Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure Your Network NSA-style

Posted by timothy on from the good-idea dept.

farker haiku writes "The NSA has unclassified a pdf on how to secure your network in sixty minutes. All in all, it's an interesting and informative read if you are in the security biz. The article covers a variety of topics such as Buffer Overflows, Intrusion Detection Systems and using Tripwire ASR to ensure the integrity of your network server."

2 of 42 comments (clear)

  1. Re:confused by CDarklock · · Score: 3, Informative

    The LAN Manager hash algorithm splits a password of up to 14 characters into two blocks of 7 characters, the second block null-padded to size. The LM hash values for single- and dual-character second blocks are well known, so an eight- or nine-character password on Windows using the LM hash is effectively a seven-character password.

    This assumes you have some systems which can ONLY use the LM hash. Systems with later capabilities can be forced NEVER to use LM hashing by simply using a 15-character password or longer, which won't fit in an LM hash even if it is enabled (which it shouldn't be these days, *unless* you have legacy systems that require it).

    --
    Microsoft cheerleader, blue flag waving, you got a problem with that?
  2. Re:Classified information? by ralphus · · Score: 3, Informative

    Yes it was classified. It was classified with the unclassified classification. It was not declassified.

    --
    Revolutions are never about freedom or justice. They're about who's going to be top dog. -- Kilgore Trout