Two-factor authentication is based on something a user possesses (such as a CAC card) and something a user knows (a password). CAC stores 64KB of data storage and memory on a single integrated circuit chip. The CAC embeds a persons’ Public Key Infrastructure (PKI) certificate (from the National Security Agency). It includes data storage, a [...]

Password cracking is the process of discovering passwords from data that has been archived or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. In cyber operations the purpose of password cracking is to gain unauthorized access to a system, or as a preventive measure to check for [...]

With the growth in the size of computer networks the monitoring of operations rises in importance. There are a large number of networks that manage hundreds or even thousands of servers. For example a 2010 server census shows the following number of servers: Intel: 100,000; OVH: 80,000; SoftLayer: 76,000; Akamai Technologies: 73,000; 1&1 Internet: 70,000; [...]

According to the Network World magazine (http://www.networkworld.com/community/node/58829) one of the biggest computing networks anywhere are the computers controlled by the Conficker computer worm. In March 2010 Conficker controlled 6.4 million computer systems. 230 global domains were penetrated, which included more than 18 million computers, or 28 terabits per second of bandwidth. Conficker operations could be [...]

Technical analysis shows that Stuxnet consists of two separate malware attacks. These attacks are considerably different. One runs on Siemens S7-315 controllers and is fairly simple. Attack two runs on S7-417 controllers and is much more complex. Technical analysis shows that both attacks were developed using different tools. * It appears that attacks one and [...]