Web App Attacks: Sneaking in the Front Door
WatchGuard Technologies, Inc.
WatchGuard Technologies, Inc.
Products  

Tips & Best Practices

IT Managers

Business Managers

Dustin Barnes

Video Tutorials

Radio Free Security

White Papers

Case Studies

Network Security Glossary

IT Managers Security Resources
Common security threats and strategies to defeat them

Security Fundamentals

What a Network Security Administrator Should Do
Just inherited a network? To keep it safe, start with these concepts.

Why Hackers Want You
Even if you don't store major secrets, attackers want your computer. Here's why.

Cryptography 101
A primer on how message encoding assures secrecy.

With Employees Like These, Who Needs Enemies?
CIA analysts list insider personality types most likely to harm your network.


Network Fundamentals

Internet Protocol for Beginners
Internet Protocol is the IP in TCP/IP. Here's how it works.

Understanding IP Addresses and Binary
Binary math lessons for non-math majors

Understanding Subnetting (Part 1)
Understanding Subnetting (Part 2)
Basic concepts to grasp before subdividing a network

What Are Hubs, Switches, and Routers?
Devices defined, along with their security implications

What Are NIC, MAC, and ARP?
Foundational concepts on how data finds its way to your PC

What Is a Port?
One wire into your computer carries many services. How do they sort themselves?

What Are OSI Layers?
Layer 2? Layer 7? How to speak networking like a pro

NTP: It's About Time
The Network Time Protocol offers more benefits than you might think

Attack Techniques

Social Engineering
Tricksters con users into revealing information useful for an attack. You can resist!

How Mugsy Plans a Cyber-heist
Steps and tools a determined hacker uses when attacking a target network.

What Are Buffer Overflows?
Understanding one of today's most common security vulnerabilities.

What We Mean by "Elevation of Privileges"
Understanding "privilege elevation" in its many forms.

Anatomy of a Cross-site Scripting Attack
An explanation of a very common, yet complicated, attack technique.

Anatomy of an ARP Poisoning Attack
How a hacker can eavesdrop on you, without you ever noticing.

DNS Pharming: Someone's poisoned the water hole!
How attackers trick name servers into lying to you

How Hackers Evade Windows Group Policy
Clever tricks that slice through restrictions like a +10 vorpal sword

Harden Your Server against Google Hackers
Stop Google search strings from finding sensitive data on your servers

Email Risks

Foundations: How to Spot Phishing Attacks
Avoiding cons perpetrated via email and Instant Messaging

How Your Peers Defend against Viral Email Attachments
IT admins share joking and serious responses to problems caused by click-happy users


Fighting Spyware

Foundations: Avoiding Dangerous URLs
This popular, oft-quoted article can help your users surf more safely

Foundations: How Does Spyware Get onto My Computer?
A non-technical introduction to understanding and avoiding spyware

Take Control of Internet Explorer...before Spyware Does
Five steps to a more secure IE configuration

Identifying Spyware Processes on a Windows PC
If you spot spyware symptoms on a PC, don’t be afraid to investigate

Malware Analysis Video: Drive-by Downloads
This 12-minute videos shows what happens when a typical Windows PC meets a malicious Web site.


Securing Web Use

Will Your Web Applications Betray You?
A CTO explains how to ferret out vulnerable code your organization.

Web App Attacks Sneak in the Front Door
Is your misconfigured Web site the easiest way to break into your network?

How to Harden Your Microsoft Web Server
Ten steps to enhance Windows 2000 Server security


Securing Wireless and Mobile

Securing the Small, All-Wireless Network
By popular request: keeping attackers off of an entirely wireless network

Stopping WiFi Intruders
Fifteen practical steps and over forty links explaining wireless security

Expanding Your Small Business Wireless LAN
For power users: when and where to add wireless access points

Tools and Tactics for Safer WLAN Deployment
Tips for access point placement, wireless auditing, and more

Anatomy of a Wireless "Evil Twin" Attack (Part 1)
Anatomy of a Wireless "Evil Twin" Attack (Part 2: Countermeasures)
Defeating the attack that tricks users into associating with phony access points

Smartphone (In)Security
Smartphones: smaller, cheaper, more powerful than ever…it's time to secure them

Protecting Pocket PCs
A great aid if you're forming your company's security policy about wireless PDAs.

Wireless at Home
Safeguarding corporate data on employee's home networks.