This document is only a guide containing recommended security settings. It is not meant to replace well-structured policy or sound judgment. Furthermore this guide does not address site-specific configuration issues. Care must be taken when implementing this guide to address local operational and policy concerns. The security changes described in this document only apply to Microsoft Windows 2000 systems and should not be applied to any other Windows 2000 versions or operating systems.
Read the rest of this entry »

• 0 Comments

Foxit PDF IFilter is an application designed to help users to index a large amount of PDF documents and then quickly find text within these documents. The PDF documents can not only be files, but also email attachments or database records.

Foxit PDF IFilter supports PDF 1.7 specification and can be used in many Microsoft search engines, such as Windows Indexing Service, MSN Desktop Search, Internet Information Server, SharePoint Portal Server, Windows SharePoint Services (WSS), Site Server, Exchange Server, SQL Server and all other products based on Microsoft Search technology. With Foxit PDF IFilter, all these search engines can find PDF files with ease.
Read the rest of this entry »

• 0 Comments

The tone of recent news stories about the dangers of Facebook has been quite hysterical and many IT directors can be forgiven for feeling under threat from the phenomenon. But is a blanket ban for the site the best approach or merely a knee-jerk reaction, perhaps a more tailored approach with network management tools is appropriate?
Read the rest of this entry »

• 0 Comments

Napera delivers a straightforward solution to the network health challenge that is easy to use and manage. The Napera N24 enforces network health and identity without the cost and complexity of large enterprise products.

This guide will walk you through installation and some of the key features of the Napera N24. This evaluation guide follows a stepwise method, building from gigabit switching functionality to full health and authentication requirements for enforced ports.
Read the rest of this entry »

• 0 Comments

The Point-to-Point Tunneling Protocol (PPTP) is used to secure PPP connections over TCP/IP links. In this paper we analyze Microsoft’s Windows NT implementation of PPTP. We show how to break both the challenge/response authentication protocol (Microsoft CHAP) and the RC4 encryption protocol (MPPE), as well as how to attack the control channel in Microsoft’s implementation. These attacks do not necessarily break PPTP, but only Microsoft’s implementation of the protocol.
Read the rest of this entry »

• 0 Comments

World Wide Web’s secure backbone in over a decade
The CA/Browser Forum, a consortium of Certificate Authorities (CAs) and browser providers including VeriSign and Microsoft, recently created a new class of Web site identity authentication — the Extended Validation (EV) SSL Certificate standard. EV SSL Certificates require Web sites to pass a stricter identity verification process than required by traditional SSL Certificates. These new certificates also trigger a more noticeable secure user interface in the latest high-security browsers for visitors to Web sites with an EV SSL Certificate. The address bar in Microsoft IE7 turns a highly visible green color to immediately signal the presence of identity information. A field on the right of the address bar toggles between the name of the Web site organisation and the issuing CA, such as VeriSign.
Read the rest of this entry »

• 0 Comments

Two leading network access control standards — TCG’s Trusted Network Connect (TNC) and Microsoft’s Network Access Protection (NAP) — will now interoperate, providing enterprises with simpler, more cost-effective, scalable, and interoperable endpoint integrity and network access control.
Read the rest of this entry »

• 0 Comments

Symantec Mail Security for Microsoft Exchange provides high-performance, integrated mail protection against virus threats, spam, and security risks, while also enforcing company policies on Microsoft Exchange Server 2000, 2003, and 2007. A Symantec Premium AntiSpam™ sub- scription can be activated by purchasing a license key to provide best-of-breed spam prevention with a spam catch rate of more than 97 percent, with 1 in 1 million critical false positives—without additional ongoing administration after initial setup.
Read the rest of this entry »

• 0 Comments