Comptia
85 Stories

Use cryptographic hashes for validation

Techguide You can use cryptographic hash functions to provide a little more security when exchanging files.

Sunday, December 21 2008 10:51 PM

Tags: Authentication and encryption, Security Management, Ruby, Security, C, Algorithm, SHA-1, Unix, Password, word-processor

Compromised at boot

Techguide It's not just theory any longer--your computer can be compromised at boot, at least for Microsoft Windows and certain Linux distributions.

Monday, June 22 2009 12:47 PM

Tags: Security Management, Network security, Data security, Operating systems, Security, Virtual Machine, Tool, Password, operating system, computer

China chooses FreeBSD as basis for secure OS

Techguide What OS would one choose as a basis for fortified software platforms? China decided to go open source, and it may be pulling ahead of the West in information warfare preparedness.

Monday, June 29 2009 09:14 PM

Tags: Security Management, Security implementation/standards, Network security, Open source, Security, Information Security, operating system, Chad Perrin, China, U.S.

The Bobby Tables guide to SQL injection

Techguide Avoiding SQL injection vulnerabilities is much easier than you might think. XKCD inspired a simple tutorial.

Monday, October 05 2009 07:45 PM

Tags: Network security, Security Management, Security implementation/standards, Data security, Allaire ColdFusion, SQL statement, Vulnerability, CompTIA, SQL, content management system

Use RFC 2606 example domains for example e-mail

Techguide Example e-mail domains were created specifically for use in examples, so that people with real e-mail accounts that happen to coincide with your examples don't suffer the fallout of an unfortunate choice of example.

Tuesday, September 01 2009 09:11 AM

Tags: Security implementation/standards, Security Management, E-mail Address, Security, Domain Name, Domain, CompTIA, Chad Perrin, RFC, e-mail

Understanding risk, threat and vulnerability

Techguide IT security, like any other technical field, has its own specialized language developed to make it easier for experts to discuss the subject. It pays to understand this jargon when researching security.

Tuesday, August 11 2009 08:30 AM

Tags: Security Management, Network security, Data security, Authentication, Security, Vulnerability, Attack, CompTIA, Chad Perrin, penetration testing

Never use dynamic variable names

Techguide How to dynamically name variables is a common subject of programming questions. That's a great way to create security problems, though.

Monday, November 02 2009 01:49 PM

Tags: Security Management, Protocols and platforms, Array, Ruby, Expression, Variable, Security, Microsoft Corp., CompTIA, SQL

A practical example of why HTML e-mail is a bad idea

Techguide Viewing e-mail messages without rendering HTML formatted content can be a simple, easy, and effective security technique.

Tuesday, March 31 2009 10:28 AM

Tags: E-mail servers, Network security, Security Management, Phishing, Microsoft Corp., PayPal, Domain Name, CompTIA, font, Chad Perrin

Six principles of practical ciphers

Techguide Core ideas of a set of principles familiar to cryptographers and other security experts as Kerckhoffs' Principle, are still relevant today--more than 125 years after they were articulated.

Monday, July 20 2009 07:22 PM

Tags: Authentication and encryption, Security Management, Security implementation/standards, private key, CompTIA, Cryptography, Chad Perrin, knowledge, consultant, Security Management

Is Firefox + Perspectives the most secure browser for TLS/SSL encryption?

Techguide Perspectives is a TLS/SSL encryption certificate validation tool that works even for self-signed certificates.

Monday, October 26 2009 11:59 PM

Tags: Authentication and encryption, Security applications/tools, Security Management, Certificate, Computer Associates International Inc., Security, SSL, Microsoft Corp., Authentication and encryption, Web Browser

Perspectives provides out-of-band verification for SSH

Techguide There is more to Perspectives than the Firefox extension for TLS/SSL validation.

Monday, November 02 2009 12:23 PM

Tags: Network security, PC security, Data security, Security, Perspectives, SSH Protocol, SSL, network, OpenSSH, SSH

Hire security pros based on reasoning and aptitude

Techguide In-house education--not resume bullet points--is the key to having the best possible employees.

Monday, October 05 2009 07:45 PM

Tags: Security Management, HR policies and procedures, Recruiting, Cookie, Bullet Point, Security, Human Resources Inc., job, Training, IP

Is paranoid cookie management for you?

Techguide How much paranoia you employ in Web cookie management determines how much work you must put in, and which strategies you'll use.

Tuesday, September 29 2009 12:26 AM

Tags: Web sites, Web browsers, Security Management, Security implementation/standards, Cookie, Web Browser, Google Chrome, Clear, Chad Perrin, Mozilla Firefox

Unmask your passwords with this JavaScript trick

Techguide If you think you mistyped a password into a password field in your browser, a simple JavaScript trick can help you find out by unmasking the password.

Tuesday, September 08 2009 07:32 AM

Tags: Security, Web Browser, Jakob Nielsen, Password, Clear, Chad Perrin, Mozilla Firefox, JavaScript, newsletter, Security

Basics of secure admin privilege use with Unix

Techguide Sometimes, it's worthwhile to get back to basics. Read about the basics of secure administrative privilege use on Unix-like systems.

Tuesday, August 04 2009 11:18 AM

Tags: UNIX, Security Management, Security applications/tools, Security, SSH, Unix, Administrator, Tool, Password, User Account