why is Computer Security Important? Enabling […]

Security threats

In computer security a threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible harm. Here’s a quick explanation of some of the common security threats you may come across: Malware Computer virus Rogue security software Trojan horse Malicious spyware Computer worm Botnet Spam Phishing Spoofing Rootkit 1. […]

Types of Attack

TYPES OF ATTACKS Without security measures and controls in place, your data might be subjected to an attack. Some attacks are passive, meaning information is monitored; others are active, meaning the information is altered with intent to corrupt or destroy the data or the network itself. Your networks and data are vulnerable to any of […]