Master Computer Security Basics, Anytime
A Domain Name System (DNS) poisoning attack, also called DNS spoofing, is when an attacker is able to redirect a victim to different website than the address that he types into his browser. For example, a user types www.google.com into their browser, but instead of being directed to Google’s servers he is instead is sent [...]
Spoofing is when an attacker pretends to be someone else in order gain access to restricted resources or steal information. This type of attack can take a variety of different forms; for instance, an attacker can impersonate the Internet Protocol (IP) address of a legitimate user in order to get into their accounts. [...]
Wi-Fi, also called wireless internet or a Wireless Local Area Network (WLAN), has increased the availability of internet access greatly. Unfortunately, it has also introduced new security concerns that are different than the vulnerabilities in wired networks. The standards for Wi-Fi were developed by Institute of Electrical and Electronics Engineers (IEEE) in the early [...]
A rainbow table is a used to break passwords that have been encrypted into a hash. Rainbow tables are huge sets of precomputed hashes for nearly every possible combination of special characters, letters, and symbols. Password attacks that use brute force methods to break password may compute hash values on the fly, but using rainbow [...]
Everyone is probably familiar with passwords. Passwords are the most common access control method used by system administers to manage the usage of network resources and applications. Usernames are entered along with a password when a user wants to login to a secure system. The widespread use of passwords to access sensitive information makes them [...]
Access control is the process of deciding who can use specific systems, resources, and applications. An access control model is a defined set of criteria a system administrator utilizes to define system users’ rights. There are three main access control models. These are Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Role [...]
Access control involves managing who has access to specific systems and resources at a given time. The concept of access control revolves around the process comprised of three steps. These steps are identification, authentication, and authorization. Using these three principles a system administrator can control what resources are available to a system’s users.
The term identification [...]
