Use care when upgrading hand-held operating systems

Upgrading operating systems has become almost automatic, as it’s a crucial element of security maintenance. However, rapid advances in computer hardware have made it easy to forget the need to also consider system resources when upgrading to any new operating system. Clearly, this becomes more of an issue with hand-held devices, which typically are far…

Details

Prevent man-in-the-middle attacks with DHCP snooping

A number of devastating attacks can be instigated by spoofing messages for some of the most fundamental network protocols, such as DHCP. For example, through DHCP spoofing, an attacker can create a fake DHCP server that’s privy to information it’s not supposed to have. This allows the attacker to carry out a man-in-the-middle attack to…

Details

Have it both ways with CDNs and local copies

Many websites use CDNs (Content Delivery Networks) to load external libraries and frameworks, on the theory that this will speed up performance, since the CDN resource may already be cached on the user’s machine. Unfortunately, this approach can backfire if there are connection problems that temporarily make the CDN unreachable. Fortunately, you can easily get…

Details

Moderating a presentation with multiple speakers

There are times when you have to share the spotlight with one or more fellow presenters. If it falls to you to act as moderator, here are a few points to keep in mind: 1. Plan a general outline for the presentation and alert each presenter of your need to do so. This will push…

Details

Dispelling the myths about POST and PUT

One of the most common myths about HTTP and REST Oriented Architecture is to think of the use of POST and PUT in terms of which one is used for a create operation, and which is used for updates. Depending on the source, you may hear it both ways. However, the actual distinction between POST…

Details

Key commands for troubleshooting an IPsec VPN tunnel

If an IPsec VPN tunnel doesn’t work, a common cause is typos in the configuration. These could include errors in typing the shared secret, policy, IP address, or subnet. Hence, removing the tunnel from both ends and reconfiguring it often solves the problem. In some cases, however, you may need to do further troubleshooting, especially…

Details

Coming full circle with private clouds

One of the latest trends in IT management is “private clouds.” At first, the term may seem like an oxymoron, since the using “cloud” typically means using a remote public service to provide certain IT needs. However, many of the technologies that have been developed to power cloud computing can be used internally. These include…

Details