• 0

Internet, Network, and Security How-To's and FAQs


Question

Barney T.

This topic is for the placement of links to how-to articles, tips, FAQs, or helpful information related to internet, network, and security. Please post links to the actual articles.

 

Internet Basics

 

 

 

Networking Basics

 

 

 

Security Basics

 

 

       Security Tools

 

         Security Tools for basic users:

 

 

 

FAQ's

  • Thanks 1
Link to post
Share on other sites

17 answers to this question

Recommended Posts

  • 0
+BudMan

While this in theory might be a good idea - in practice your 2 links so far are not very informative or worthy of links too.

 

How is a thread with a link to a speed test site, where everyone posts theirs -- its a how many stairs/windows thread.  Sure an the hell is not "internet basics". Or even good at explaining what a speed test is for that matter.

 

As to that good network configuration thread -- what?  That is a guy asking such a loaded question, and then getting hammered for more information..

 

A better link for speedtest would be just the wiki article http://en.wikipedia.org/wiki/Speedtest.net

 

As to network -- this would be a better first link than that nonsense thread http://en.wikipedia.org/wiki/Computer_network

Link to post
Share on other sites
  • 0
Barney T.

^ Done. Thanks, Budman. Please feel free to suggest as needed. You have lots of helpful posts and info, so I am hoping that you will give us the good stuff. :) Also, I will add links as the members recommend them. Thanks so much.

Link to post
Share on other sites
  • 0
+BudMan

Your welcome I guess - but really not sure speed testing should go there, but since "internet basics" is such a broad topic I guess you could fit most anything in there ;)

 

You will want to redo your link title for the network configuration - that is not a good anything, its just a link to information of what makes up a network.

 

I will try and come up with some links for your topics.  Under Security, which I would not really call basics.. I would prob remove the basics from all the topics except for internet and network and security would be just that.. And FAQ kind of redundant since most all of these are FAQ ;)

 

Under security for a start

http://www.us-cert.gov/

http://osvdb.org/

http://www.sans.org/

http://nvd.nist.gov/

http://cve.mitre.org/

 

You might want some sub topics under Security and Networking and even Internet, etc.

 

Under security sub sections you might have links to tools - some starters

http://nmap.org/

http://www.tenable.com/products/nessus

http://ettercap.github.io/ettercap/

http://www.wireshark.org/

 

Basic users and window users might want to take a look at for tools

http://technet.microsoft.com/en-US/security/cc184924.aspx

http://www.microsoft.com/en-us/download/details.aspx?id=39273

 

This could end up being really a lot of links, sine the topic is wide open ;)  And we could have whole sections on 1 specific protocol such as dns ;)

Link to post
Share on other sites
  • 0
Eric

This can always be spun off into separate FAQ threads with this one as an index if needed.

Link to post
Share on other sites
  • 0
Barney T.

^ Added. Thanks all! This is just a start, so please just suggest whatever subtopics I should post above (Y).

Link to post
Share on other sites
  • 0
goretsky

Hello,

 

Some anti-malware companies' blogs:

 

AVG - http://blogs.avg.com/

Avast! - http://blog.avast.com/

Avira - http://techblog.avira.com/en

BitDefender - http://www.bitdefender.com/blog/

CommTouch - https://blog.commtouch.com/cafe/ (formerly F-PROT)

Comodo - http://blogs.comodo.com/

ESET - http://www.welivesecurity.com/

F-Secure - http://www.f-secure.com/weblog/

G Data - http://blog.gdatasoftware.com/blog.html

Kaspersky Lab - http://blog.kaspersky.com/

Malwarebytes - http://blog.malwarebytes.org/

McAfee - http://blogs.mcafee.com/

Panda Security - http://pandalabs.pandasecurity.com/

Sophos - http://nakedsecurity.sophos.com/

Symantec - http://www.symantec.com/connect/security/blogs

Trend Micro - http://blog.trendmicro.com/

Webroot - http://www.webroot.com/blog/

 

There are, of course, dozens of anti-malware companies, so this is just a very incomplete list to help get the ball rolling.

 

Regards,

 

Aryeh Goretsky

  • Like 1
Link to post
Share on other sites
  • 0
nabz0r

Hello,

 

Some monitoring, log, etc stuff:

 

MRTG (Free, I am going to try it and let you guys know)

PRTG (This one has both free and paid version, never tried it before but I've heard a lot of good things about it)

Splunk

  • Like 1
Link to post
Share on other sites
  • 0
nabz0r

Here is another great guide for those which are interested in backing up their network devices automatically with Rancid.

How to install Rancid on a Linux machine

Link to post
Share on other sites
  • 0
sc302

Hello,

 

Some monitoring, log, etc stuff:

 

MRTG (Free, I am going to try it and let you guys know)

PRTG (This one has both free and paid version, never tried it before but I've heard a lot of good things about it)

Splunk

Lets not forget cacti

  • Like 1
Link to post
Share on other sites
  • 0
nabz0r

Lets not forget cacti

Yeah, another great tool. I started using at home on Ubuntu server and I am loving it so far.

 

Here is how to install it on

RHEL/CentOS

Link to post
Share on other sites
  • 0
nabz0r

Hi,

 

Here is one of the best monitoring opensource system that I have came across. I installed at home and I am in love with it. Just configure SNMP and you're good to go. It pulls everything.

 

Observium

 

I am going to mention this as well, probably most of you will use it, it's IPAM IP managemnet free.. I have been using it for almost 2 years and it's absolutely great.

 

PHPIPam

 

Enjoy my finds. :P

  • Like 1
Link to post
Share on other sites
  • 0
nabz0r

Good Thread, I have found some useful guides on here....

 

http://www.firewall.cx/

+1. That website is one plus for Cisco stuff.

Link to post
Share on other sites
  • 0
hollowhan
On 12/10/2013 at 8:11 PM, nabz0r said:

Here is another great guide for those which are interested in backing up their network devices automatically with Rancid.

How to install Rancid on a Linux machine

Thx a lot Nab! Great info.

Link to post
Share on other sites
  • 0
Jason S.

Please dont resurrect old threads. Thank you.

 

Sorry folks! didnt realize this was a pinned thread. i reopened it.

Edited by Jason S.
  • Like 1
Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Usama Jawad96
      Google banned over 100,000 malicious developers in 2020
      by Usama Jawad

      The Play Store is not exactly known for its security, but Google continually makes efforts to improve the overall situation. To that end, the company has now disclosed the various methodologies it used to fight malicious apps and developers in 2020, and has shared some accompanying statistics as well.



      In 2020, over 100 billion installed apps were scanned by Play Protect on a daily basis. Play Protect was introduced back in 2017 to give users more visibility over Android security. With 2020 being a particularly difficult year due to growing fake news, U.S. elections, as well as people scrambling to find reliable information regarding COVID-19 and vaccines, Google took several steps to ensure that apps do not harm users via misinformation.

      Among these was the requirement that apps dealing with sensitive use-cases such as displaying information about COVID-19 testing sites should meet a high-level of user data privacy and should be endorsed by government or healthcare authorities. New guidelines were introduced for apps which market themselves as "News" to improve transparency for users of the Play Store. Finally, specific teams and processes were put in place to focus on U.S. elections and to prevent related abuse via the Play Store.

      Google's machine learning algorithms stopped over 962,000 apps from release on the Play Store because they violated certain policies. In the same vein, 119,000 malicious and spammy developer accounts received the banhammer.

      Other enhancements include the review of all apps requesting access to location in the background and enforcing developers to provide user benefit when they request this information. Apps which do not follow these guidelines will be removed from the Play Store. Google plans to disclose more information about this process soon.

      Lastly, the company also released a new tab in the Play Store containing "Teacher approved" apps, containing recommendations from academic experts and advisors.

      Google says that it will continue investing in efforts that prevent malicious content from being distributed in the Play Store. The company hopes to build and sustain trust not only with users, but developers as well. It noted that its enforcement actions in the past year have resulted in increased developer satisfaction and a reduced number of appeals overall.

    • By Usama Jawad96
      All major Microsoft services will exclusively use SHA-2 from next month
      by Usama Jawad

      Secure Hash Algorithm 1 (SHA-1) is a 25-year-old method of generating hashes using a cryptographic function. Google successfully managed to demonstrate the weaknesses of the algorithm in 2017 and major browsers also began to block websites using SHA-1 certificates. Similarly, Apple dropped support for it in 2019.

      Microsoft has announced that all its major services and processes will be exclusively using SHA-2 from next month.

      Background image of micro circuit with binary code via Shutterstock As the name suggests, SHA-2 is an enhanced version of SHA-1, and is more secure and performant. As such, Microsoft will allow the SHA-1 Trusted Root Certificate Authority (CA) to expire, and all major processes such as TLS certificates, file hashing, and code signing will exclusively use SHA-2 from May 9, 2021 at 4PM PT.

      This move is not particularly surprising considering that in 2019, Microsoft enforced Windows updates signing via SHA-2 and deprecated SHA-1 signed content from the Download Center in late 2020 too.

      Microsoft says that the expiration will only impact SHA-1 certificates that are linked to the associated Root CA. However, certificates that are manually signed using SHA-1 by enterprises themselves will not be impacted. That said, it is obviously recommended that organizations migrate to SHA-2 as well.

      Overall, the Redmond tech giant considers the move to be quite "uneventful" as it says that it has done full-fledged testing of major applications and potential issues. Regardless, if organizations face problems, they are recommended to peruse Microsoft's dedicated support article or reach out to the firm's technical teams.

    • By Usama Jawad96
      Microsoft releases security updates for Exchange Server following report by the NSA
      by Usama Jawad

      In March, Exchange Server headlined the cybersecurity news section when it was discovered that it is under attack from state-sponsored groups. Microsoft was quick to release out-of-band updates for both supported and unsupported versions of Exchange, tools to break the attack chain, as well as advisories for customers. As a result of its efforts, hundreds of thousands of on-premises Exhange Server instances were patched against vulnerabilities. It is important to note that Exchange Online was not affected by this incident.

      Now, Microsoft has released yet another set of security updates for Exchange Server to tackle newly discovered Remote Code Execution (RCE) vulnerabilities.



      This time around, security updates are only available to Exchange Server 2013 CU23, Exchange Server 2016 CU19 and CU20, and Exchange Server 2019 CU8 and CU9. If you're not on any of the aforementioned cumulative updates (CUs), Microsoft recommends that you first upgrade to a supported environment and then apply the security updates. Once again, Exchange Online customers do not need to do anything.

      The Redmond tech giant says that the April 2021 security updates (SUs) patches RCE vulnerabilities that were privately reported to the firm by the National Security Agency (NSA). Although Microsoft's investigation indicates that the exploit is not being utilized by attackers, it still urges customers to apply the SU as quickly as possible.

      It is important to note that since SUs are cumulative, customers who apply the April updates will also be protected against vulnerabilities reported in March. However, customers with SUs released in March are unprotected against these new security flaws. Microsoft has cautioned that unlike last time, it does not plan to release out-of-band SUs for unsupported versions of Exchange Server. There are 47 old CUs affected by this flaw and it's not possible for Microsoft to invest effort in releasing updates for all of them. As such, it recommends updating to a current environment in order to apply the updates. Finally, the company has also noted that SUs have not been released for Exchange Server 2010 as it is unaffected by the latest vulnerabilities. You can find out more about the updates by heading over to Microsoft's blog post here.

    • By zikalify
      NortonLifeLock: Two out of every five Americans affected by cybercrime in 2020
      by Paul Hill



      New data from NortonLifeLock and The Harris Poll has found that nearly 108 million Americans experienced cybercrime in the past 12 months resulting in a cumulative 719 million hours spent trying to resolve issues or about 6.7 hours per person. In total, 10,030 adults from 10 countries were involved in the survey to help shed light on cybersecurity issues.

      The survey was conducted in February between the 15th and the 28th. There were around 1,000 respondents from Australia, France, Germany, India, Italy, Japan, Netherlands, New Zealand, United Kingdom, and the United States and the results were weighted to bring them in line with their actual proportions in the population. Weighted variables differed by country but included things like age, gender, ethnicity, region, education, marital status, internet usage, household size and income, size of the place, and propensity to be online.

      According to the report, 65% of people are spending more time online as a result of the pandemic and that cybercriminals are taking advantage of this fact by launching attacks against unsuspecting victims. The survey data suggests that 330 million people across the 10 countries were affected by cybercrime and 55 million suffered identity theft. Collectively, it’s predicted that 2.7 billion hours were spent trying to resolve the problems arising from these attacks in the 10 countries.

      Commenting on the findings, Paige Hanson, chief of cyber safety education at NortonLifeLock, said:

      With regards to people fighting back against cybercrime, NortonLifeLock’s report found that 77% of Americans are taking more precautions online with 99% of those who noticed unauthorized access on an account taking action to improve their cyber safety. Two-thirds created stronger passwords for their account and 51% contacted the company to let them know their account had been hacked. A third of respondents said they turned to family members or the internet for cybersecurity assistance while a fifth invested more money in security software.

      Another interesting finding in this study is that those under 40 – those normally portrayed as technically savvy – were less likely to know what to do if their identity was stolen compared to those over 40 (62% vs. 37%).

      While there are many internet security suites including Norton Internet Security, common sense and caution go a long way in helping you stay safe online. In addition to security software, you should be careful clicking any links you receive, make sure you use different passwords, and ensure all the software you use is kept up-to-date.

    • By News Staff
      The Essential Guide to Security - free eBook download
      by Steven Parker

      Claim this complimentary eBook for free today, before the offer expires.



      What's it about?
      How to Get Started Using Splunk’s Security Suite to Solve Your Everyday Challenges

      What’s your plan for cybersecurity? Are you simply “planning for the worst, but hoping for the best?” With digital technology touching every part of our lives and new threats popping up daily, it’s imperative that your organization is precise, informed and prepared when it comes to defending your assets and hunting your adversaries.



      High-profile breaches, global ransomware attacks and the scourge of cryptomining are good enough reasons why your organization needs to collect, leverage and understand the right data.

      You’ll also need to implement the right processes and procedures, often alongside new technologies, methods and requirements–all with an ever-increasing velocity and variety of machine data.

      So how can you best defend your organization and hunt down new adversaries? Ultimately, by taking a holistic approach to your defense system across the enterprise. This is why Splunk believes every organization needs a security nerve center, implemented by following a six-stage security journey that we will describe for you.

      How to get it
      Please ensure you read the terms and conditions to claim this offer. Complete and verifiable information is required in order to receive this free offer. If you have previously made use of these free offers, you will not need to re-register. While supplies last!

      >> The Essential Guide to Security - free eBook download <<
      Offered by Splunk, view other free resources | Limited time offer

      Not for you?
      That's OK, there are other free eBooks on offer you can check out here.



      Enter giveaways: Polycade Home Arcade | $5K in cash | $10K in Crypto Ivacy VPN - 5 year subscription for just $1 per month NordVPN - 2 year subscription at up to 68% off Private Internet Access VPN - subscriptions at up to 71% off Unlocator VPN or SmartDNS - unblock Geoblock with 7-day free trial Neowin Store for our preferred partners. Subscribe to Neowin - for $14 a year, or $28 a year for Ad-Free experience Disable Sponsored posts · Neowin Deals · Free eBooks · Neowin Store

      Disclosure: A valid email address is required to fulfill your request. Complete and verifiable information is required in order to receive this offer. By submitting a request, your information is subject to TradePub.com's Privacy Policy.