Expert analysis
Usability and privacy: a study of Kazaa P2P file-sharing
P2P file sharing systems are rapidly becoming one of the most popular applications on the internet, with millions of users online exchanging files daily. While primarily …
An Introduction to Snort
This is a presentation at the Houston ISSA Meeting in April by Ricard Bejtlich, a senior forensic consultant for Foundstone. Download the presentation in PPT format here.
Security Advisories Week: 30 May – 6 June 2002
Title: Imap server buffer overflow Date: May 30 2002 Vendor: Mandrake Vulnerable systems: Mandrake Linux 7.1, 7.2, 8.1, 8.2, Corporate Server 1.0.1 Full advisory: Problem …
Reduce Your Virus Exposure with an Active Virus Protection System
This article describes today’s virus environment, why you need to reevaluate your current anti-virus strategy, and how your business can deploy SonicWALL’s active …
Corporate Security Overview: 28 May – 4 June 2002
A number of security companies send us their company press releases, which we republish in the press section of Help Net Security. This is an overview of interesting …
Backdoored dsniff, fragroute and fragrouter
In a recent hack of irssi server, attacker modified the configure script which gave him shell access to any system that installed the backdoored irssi program. The same thing …
Keeping Secrets in Hardware: the Microsoft XBox Case Study
This paper discusses the hardware foundations of the cryptosystem employed by the Xbox video game console from Microsoft. A secret boot block overlay is buried within a system …
RSA Security enhances RSA Keon
In support of its commitment to make the deployment and use of digital certificates easy for conducting secure and cost-effective e-business, RSA Security announced that its …
Security Advisories Week: 22-29 May 2002
Title: OpenServer popper buffer overflow and denial of service Date: May 22 2002 Vendor: Caldera Vulnerable systems: OpenServer 5.0.5 and OpenServer 5.0.6 Full advisory: …
Cyclone: A Safe Dialect of C
Cyclone is a safe dialect of C. It has been designed from the ground up to prevent the buffer overflows, format string attacks, and memory management errors that are common in …
Cross Site Scripting “the security gap”
I wonder if Microsoft applies the patches on their systems of their products. This question is always on my mind. I personally think that sufficient effort is not made on this …
Corporate Security Overview: 21-28 May 2002
A number of security companies send us their company press releases, which we republish in the press section of Help Net Security. This is an overview of interesting …