Introduction to Session Border Controller (SBC)
A Session Border Controller (SBC) is a device used in some VoIP networks. SBCs are put into the signalling path between calling and called party. The SBC acts as if it was the called VoIP phone and places a second call to the called party. The effect of this behaviour is that not only the signaling traffic, but also the media traffic (voice, video etc) crosses the SBC. Without an SBC, the media traffic travels directly between the VoIP phones.
Read the Article
|
An Introduction to the NSA's Security-Enhanced Linux: SELinux
This paper will introduce the NSA's research project termed "Security-enhanced" Linux. It has been recognized that securing applications is only half of the battle: a computer system must also employ security policies at the OS level, and the current model of user vs. administrator that we find in standard Unix is insufficient. Security-enhanced Linux, or "SELinux", is defined as "enforc[ing] mandatory access control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs". SELinux is neither a tool for encryption nor a full distribution of Linux; instead, it is a modification of the kernel to include a "security server".
Read the Article
|
Introduction to Simple Oracle Auditing
This article will introduce the reader to the basics of auditing an Oracle database. Oracle's RDBMS is a functionally rich product and there are a number of auditing alternatives available to the reader. Because auditing Oracle is such a huge subject, doing all of it justice would take an entire book, so this paper will cover the basics of why, when and how to conduct an audit. It will also use a couple of good example cases to illustrate how useful Oracle audit can be to an organization.
Read the Article
|
Introduction to Digital Rights Management
Most people have heard of software licensing and pay per view television, but possibly not connected it with a development in technology called Digital Rights Management (DRM). To understand what DRM is trying to achieve you first of all need to understand intellectual property.
Read the Article
|
Introduction to Shell Scripting
This series focuses on shell scripting in Unix/Linux and focuses on using the bash scripting language. The assumption is that you are new to both Unix and programming. However you will still find things easier to understand if you have some programming experience in a high level language like Basic, C/C++, Java or Pascal/Delphi and some experience with Unix or Linux.
Read the Article
|
Introduction to Voice over IP (VoIP)
Now I'm sure by now you have heard of Voice over IP or IP Telephony. It is one of the hottest technologies right now. In a recent industry magazine survey of 300 business-technology executives, more than 80% say their companies are either using (29%), testing (18%), or planning to deploy (34%) IP Telephony in the near future. Sixty-three percent of those using IP Telephony say they're going to spend more on it this year than last year.
Read the Article
|
Introduction to Group Policy
In my opinion Group Policy is the best feature that Active Directory brings to a network. It allows administrators to secure computers, deploy software, and create custom configurations of the computers in a network. However this article is not a discussion on all the wonderful policies that can be configured, instead it will teach you how Group Policies work.
Read the Article
|
Introduction to Database and Application Worms
In the recent past, a new set of threats have emerged worms that propagate through vulnerabilities in databases rather than through more traditional operating system or web server holes. Despite their lack of sophistication, these worms have been somewhat successful because of the poor state of database security. Security in databases has generally been ignored and the threat management of these applications has been non-existent.
Read the Article
|
An Introduction to ITIL
What quality of IT service do you provide? To much of the IT community Service Management and Continuous Process Improvement are foreign terms. Most problems are caused by unscheduled or unplanned changes that we make. The level of service we provide from day to day varies based on "production problems" and we say things like "document OR implement".
Read the Article
|
Introduction to the NSA Infosec Assessment Methodology (IAM)
On May 22, 1998 President Clinton signed Presidential Decision Directive 63 (PPD 63). This directive outlined the civilian and governmental responsibility of protecting the US Critical Infrastructure and established the framework for the National Infrastructure Assurance Plan. One portion of the National Infrastructure Assurance Plan mandates that the National Security Agency (NSA) will perform information security assessments of US Government systems. This assessment became known as the NSA's Infosec Assessment Methodology (IAM).
Read the Article
|
