Intrusion Detection Systems: Behind the Firewall

Reading Time: 4 minutes

What is an Intrusion Detection System? 

An intrusion detection system (or IDS) is a hardware device or software program that observers a network or system for security policy violations or malicious activity. Typically, any activity or intrusion violation is reported to either an administrator or is collected and logged in a central location using a security information and event management system (or SIEM) system. This system is a security-based technology developed initially for detecting exploits and vulnerabilities used against a computer or other target applications.

IDS systems are usually a passive system that monitors and reports issues that need to be investigated. This product differs from an Intrusion Prevention System (or IPS) in the sense that an IPS assumes an active role by monitoring and defending the system against threats. If a prospective danger is seen, the IPS quickly takes action to prevent any detected exploits from occupying and seizing the system. 

Continue reading “Intrusion Detection Systems: Behind the Firewall”

How to Locate Open Ports in Linux

Reading Time: 9 minutes
openports

What is a Port? 

First, let’s define what a port is. According to the IEFT, a port is: 

A logical entity for Internet communication. Ports serve two main purposes:
1. They provide a demultiplexing identifier to separate transport sessions between the same pair of endpoints
2. They may also identify the application protocol and associated service to which processes connect.

Wikipedia.com

In plain English, this simply means that a port is an endpoint through which data flows back and forth between two computers over a network. A computer has 65535 ports available to share information. These port numbers are based on a 16-bit number, which is where we derive the total number of available ports (0 to 65535).

Continue reading “How to Locate Open Ports in Linux”

How to Implement Zero Trust Security in 5 Steps

Reading Time: 6 minutes

What is Zero Trust Security?

Zero Trust security is the concept, methodology, and threat model that assumes no user, system, or service operating within a secured internal environment should be automatically trusted. It put forward that every interaction must be verified when trying to connect to a system before being granted access. This concept uses micro-segmentation, and granular edge controls based on user rights, application access levels, service usage, and relation to the location to determine whether to trust a user, machine, or application seeking to access a specific part of an organization.

Continue reading “How to Implement Zero Trust Security in 5 Steps”

How to Install and Configure OpenSSH on Windows Server 2019

Reading Time: 6 minutes

What is OpenSSH?

OpenSSH logo

OpenSSH is an open-source utility developed by The OpenBSD Project. SSH stands for “Secure SHell.” This service encrypts traffic on both ends, eliminating security risks from hackers or eavesdroppers. It can be used for remote operations like file transfers and offers key-based passwordless authentication. In this tutorial, we will demonstrate how to harness the power of SSH’s on your Windows server to send basic remote commands and transfer files using password authentication.

Continue reading “How to Install and Configure OpenSSH on Windows Server 2019”

Top 15 Server Security Practices for 2020

Reading Time: 16 minutes

In this article, we will denote the security best practices for 2020 and beyond. Because security is such a challenging subject for many, it often goes unheeded, and as such, many are caught unaware when an issue arises. By following these best practices, you can significantly lower your risk of being compromised by a malicious actor.

Continue reading “Top 15 Server Security Practices for 2020”