• April 16, 2012

    Benefits of Single Sign On SSO

    Benefits Reduces phishing issues Reducing password issues due to different user name and password combinations Reducing time spent re-entering passwords for the same identity Can support conventional authentication such as Windows  / Linux and Mac credentials Reducing IT costs due to lower number of IT help desk calls about passwords Security on all levels of entry/exit/access to systems without the inconvenience of re-prompting users Centralized reporting for compliance adherence. Negatives Since Single Sign On (SSO) provides access to many resources once the user is authenticated if credentials are lost or stolen impact of scenario increases. Single Sign Sign On (SSO) makes the authentication systems highly critical a loss of service can result in denial of access to all systems Single Sign On Devices are usually the target of attackers before anything Types of Single Sign On Kerberos ticket granting Smart Card OTP Token Integrated Windows Authentication
  • Heartland Payment System TJX Epsilon RSA Stuxnet Department of Veterans Affairs Sony PlayStation Network ESTsoft Gawker Media Google, etc. VeriSign CardSystems AOL Fidelity National Information Services Out of all these I think the most brutal security breach was AOL because they got domain hijacked.  But I think the VeriSign and Playstation hack effected more people and on a much larger scale.  The Playstation network I remember took a VERY long time to recover from the hack and then was hacked again.  Security is so important but no matter how much you secure something someone can almost always fine a back door especially if they have the time, resources and money.  
  • April 3, 2012

    Reinstall Windows Update Service

    There is a few ways this can be done on Windows 7 and Vista using this great tool Windows 7 & Windows Vista I found this great tool works great In windows xp I found the Microsoft way worked the best of reinstalling the Windows Update Agent
  • When setting up Microsoft ForeFront The first thing to do is to run Serversetup.exe. Of course you’ll want to run the file so click Run.Fill in your Name and Organization then click Next.You’re going to have to put a check in I accept the software license terms.When you do Next will be available so click Next.Now this is where you’re be choosing your topology. For this example we’llgo ahead and chose a Basic topology. This will install Microsoft ForefrontEndpoint Protection 2010 Database, Site Server Extension, Console Extension,Reporting components, and Reporting database based on your currentConfiguration Manager deployment. Maybe in future blogs I’ll go through otherdeployment options. Don’t forget to click Next.Here is where you will setup the Reporting server account information.Mostly it will be filled out by the user running setup but you can change thedomainusername. Click Next.If the password you typed doesn’t match the domainusername you’ll get theerror below. Microsoft Forefront Endpoint Protection 2010 Error: The password is incorrect, or this account is not valid. Account :domainusername After I corrected my intentional typo FEP is now warning me that I shouldn’tuse my domain admin account. Microsoft Forefront Endpoint Protection 2010 For security reasons, it is not recommended to use a domain administratoraccount ‘domainusername’ as the reporting account. I’m going to OK this because it’s just a test lab. By default FEP will want to Join the Customer Experience ImprovementProgram. I recommend keeping this checked. I also checked User Microsoft Updateto keep my products up to date. Join Microsoft Spynet Basic is checked by default. I changed mine toAdvanced SpyNet. Location and disk space requirements blah blah blah. Oh no! It looks like my Verifying SQL Server prerequisite Failed with anError. When I click the More link I see the error below Forefront Endpoint Protection 2010 requires that the SQL Server Agentservice...
  • A friend of mine passed this a long and since I have not had a security post in a while and this is a great article I thought it was worth posting.  Talks about how certain devices on the network like printers, fax machines and security cameras exc are over looked in vulnerability testing.  The article also hits on some other errors in vulnerability testing.
  • April 20, 2010

    Google Docs Security Info If you think google docs is safe and think that once you delete something its off the internet read this.
  • April 16, 2010

    Great Security Artical on WPA Weakness Great Security Article on Artical on WPA Weakness