Off the Wire

Off The Wire Archive

News items for April 2003

Introduction to simple Oracle auditing
This article will introduce the reader to the basics of auditing an Oracle database. [more]
Wednesday, 30 April 2003, 3:01 PM CET

British authorities arrest "Fluffy Bunny"
British authorities arrested a man Tuesday believed to head a group of hackers known as "Fluffy Bunny," which used a stuffed pink rabbit to mark attacks that humiliated some of the world's premier computer security organizations. [more]
Wednesday, 30 April 2003, 12:58 PM CET

Go hunting for spammers
Proposed law would pay you a bounty for reporting offenders. [more]
Wednesday, 30 April 2003, 12:52 PM CET

Viruses bite businesses hard
The numbers of computers infected by viruses is stabilising but the malicious programs pose as big a problem as ever. [more]
Wednesday, 30 April 2003, 12:45 PM CET

PGP creator: Moore's Law is a threat
Moore's law is the biggest threat to privacy today, asserts Phil Zimmermann, who in the early 1990s developed Pretty Good Privacy to bring encryption to the masses. [more]
Wednesday, 30 April 2003, 12:36 PM CET

Olympian network security
Some security tasks are bigger than others. Yahya Mehdizadeh is director of managed security services at SchlumbergerSema, which is providing the infrastructure to protect tens of thousands of servers, systems, and wireless devices at the 2004 Olympic Games in Athens. [more]
Wednesday, 30 April 2003, 12:16 PM CET

Review - Linux Administration Handbook
In the preface the authors note that their intention was to write a book that would be the professional Linux system administrator's best friend. Did they manage to accomplish such a task? Read on to find out. [more]
Wednesday, 30 April 2003, 1:48 AM CET

Perfigo launches SecureSmart WLAN security suite
Perfigo announced the general availability of their SecureSmart WLAN suite. This suite is designed to securely integrate 802.11 WLANs into the existing network infrastructure. [more]
Wednesday, 30 April 2003, 1:28 AM CET

Wi-Fi alliance tightens security
The Wi-Fi Alliance today at NetWorld+Interop will launch its latest security protocol, Wi-Fi Protected Access (WPA), a follow up to its existing Wired Equivalent Privacy (WEP) WLAN security technology. [more]
Tuesday, 29 April 2003, 7:19 PM CET

Kevin Mitnick not welcome in the security sector
A top security expert has hit out at claims by convicted hacker Kevin Mitnick that reformed cyber-criminals have a lot to offer the IT security industry. [more]
Tuesday, 29 April 2003, 4:13 PM CET

Data security measures failing to match legal expectations
Emerging legal expectations for data security and privacy are making it increasingly important for companies to demonstrate reasonable care in protecting their IT assets, say security and legal experts. [more]
Tuesday, 29 April 2003, 12:34 PM CET

LynuxWorks powers advanced biometric security solutions
LynuxWorks announced that its real-time operating system, LynxOS, has been chosen as a preferred software platform for Cogent Systems high-performance biometric identification products and services. [more]
Tuesday, 29 April 2003, 12:31 PM CET

PDA security with Windows CE
A PDA in the wrong hands can do considerable damage if the data is not protected. Find out how to handle the many unique security challenges associated with using PDAs. [more]
Tuesday, 29 April 2003, 12:10 PM CET

Experts play down Nolor worm threat
A new 'garden variety' worm is spreading on the Internet, but infection levels are remaining low - partly because users are getting smarter about attachments. [more]
Tuesday, 29 April 2003, 12:07 PM CET

OpenReach supports WLAN security
OpenReach is upgrading its IP Security and Secure Sockets Layer services to include protection of wireless LANs by using secure tunnels and then melding these local wireless tunnels into secure WAN connections over the Internet. [more]
Tuesday, 29 April 2003, 1:24 AM CET

Microsoft braces for Windows attacks
Now that the long-awaited next version of Windows is in customers' hands, officials at Microsoft are bracing themselves for what they know is coming: vulnerability reports, bug alerts and all manner of other security-related issues. [more]
Tuesday, 29 April 2003, 12:29 AM CET

Scam artists use new technology
As war and terrorism preoccupy the nation, scam artists quietly continue to devise clever ways to rip off consumers and companies. [more]
Tuesday, 29 April 2003, 12:25 AM CET

NIAC tackles net security
As corporate America tries to work more closely with the federal government to improve network security, a primary goal among CEOs is avoiding new federal regulations. [more]
Tuesday, 29 April 2003, 12:15 AM CET

Focus on FreeBSD - interview with the core team
This is an in-depth interview with three members of FreeBSD's Core (Wes Peters, Greg Lehey and M. Warner Losh) and also a major FreeBSD developer (Scott Long). [more]
Monday, 28 April 2003, 8:08 PM CET

Review - Viruses Revealed
This is one of the rare books covering the world of computer viruses and related malware in so much detail. It is well structured, well organized and provides a thorough overview of computer viruses and their modern reincarnations. [more]
Monday, 28 April 2003, 5:52 PM CET

Detection tool watches wireless links
AirDefense Guard notifies staffers of possible security breaches on wireless LANs. [more]
Monday, 28 April 2003, 4:34 PM CET

Microsoft offers server security guide
Following the launch of Windows Server 2003, Microsoft has published a guide to help system administrators secure the new OS. [more]
Monday, 28 April 2003, 2:10 PM CET

HNS Newsletter Issue 159 has been released
Get it in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is brought to you by Surfcontrol. Stop Spam Now - Free SurfControl E-mail Filter Trial. [more]
Monday, 28 April 2003, 2:04 PM CET

EnGarde Secure Linux Community Edition released
Leveraging the best open source applications available, combined with the security expertise from Guardian Digital, EnGarde is a comprehensive platform for developing a secure Internet presence. Screenshots are available. [more]
Monday, 28 April 2003, 12:59 PM CET

Spam, spam, spam, lovely spam
The very efficiency and convenience of electronic communication gets some of the blame for the flood of unwanted spam. By dramatically reducing costs, the Internet makes it economically feasible to blanket the globe with boring sales-pitch messages. [more]
Monday, 28 April 2003, 11:54 AM CET

Interview with Nicholas Raba
The co-author of "Maximum Security 4/e" and Mac security expert talks about the book as well as other security issues. [more]
Monday, 28 April 2003, 3:38 AM CET

Cryptography guru Paul Kocher speaks out
Dennis Fisher sat down with Kocher and Benjamin Jun at the RSA Conference to discuss the new technology and why the current argument over mandated copy protection is moot. [more]
Monday, 28 April 2003, 3:12 AM CET

Your right to hack the Xbox
Video game freaks are strangely at the very center of the biggest computer security battle: control over the product you just bought. [more]
Monday, 28 April 2003, 3:08 AM CET

Rise of the spam zombies
Senders of spam are resorting to outright criminality in their efforts to conceal the source of their ill-sent missives, using Trojan horses to turn the computers of innocent netizens into secret spam zombies. [more]
Monday, 28 April 2003, 3:00 AM CET

Spyware - silent enemy
With hidden software programs that transmit user information via the Internet, it will no longer be a case of information "for your eyes only". [more]
Monday, 28 April 2003, 2:59 AM CET

Online anonymity comes under fire
Verizon's loss in a court battle to keep an ISP customer's identity out of the music industry's hands will make it harder for people to stay anonymous online, privacy advocates say. [more]
Monday, 28 April 2003, 2:57 AM CET

Review - The Art of Deception
Some may think that this book is all about intimidation, that some of the scenarios depicted here couldn't happen. I don't. I believe this book to be an eye-opener to how vulnerable we are. There's no doubt you'll become a bit paranoid after you get through "The Art of Deception", and I think that's exactly what you need. [more]
Friday, 25 April 2003, 3:42 PM CET

Networks risk grounding without airport-level security
Nigel Nigel Hawthorn, Marketing Director of Blue Coat Systems, compares security issues facing IT departments to the issues facing airports. [more]
Friday, 25 April 2003, 3:01 PM CET

The paranoia that paid off
Fears of cyberterrorism during the war on Iraq proved unfounded, says Peter Rojas, but increased online security will benefit us all. [more]
Friday, 25 April 2003, 12:29 AM CET

Auditing web site authentication
This is the first part of a two-part article discussing a standard audit procedure consisting of a list of questions to test Web site authentication schemes. [more]
Friday, 25 April 2003, 12:22 AM CET

What hackers can teach you about security
Robert Vamosi: We should listen when Kevin Mitnick says that traditional network security tools aren't enough to keep our information safe. [more]
Friday, 25 April 2003, 12:20 AM CET

Web users wary on privacy, not security
Web users are overcoming fears of sending credit card details over the internet, but are increasingly worried about the privacy of personal information, according to research. [more]
Friday, 25 April 2003, 12:19 AM CET

Running Linux and Netfilter on Nokia IP series hardware
A tutorial for setting up some open-source software on market leading, proprietary firewall hardware. [more]
Friday, 25 April 2003, 12:18 AM CET

Software developer fears legal tar pit
An independent coder says a new copyright law could make one of his apps illegal. [more]
Friday, 25 April 2003, 12:17 AM CET

Microsoft snags CD copy-block deal
Microsoft dug its roots a little deeper into the music business Wednesday, as copy-protection company Macrovision agreed to license its Windows digital rights management technology for CDs. [more]
Friday, 25 April 2003, 12:15 AM CET

Ex-con man advises on identity theft
Digital thieves are becoming more professional and hard to fight, he warns. [more]
Friday, 25 April 2003, 12:14 AM CET

Review - Hack Attacks Revealed, Second Edition
The continuing growth of the Internet, as seen from ever growing number of new Internet users and companies doing their business online, is creating a new line of possible victims susceptible to Internet attacks. The primary objective of this book is to lay a solid foundation from which to explore the world of security. [more]
Thursday, 24 April 2003, 2:55 PM CET

Theo de Raadt: Hackathon will go on
Theo de Raadt intends to host a gathering of coders in Canada next month, despite a decision by a U.S. military research agency to withdraw funding for the event. [more]
Thursday, 24 April 2003, 12:45 PM CET

Interview with Greg Vaughn
The enterprise application programmer and co-author of "Maximum Security 4/e" talks about the book and general security issues. [more]
Thursday, 24 April 2003, 11:52 AM CET

Access cards: securing corporate networks
The technology for strong user authentication, whether based on two or three factors, is already available to establish trusted digital ID credentials for secure access to multiple applications. [more]
Thursday, 24 April 2003, 1:12 AM CET

Cyber war game tests future troops
In a basement lab littered with computers, monitors and chalkboard diagrams, 14 Naval Academy midshipmen are buzzing about the latest hacker assault on the computer network they created. [more]
Thursday, 24 April 2003, 12:45 AM CET

SQL server string, cursor, security and rowset functions
Baya Pavliashvili continues his series on system-supplied functions by discussing the string, security, cursor, and rowset functions. Also discover some extra features, which are not mentioned in the SQL Server online documentation. [more]
Thursday, 24 April 2003, 12:43 AM CET

Schools test "eye scanner" security
Plumsted districtís three schools became the test site for a cutting-edge eye-recognition security system designed to keep out strangers. [more]
Thursday, 24 April 2003, 12:39 AM CET

Apache web serving with Jaguar, part three
In the first part of this series, Kevin showed you how to easily start serving web pages from your Mac OS X computer. In the second article, he explored the world of CGI access. Today, he looks at PHP and simple access controls. [more]
Thursday, 24 April 2003, 12:31 AM CET

Snort problems
Noel Davis looks at buffer overflows in Snort and SheerDNS, and problems in Xinetdvixie-cron, Oracle E-Business Suite FNDFS, xfsdump, Ximian Evolution, GtkHTML, kdegraphics, and psbanner. [more]
Thursday, 24 April 2003, 12:29 AM CET

Open-source security shines in Samba case
Recently discovered security holes in Samba were serious threats to companies using the popular freeware, which enables end users to access and use files, printers and other commonly shared resources on a company's network or via the Internet. [more]
Thursday, 24 April 2003, 12:15 AM CET

Retailers report sales bounce using security certificate
Sites showing proof of increased Web security say that up to a third more people went beyond shopping and actually bought, according to an auditing firm. [more]
Thursday, 24 April 2003, 12:14 AM CET

WLAN wars: with N+I coming, wireless products abound
The battle for the enterprise wireless LAN market continues in the run-up to the Networld+Interop conference, and between now and the start of N+I, seven companies are slated to introduce WLAN systems that put the management of dumb access points at the core of the network. [more]
Thursday, 24 April 2003, 12:12 AM CET

New Coronex worm exploits SARS worries
Sophos has issued a warning of a new computer worm that takes advantage of growing concern over the biological SARS virus. [more]
Wednesday, 23 April 2003, 7:55 PM CET

Defense agency pulls OpenBSD funding
The unused portion of a grant from the Defense Advanced Research Projects Agency (DARPA) to fund development of the open-source operating system Open Berkeley Software Design (OpenBSD) has been pulled for unspecified reasons. [more]
Wednesday, 23 April 2003, 2:49 PM CET

Will California law spur storage crypto?
While the practice of encrypting sensitive data across the Internet has long been established, there is far less consensus on the value of encrypting data "at rest" in a SAN. Now, a new law in California could provide a decisive answer to that question. [more]
Wednesday, 23 April 2003, 2:44 PM CET

Ruxcon: a security conference with a difference
From mysterious men on rooftops with telephoto lenses, to attendees trying to use "household appliances to launch non-conventional buffer overflow attacks", the inaugural Ruxcon IT security conference in Sydney had it all. [more]
Wednesday, 23 April 2003, 12:56 PM CET

Attacker causes havoc for websites
Up to 1,500 websites could have been affected by a recent attack. [more]
Wednesday, 23 April 2003, 12:54 PM CET

Most would reveal their computer passwords
Computer security remains lax, with a new survey showing that most office workers would give away their computer passwords in exchange for a cheap pen. [more]
Wednesday, 23 April 2003, 12:46 PM CET

Windows 2003 leaves security gaps
Users will need to take care over deployment options. [more]
Wednesday, 23 April 2003, 12:37 PM CET

IDS: the integrated partner for your firewall
A firewall shouldn't be your only means of protection. That's why Intrusion Detection Systems are becoming a necessary complement for existing firewall solutions. [more]
Wednesday, 23 April 2003, 12:32 PM CET

Al-Jezeera, the first amendment, and security professionals
While attempts to disrupt Web broadcasts of Al-Jazeera may seem like a distant concern, they reflect the problems that should concern security professionals everywhere. [more]
Wednesday, 23 April 2003, 4:49 AM CET

Adrian Lamo - a duty to hack
Adrian Lamo, the 22-year-old "homeless hacker" famous for raiding New York Times computers, pursues his vision of public service by cracking another major corporate network. It's a crime, of course. It's also what he was born to do. [more]
Wednesday, 23 April 2003, 4:44 AM CET

Microsoft's security straw man
Is there a "war room" somewhere where scores of Kevin Mitnick wannabes are pounding away at Microsoft products, trying to find weaknesses? If not, too bad. [more]
Wednesday, 23 April 2003, 4:38 AM CET

Anti-virus defence in depth
This article will discuss defence in depth as it applies to anti-virus protection. While there are many papers written on this topic, most miss out on two crucial components: layered best of breed AV protection and centralized reporting and control. [more]
Tuesday, 22 April 2003, 5:48 PM CET

Schmidt leaves cyber-security post
White House cyber-security adviser Howard Schmidt resigned from his government post Monday, the second high-level official to leave President Bush's Critical Infrastructure Protection Board in as many months. [more]
Tuesday, 22 April 2003, 5:43 PM CET

Review - The Hack-Counter Hack Training Course
Some people prefer books that deliver a wealth of theoretical knowledge they can build on, while other always go for the hands-on experience. This book is all hands-on experience and lots of it. [more]
Tuesday, 22 April 2003, 1:38 PM CET

Inside Cisco's eavesdropping apparatus
Cisco Systems has created a more efficient and targeted way for police and intelligence agencies to eavesdrop on people whose Internet service provider uses their company's routers. [more]
Tuesday, 22 April 2003, 2:43 AM CET

On cures that are worse than the disease
Which is worst for the Internet: computer viruses, spam that advertises anti-virus products, or clueless anti-spam solutions? [more]
Tuesday, 22 April 2003, 2:41 AM CET

Telephone company trying to collect bills from the victims of hackers
Victims of a telephone hacking swindle are disputing a contention that they are responsible for costly long-distance calls fraudulently made through their voice mail systems. [more]
Tuesday, 22 April 2003, 2:37 AM CET

Melding IT, physical security
Computer Associates, Gemplus and several other companies announced the formation of a group that is working on open specifications and best practices for integrating information security and physical security. [more]
Tuesday, 22 April 2003, 2:35 AM CET

How to use passwords securely
Every day, more and more services and applications require password authentication. For this reason, we will be looking at the risks of using the same password for various services, and we'll go over some tips for making them more secure. [more]
Tuesday, 22 April 2003, 2:04 AM CET

Interview with Billy Barron
The co-author of "Maximum Security 4/e" and an architect and developer at Avatier Corporation for cross-platform products, discusses his writing and other computer security topics. [more]
Tuesday, 22 April 2003, 2:04 AM CET

Trusted Debian v1.0 officially released
The Trusted Debian project aims to create a highly secure but usable Linux platform. To accomplish this, the project will use currently available security solutions for Linux and knit these together to a highly secure Linux platform. [more]
Tuesday, 22 April 2003, 2:03 AM CET

SANS Webcast - "Legal Liability for Information Security"
SANS brings another complimentary webcast on Wednesday, April 23rd at 1pm EST (1800 UTC) entitled Legal Liability for Information Security: Ask the Experts. [more]
Monday, 21 April 2003, 4:23 PM CET

ACM Workshop on Wireless Security RFP announced
The objective of this workshop is to bring together researchers from the different research communities in wireless networking, security, and dependability, with the goal of fostering interaction among them. [more]
Monday, 21 April 2003, 4:18 PM CET

Cyberstalking is increasing
Cyberstalking is increasing across America according to a study released by Wired Safety, an online safety and help group. [more]
Monday, 21 April 2003, 3:27 PM CET

Securing digital content
As Microsoft prepares to release the beta version of its controversial Rights Management Services, a security company has been working on technology that could trump Microsoft's and make it easier for companies to control digital content. [more]
Monday, 21 April 2003, 3:16 PM CET

HP cements the Bastille
Hewlett-Packard has released Version 2.0 of the Bastille security tool and a new Install-Time Security product for its HP-UX operating system. [more]
Monday, 21 April 2003, 10:05 AM CET

Securing 802.11 transmissions
The deployment of various wireless LANs and Wi-Fi networks or configurations are under consideration by many organizations, and network security is a major concern. [more]
Monday, 21 April 2003, 10:00 AM CET

Office workers give away passwords for a cheap pen
Workers are prepared to give away their passwords for a cheap pen, according to a somewhat unscientific - but still illuminating - survey published today. [more]
Monday, 21 April 2003, 9:57 AM CET

Films altered to foil camcorder pirates
Hollywood sends enforcers with night-vision goggles into movie theaters and puts metal detectors outside advance screening rooms, but still the industry can't stop pirates from recording films. So the movie industry is trying to fight back with a high-tech solution of its own. [more]
Monday, 21 April 2003, 9:55 AM CET

Understanding Solaris 9 directory services
This article examines the differences between the Solaris 8 Operating Environment (Solaris OE) Lightweight Directory Access Protocol (LDAP) Client and the Solaris 9 OE Secured LDAP Client, and explains how to support them on the same directory server. [more]
Monday, 21 April 2003, 9:52 AM CET

Interview with Andrew G. Mason
The author of "Cisco Secure Virtual Private Networks" and "Cisco Secure Internet Security Solutions" talks about his writing and general security issues. [more]
Monday, 21 April 2003, 9:44 AM CET

HNS Newsletter Issue 158 has been released
Get it in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is brought to you by Surfcontrol. Stop Spam Now - Free SurfControl E-mail Filter Trial. [more]
Monday, 21 April 2003, 9:37 AM CET

Book Review - Cisco Secure Internet Security Solutions
Cisco Systems is a huge organization and their products are used in a huge number of companies around the globe. Besides the general networking equipment, Cisco is well known for their line of security products. This book gives an overview of the complete Cisco security solutions product line. [more]
Friday, 18 April 2003, 2:37 PM CET

Centrally managed network security: hope or reality?
The best hope for a security solution that protects enterprise-wide networks while allowing for centralized management is the emergence of standards. Security standards like DCE, Kerberos, SAML, elements of IPv6 and others continue to be the Holy Grail for which we wait. [more]
Friday, 18 April 2003, 2:36 PM CET

Linux antivirus software?
There are probably hundreds, if not thousands, of viruses that affect Windows systems. As far as I know, there are no viruses in the wild that attack Linux desktop software. [more]
Friday, 18 April 2003, 12:44 PM CET

Securing your digital rights
Think digital rights management is an issue just for the entertainment industry? Think again. Any enterprise that has gone online with its intellectual property needs to worry about DRM. [more]
Friday, 18 April 2003, 12:26 PM CET

Blackboard gets gag order against smart-card hackers
A D.C.-based company that sells a "smart card" network used on more than 200 college campuses has blocked two students from publicly describing how to override the system to circumvent building security, obtain free soft drinks and avoid paying for laundry. [more]
Friday, 18 April 2003, 12:24 PM CET

Wireless security grabs spotlight
Companies offering products to secure content stored on wireless devices are out in force at this year's RSA Security Conference, underscoring companies' increased urgency in addressing the security threats posed by mobile workers. [more]
Friday, 18 April 2003, 12:08 PM CET

No security secrets
The secret to managing your company's security is that there is no secret - it all comes down to your employees. [more]
Friday, 18 April 2003, 12:07 PM CET

Getting realistic in the war on hackers
Give up on the notion that computer security can be improved by putting more people in prison, argues Jon Lasser, SecurityFocus columnist. [more]
Friday, 18 April 2003, 12:06 PM CET

Statistical-based intrusion detection
This article will examine statistical-based intrusion detection systems, which alert on anomalous network behaviour, thus providing better monitoring for zero-day exploits than traditional IDS. [more]
Friday, 18 April 2003, 11:51 AM CET

Can instant messaging really be safe?
As IM fever engulfs business, pricey products promise to secure it. [more]
Friday, 18 April 2003, 11:34 AM CET

Necessary censorship: web filtering with open source
In some cases and for some audiences, relying on the human safeguard isn't facing reality. Here are some tools you can use in those cases. [more]
Thursday, 17 April 2003, 6:25 PM CET

Book review - Security in Computing 3/e
This senior/graduate level textbook will give you a good foundation in computer security. The targeted audiences of this book are computer scientists, college students, software engineers and managers that want to broader their knowledge. [more]
Thursday, 17 April 2003, 5:44 PM CET

Linux Security: Kinds of Encryption
This excerpt from Mark Sobell's book "A Practical Guide to Red Hat Linux 8" provides an overview of the complexity of setting up and maintaining a secure system. [more]
Thursday, 17 April 2003, 2:15 PM CET

Adobe Acrobat 6.0 strengthens electronic document security
Besides the standard password protection schemes, users now have the ability to encrypt a document using both Public Key Infrastructure (PKI) and Lightweight Directory Access Protocol (LDAP). [more]
Thursday, 17 April 2003, 2:14 PM CET

Online credit and debit card security report
Independent market analyst Datamonitor, released a new report focused on the situation of online credit and debit card security. The report covers the past, present and future of the card scheme security initiatives. [more]
Thursday, 17 April 2003, 2:09 PM CET

NSA turns to Canada for wireless security
Candadian firm Certicom is working with NSA to research and develop advanced encryption technology and tools for protecting classified information. [more]
Thursday, 17 April 2003, 1:54 PM CET

Trusted computing comes with a warning
Cryptographers and security firms took opposite sides over the potential privacy dangers of trusted computing, an initiative to use encryption to secure information from hackers and, in some cases, the PC's user. [more]
Thursday, 17 April 2003, 11:50 AM CET

Use a honeypot, go to prison?
Using a honeypot to detect and surveil computer intruders might put you on the working end of federal wiretapping beef, or even get you sued by the next hacker that sticks his nose in the trap. [more]
Thursday, 17 April 2003, 11:45 AM CET

Feds mull IT disclosure
Momentum is building in Washington to require all public companies to annually report the performance of their IT security initiatives, not just the financial services and health care industries that face scrutiny now. [more]
Thursday, 17 April 2003, 11:39 AM CET

Little action in war on cyber terrorism
At a time when war in Iraq has heightened fears of terrorism, the technology industry is not moving quickly enough to guard against intrusions from hackers, identity thieves and more concerted attacks by rogue governments, computer experts said. [more]
Thursday, 17 April 2003, 11:35 AM CET

Sun polishes network computer security
Sun Microsystems has introduced two improved Sun Crypto Accelerator (SCA) boards. [more]
Thursday, 17 April 2003, 11:32 AM CET

Australia mulls global antispam effort
Australia should work aggressively with international organizations and other nations to curb spam, a new report from the country's technology agency recommends. [more]
Thursday, 17 April 2003, 11:28 AM CET

Cryptographers sound warnings on Microsoft security plan
Just three weeks before Microsoft Corp. publicly details plans to create a secure operating mode for Windows PCs, two top cryptographers have raised concerns about Microsoft's approach. [more]
Wednesday, 16 April 2003, 4:41 PM CET

Evolving standards drive wireless security
The WLAN industry has been dogged by too many security standards and this has led to a proliferation of solutions, a new study by international consulting firm Frost and Sullivan has found. [more]
Wednesday, 16 April 2003, 4:32 PM CET

The virus threat to Linux talks with CEO Keith Peer of top Linux antivirus vendor Central Command to discover where vulnerabilities exist, the cost to companies, and the growing interest in Linux from virus writers. [more]
Wednesday, 16 April 2003, 12:31 PM CET

US court bars security speakers
A pair of students were blocked by a federal court from presenting information at a Georgia security and hackers' conference on how to break into and modify a university electronic transactions system. [more]
Wednesday, 16 April 2003, 12:31 PM CET

Security biz thrives on fear
One of the peculiar traits of the computer security industry is that, generally speaking, no one takes much interest in it unless they are actually feeling insecure. [more]
Wednesday, 16 April 2003, 12:30 PM CET

Da Vinci: father of cryptography?
Ever looked at the Mona Lisa and wondered why he's got such a goofy grin? Yes, we do mean he. [more]
Wednesday, 16 April 2003, 12:29 PM CET

Debate: should you hire a hacker?
Should corporations hire known hackers with criminal records to test and secure their networks? [more]
Wednesday, 16 April 2003, 12:28 PM CET

What's the biggest security problem?
Experts, hackers debate cyberterror, digital teens, and holey software. [more]
Wednesday, 16 April 2003, 12:27 PM CET

Cybersecurity gets auditing push at RSA
Auditing firms Deloitte and Touche, KPMG, PricewaterhouseCoopers, and Ernst and Young joined White House Cyber Security Advisor Howard Schmidt at the RSA Conference to drum up support for stepped up public and private efforts to help secure the nationís information infrastructure. [more]
Wednesday, 16 April 2003, 12:25 PM CET

Tuning and optimizing Red Hat Linux Advanced Server for Oracle9i Database
The following procedure is a step-by-step guide with tips and information for tuning and optimizing Red Hat Linux Advanced Server for Oracle9i. [more]
Wednesday, 16 April 2003, 12:20 PM CET

PKI... Why go through the hassle?
If the web is to achieve its true potential, it is important that the right technological infrastructure is in place. Public Key Infrastructure enabled by cryptography provides a secure basis. Digital signatures use public key infrastructure. [more]
Tuesday, 15 April 2003, 3:00 PM CET

Interview with Scott Hawkins
The author of "Essential Apache for Web Professionals" talks about his book and general Apache security issues. [more]
Tuesday, 15 April 2003, 12:59 PM CET

Economic worries slow security efforts
Better attendance and more exhibitors than last year are evident at the annual RSA conference on security here this week, demonstrating the priority of this topic. [more]
Tuesday, 15 April 2003, 3:23 AM CET

Improve Linux performance
Cameron Laird presents a collection of useful examples that are apt models for the sorts of performance problems likely to arise in your own application development. [more]
Tuesday, 15 April 2003, 12:58 AM CET

RSA unveils Nightingale technology
RSA Security unveiled a new technology for protecting sensitive corporate data. [more]
Tuesday, 15 April 2003, 12:53 AM CET

How to automate a DoS attack using the Post Office
Fancy taking revenge on someone you don't like by deluging someone with junk mail? [more]
Tuesday, 15 April 2003, 12:51 AM CET

IT confidential: if privacy's a contract, who's the winner?
Italian retailer Benetton Group appears to be backing off its ambitious plan to implement radio-frequency identification technology. [more]
Tuesday, 15 April 2003, 12:43 AM CET

MS maps secure, spam-free Windows
Microsoft will detail a future version of Windows that will make it easier to detect and isolate viruses. [more]
Tuesday, 15 April 2003, 12:42 AM CET

Owners must ensure security remains fundamental
Security in business has never been as crucial as it is now. The risks from both outside and inside the company seem to multiply at an enormous rate and require diligence and understanding on the part of the owner. [more]
Tuesday, 15 April 2003, 12:42 AM CET

CA works on security standards
Computer Associates International (CA) threw its hat into the ring of companies and industry organizations that are advocating security open standards and best practices on Monday. [more]
Tuesday, 15 April 2003, 12:41 AM CET

Wi-Fi security start-up: 'tools not toys'
Trapeze Networks, whose wireless LAN products launch on Monday, joins a crowd of established network vendors and start-ups pitching for the business-grade Wi-Fi market. [more]
Tuesday, 15 April 2003, 12:40 AM CET

HP advances its security agenda
Indicating a strong bent toward ramping up security offerings for adaptable corporate computing environments, the company unveiled a cluster of new security products and services at the RSA Conference. [more]
Tuesday, 15 April 2003, 12:38 AM CET

Review - Fundamentals of UNIX Companion Guide
As mentioned on the book's front cover, this is the only authorized textbook for the UNIX curriculum of the Cisco Networking Academy Program. [more]
Monday, 14 April 2003, 9:36 PM CET

Radical security development rethink urged
Traditional methods for security projects are inadequate, warns expert. [more]
Monday, 14 April 2003, 1:43 PM CET

AU Feds praise "alternative" security conference
The Australian Federal Police are taking firm steps toward forging closer ties with the underground hacking community as evidenced at a recent security conference. [more]
Monday, 14 April 2003, 12:36 PM CET

Software tweak may make operating systems safer
The OpenBSD project is making changes in its latest operating system release that it believes could eliminate a class of security bugs that has plagued computers for decades. [more]
Monday, 14 April 2003, 12:34 PM CET

Check your viral load for bugs
Is your computer stuck in first gear? Does it cough and sputter and crash more often than usual? And, by chance, are you seeing an unusually high number of pop-up ads? [more]
Monday, 14 April 2003, 12:34 PM CET

Security outfits unleash offerings at RSA
Vulnerability management, integration, and authentication technologies will dominate the discussion as a host of security vendors descend on the RSA Conference in San Francisco this week. [more]
Monday, 14 April 2003, 12:24 PM CET

Open source alternative: NetBSD
NetBSD's main claim to fame, so to speak, is its portability. Although ports of Linux are available for several platforms, NetBSD blows the penguin's doors off when it comes to platform support. [more]
Monday, 14 April 2003, 12:00 PM CET

Cryptographic file systems, part two: implementation
This article will cover implementation. The focus will be on implementing the Microsoft's EFS under Windows 2000 and the Linux CryptoAPI. [more]
Monday, 14 April 2003, 11:55 AM CET

Software security firm wins funding
Intellitactics Inc., a software-security company, announced a $6.8 million round of venture capital funding and the relocation of its Canadian headquarters to Bethesda as the company pursues more government business. [more]
Monday, 14 April 2003, 11:54 AM CET

Want to foil hackers? Pick a better password
Here are some guidelines for making your passwords as secure as possible. [more]
Monday, 14 April 2003, 11:52 AM CET

Implementing basic security measures
This article points out some of the steps you need to take if you want to do good for your company by implementing a serious and comprehensive security process. The article does not focus on one operating system, but points out general information on the subject. [more]
Monday, 14 April 2003, 1:46 AM CET

HNS Newsletter Issue 157 has been released
Get it in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is brought to you by Surfcontrol. Stop Spam Now - Free SurfControl E-mail Filter Trial. [more]
Monday, 14 April 2003, 1:07 AM CET

Review - Training Course for Red Hat Linux
This interactive course will certainly introduce Red Hat Linux to a broader audience because it's definitely fun to learn this way. What's very handy is that the end of each lecture you'll be able to test your knowledge with self-assessment questions. [more]
Saturday, 12 April 2003, 12:52 PM CET

RSA Security launches Developer Central Web site
RSA Security announced a grand opening of RSA Developer Central, a new web site concentrated on the content geared towards Information Security software developers. [more]
Saturday, 12 April 2003, 1:38 AM CET

Few takers for security outsourcing
As one analyst group predicts a boom in outsourcing, another says that few firms are prepared to hand over the security of their IT systems. [more]
Friday, 11 April 2003, 8:50 PM CET

Tech on privacy: offender or defender?
Although modern technology created many of society's most pressing threats to privacy, a group of researchers is out to prove that it is also the greatest defender of civil liberties. [more]
Friday, 11 April 2003, 7:27 PM CET

New Yorkers face off in spam spat
A new anti-spam law pending in New York would fine senders of unsolicited e-mail sales pitches up to $500 for each message. The insurance industry says the bill gives ISPs too much power, and could prevent insurers from sending "important e-mail" to their customers. [more]
Friday, 11 April 2003, 7:24 PM CET

Gartner tips top 11 cyberthreat issues
Gartner said 11 looming issues should compel companies to dig through the promotional tip ≠ and each came with its own bugbears. [more]
Friday, 11 April 2003, 9:13 AM CET

New charges over web bank scam
Eleven new charges relating to a $27,840 swindle in which users of an online banking site were persuaded to send their security passwords to an imposter were laid in court yesterday. [more]
Friday, 11 April 2003, 9:11 AM CET

Book review: Hacker's Challenge 2
There is a number of ways to write a security related book, and from my perspective the authors did a great job. By combining both the technical security issues with nifty situation descriptions, they created a book so interesting, that you won't be able to put it down. [more]
Thursday, 10 April 2003, 6:14 PM CET

Interview with Scott Barman
The author "Writing Information Security Policies" talks about his book and general security topics. [more]
Thursday, 10 April 2003, 5:44 PM CET

ACLU loses first DMCA challenge
The American Civil Liberties Union on Wednesday lost its first attempt to challenge a controversial 1998 copyright law. [more]
Thursday, 10 April 2003, 3:38 PM CET

Steganography revealed
This article will offer a brief introductory discussion of steganography: what it is, how it can be used, and the true implications it can have on information security. [more]
Thursday, 10 April 2003, 3:06 PM CET

Companies just have to spend on security, says DataPro
In today's digital economy, where knowledge and information-based business is what it is all about, the need to establish and maintain high levels of security has never been more imperative - and this importance is only going to increase. [more]
Thursday, 10 April 2003, 3:04 PM CET

Physical and tech security should merge
Enterprises need closer collaboration between their physical and IT security teams in order to cut costs and improve communications. [more]
Thursday, 10 April 2003, 2:56 PM CET

Catapult Communications supports network security tests
Catapult Communications Corporation announced support for a SIP (Session Initiation Protocol) test suite that has been sanctioned by the CERT Coordination Center. [more]
Thursday, 10 April 2003, 2:42 PM CET

Hoaxster hacker discovers infinite-wealth algorithm
Hacker stunt-double and convicted financial fraudster Kim Schmitz (aka Kimble) is up to his old tricks, this time with a package of techno trickery for making a killing in the stock market. [more]
Thursday, 10 April 2003, 2:11 PM CET

Internal threats: keep an eye on the back door
Systems are far more susceptible to internal threats than most companies realise. From a security point of view, businesses tend to overlook this aspect and concentrate on guarding against external threats. [more]
Thursday, 10 April 2003, 2:01 PM CET

Getting to know FreeBSD 5.0
Here's an overview of FreeBSD 5.0. The author of the article notes: "Speed and stability are two keywords that describe FreeBSD with great accuracy." [more]
Thursday, 10 April 2003, 11:34 AM CET

Encryption, hashing, and obfuscation
Encryption and one-way hashing have been part of passive-data protection for many years. With the advent of dynamically-linked, intermediately-compiled languages such as Java and C#, the research into obfuscation is sure to increase. [more]
Thursday, 10 April 2003, 11:27 AM CET

Researchers infiltrate denial of service networks
Security researchers have been infiltrating denial of service 'botnets' in order to study a remarkably affective Distributed Denial of Service (DDoS) technique. [more]
Thursday, 10 April 2003, 11:23 AM CET

Internet fraud complaints tripled in 2002
Fraud on the Internet rose sharply in 2002, with the FBI reporting more than 48,000 complaints referred to prosecutors - triple the number of the year before. [more]
Thursday, 10 April 2003, 11:21 AM CET

US Govt. moving too slowly on cybersecurity
President Bush's former cybersecurity adviser came out swinging in testimony before Congress this week, saying that the Department of Homeland Security is moving too slowly to safeguard the nation's information infrastructure. [more]
Wednesday, 9 April 2003, 11:28 PM CET

US Army buys virus blocker
The Army's Chief Technology Office is using a trio of products from Trend Micro to help protect the more than 1.1 million Army Knowledge Online (AKO) users from viruses, malicious content and spam. [more]
Wednesday, 9 April 2003, 11:27 PM CET

Business continuity - more than simply recovering from a disaster
It is wrong to think that Business Continuity is all about having back-up computers in the event of a disaster. Read about what turns an IT-centred Disaster recovery plan into a true Business Continuity plan. [more]
Wednesday, 9 April 2003, 8:16 PM CET

A quick way to secure a Linux system
In this article, Paul Christensen shows you some basic security measures you can implement to make your Linux system more secure. [more]
Wednesday, 9 April 2003, 7:26 PM CET

Mass-market authentication
Security technology can ensure that you keep what's yours while enabling you to get on with life, letting technology take care of the details. Strong authentication of users that is both easy to use and cost-effective is the answer. [more]
Wednesday, 9 April 2003, 7:25 PM CET

Porting the PF stateful packet filter
The upcoming release of OpenBSD 3.3 on May 1'st will include, among many other improvements, a notably enhanced version of PF, OpenBSD's stateful packet filter. [more]
Wednesday, 9 April 2003, 6:33 PM CET

Security holes: patch and pray?
IT pros know firsthand the pain of patching vulnerable software. With bulletins coming as frequently as once every five days or up to 80 times a year (depending on the study), they may feel as if they're drowning in a sea of notifications. [more]
Wednesday, 9 April 2003, 6:29 PM CET

Nokia to detail e-mail security scheme at conference
Nokia's Internet Communications Division will release first details on it's Message Protector architecture at the RSA Security Conference in San Francisco. [more]
Wednesday, 9 April 2003, 4:46 PM CET

Digital Defense regrets Samba disclosure
Digital Defense apologizes for prematurely disclosing the code needed to take advantage of a serious vulnerability in open-source file-sharing program. [more]
Wednesday, 9 April 2003, 1:46 PM CET

Antispam activist claims court victory
An antispam activist who posted a purported spammer's contact information on his Web site is claiming a legal victory. [more]
Wednesday, 9 April 2003, 1:45 PM CET

New wireless security: why you should use it
While wireless networks continue to become more affordable and easier to set up, many users (as well as many companies) still have little regard for just how insecure those networks are. [more]
Wednesday, 9 April 2003, 1:44 PM CET

Rolling your own firewall
How to use Pebble, a Debian-lite distribution, to get your homemade firewall up and running. [more]
Wednesday, 9 April 2003, 1:43 PM CET

World's most stupid security measures named and shamed
Privacy International today announced the results of its competition to find the world's most pointless security measures. [more]
Wednesday, 9 April 2003, 1:42 PM CET

Sun touts new security software package: Trusted Solaris
Sun Microsystems will begin offering a security software package to commercial customers that was originally developed for military and government intelligence use. [more]
Wednesday, 9 April 2003, 1:37 PM CET

Specter: a commercial honeypot solution for Windows
In this paper we will look at a different honeypot, the commercially supported solution, Specter. [more]
Wednesday, 9 April 2003, 1:32 PM CET

Linux Shadow Password HOWTO author dies at age 38
Mike Jackson, Linux Shadow Password HOWTO author, passed away on Friday, March 28th at the young age of 38. The Linux community has lost a great friend and advocate. [more]
Tuesday, 8 April 2003, 2:13 PM CET

Inside the world of secure operating systems
On a normal system, if an attacker gains root or administrator access, he or she can run rampant. Not so on a trusted system - at least so long as it is properly configured. [more]
Tuesday, 8 April 2003, 2:10 PM CET

Linux forensics
This article explains how to use Linux VMware and SMART to create a virtual computer to recreate a suspect's computer. [more]
Tuesday, 8 April 2003, 2:04 PM CET

Top five virus protection tips
Keep yourself virus-free or you may face some crippling computer hassles. [more]
Tuesday, 8 April 2003, 11:51 AM CET

Point-to-point encryption for preserving privacy
This article describes a simple method of encrypting traffic as it travels across a potentially hostile LAN. [more]
Tuesday, 8 April 2003, 11:48 AM CET

Porn spam--legal minefield for employers
Lewd e-mail promoting pornography may soon pose more than just a technical challenge in the ongoing fight against spam--experts say it's set to become an acute legal problem, too. [more]
Tuesday, 8 April 2003, 2:48 AM CET

Host Intrusion-Prevention software market expected to grow
The increasing threat of virus and hacker attacks is expected to drive the market for security software that acts as a gate to a computer's operating system kernel. [more]
Tuesday, 8 April 2003, 2:46 AM CET

ISS Revises Security Incident Numbers
Internet Security Systems on Monday revised its take on the increase in security incidents and attacks to account for an error introduced in a report TechWeb reported last Friday. [more]
Tuesday, 8 April 2003, 2:38 AM CET

Book Review - IT Security: Risking the Corporation
What you get here is excellent advice packed into a book that's easy to follow and whose examples will certainly stick in your memory. [more]
Tuesday, 8 April 2003, 1:36 AM CET

WLAN security: reducing the risks
Therein lies the Wi-Fi rub. Even as enterprises equip their employees with Smartphones, PDAs, and wireless laptops, the data traversing the wireless LAN can be intercepted all too easily. [more]
Tuesday, 8 April 2003, 1:35 AM CET

PDA security 101
Users are increasingly relying on PDAs to check e-mail, surf the Web, and a variety of other tasks. When you use PDAs for online tasks they become just as vulnerable as desktop systems to viruses, mobile code exploits, and other threats. What should organizations do to make keep their PDA users safe from the threats of the Internet? [more]
Tuesday, 8 April 2003, 1:27 AM CET

Hardware-based SSL certificates
VeriSign and hardware encryption specialist nCipher are coming to market with hardware-based SSL Certificates, designed to boost protection against online data theft and Web site spoofing. [more]
Tuesday, 8 April 2003, 1:25 AM CET

Symbol Tech. enhances wireless security on handhelds
Symbol Technologies today announced that it has integrated the Federal Information Processing Standard for cryptography (FIPS 140-2) into its line of wireless mobile computing devices. [more]
Monday, 7 April 2003, 9:36 PM CET

Security start-up to block Trojans
Start-up WholeSecurity debuts this week with Web server software designed to prevent remote-access Trojans or eavesdropping software from penetrating networks during e-commerce or employee interactions over the Internet. [more]
Monday, 7 April 2003, 9:34 PM CET

Firewalls to be drawn between industry, finance
The Fair Trade Commission (FTC) yesterday made it clear that a strict firewall will be set up between industrial giants and their financial subsidiaries in a move to prevent conglomerates from abusing financial units for business expansion and controlling the business arms. [more]
Monday, 7 April 2003, 9:31 PM CET

E-mailman turns away spammers
Geller said WhatCounts' mailings are sometimes confused with spam. But the company requires customers to guarantee they'll send e-mail only to people who have requested it. [more]
Monday, 7 April 2003, 9:30 PM CET

Cheap IP takeover
Accomplish IP takeover with ping, bash, and a simple network utility. [more]
Monday, 7 April 2003, 4:59 PM CET

Anyone can be a Google "hacker"
What most of us know about computer hacking we learn from movies, and of course the moviemakers know nothing. [more]
Monday, 7 April 2003, 4:34 PM CET

Hackers Crack UK Wireless Networks
Insecure wireless networks across London are being exploited by hackers on a daily basis exposing businesses to cyber attacks, research by RSA Security revealed today. [more]
Monday, 7 April 2003, 4:29 PM CET

Securing Online Payments
With continuing growth in e-commerce, article focuses on what the major credit card companies, banks, online merchants and their technology partners are doing to increase the security of e-payments. [more]
Monday, 7 April 2003, 4:19 PM CET

Interview with Earl Carter
The author of "Cisco Secure Intrusion Detection System" and member of Cisco's Security Technologies Assessment Team talks about his book and general security issues. [more]
Monday, 7 April 2003, 3:48 PM CET

Iraq Dragged Into The Infamous 419 Scam
Scammers are not just persistent and shameless, but they are opportunistic as well, therefore it is only logical that they would now try to profit from the plight of Iraqis caught in a war. [more]
Monday, 7 April 2003, 3:46 PM CET

QuickSec Toolkit Integration With MontaVista Linux
The SSH QuickSec Toolkit Family is specifically designed to let network device developers and OEMs quickly and easily implement IPSec functionality. [more]
Monday, 7 April 2003, 2:29 PM CET

Online Security Week aims to educate
The online security week run by begins this week. The aim of the week is to educate consumers about online banking to improve security and break stigmas associated with the medium. [more]
Monday, 7 April 2003, 2:05 PM CET

The trails left in Web server logs - and who's seeing them
The privacy advocates and civil libertarians at the 13th annual Computers, Freedom and Privacy conference sometimes seem dwarfed by the enormity of the projects they oppose. [more]
Monday, 7 April 2003, 10:44 AM CET

HNS Newsletter Issue 156 has been released
Get it in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is brought to you by Surfcontrol. Stop Spam Now - Free SurfControl E-mail Filter Trial. [more]
Monday, 7 April 2003, 10:27 AM CET

Securing Linux for Java services
Enterprise Java expert Dennis Sosnoski starts with his view of how Java server technologies fit with Linux, then gives pointers on setting up the Tomcat Java servlet engine on Linux - securely. [more]
Monday, 7 April 2003, 10:19 AM CET

Fear of a Million Big Brothers
The U.S. government's surveillance push isn't the only thing on the minds of privacy advocates this year. Concern is growing about the trails netizens leave in routine Web server logs, and who's seeing them. [more]
Monday, 7 April 2003, 10:15 AM CET

Microsoft Makes a Good Argument for Open Source
It's very hard for me to swallow the idea that Microsoft is unable to come up with a patch for the system. The company has legions of programmers and billions of dollars in the bank. [more]
Monday, 7 April 2003, 10:14 AM CET

Book review: Hacking Exposed Fourth Edition
With every edition this books keeps getting better and better. I can recommend it to anyone interested in computer security, as it will certainly give you a real-world course on the subject. [more]
Friday, 4 April 2003, 7:29 PM CET

Interview with John Chirillo
The author of "Hack Attacks Testing: How to Conduct Your Own Security Audit" talks about his book and computer security in general. [more]
Friday, 4 April 2003, 5:22 PM CET

As Predicted the Spam Problem Rages
As individuals and businesses find themselves choking on ever more spam, it is a good guess that anti-spam solutions are on their way to becoming as ubiquitous as anti-virus solutions. [more]
Friday, 4 April 2003, 1:23 AM CET

Free Linux software will help detect cyber attacks
FloodGuard Alert software can detect a variety of attacks, including distributed denial of service, distributed reflective denial of service, Worm propagation, and other flooding attacks. [more]
Friday, 4 April 2003, 1:18 AM CET

In Search of Network Security
The challenges of managing a user's network identity and multiple, disconnected identities scattered across isolated Internet sites took center stage during Wednesday's keynote at the InfoWorld CTO Forum. [more]
Friday, 4 April 2003, 1:06 AM CET

No Code Is Unbreakable - So What's Good Enough?
When shopping for a new security solution, you should look for a company that backs up its hype with detailed information on how its product works, what algorithms are used and how the product has been tested. [more]
Friday, 4 April 2003, 1:00 AM CET

Worms grow in first part of 2003
The number of security events detected by companies in the first quarter of 2003 jumped nearly 84 percent over the preceding three months, according to a report that ISS plans to release Monday. [more]
Friday, 4 April 2003, 12:59 AM CET

Spam pips viruses as biggest web problem
Spam is overtaking viruses as the biggest pain for businesses using the web. [more]
Friday, 4 April 2003, 12:57 AM CET

Do Privacy Fears Allow Terrorism?
At a gathering of technology and privacy experts, a lawyer for a conservative think tank has one request: Stop the "hysterical cries" over loss of privacy and let the government do what it must to prevent terrorism. [more]
Friday, 4 April 2003, 12:55 AM CET

Warchalking and Other Wireless Worries
Because of the nature of wireless, it's possible that private signals can be picked up by outsiders and they could connect into private WLANs. This has led to the emergence of 'warchalking' and 'wardriving' threats. [more]
Thursday, 3 April 2003, 3:53 PM CET

Book Review: Essential Apache for Web Professionals
If you ever worked with Apache, you probably know that this little package offers great functions and features. This book provides an insight on the Apache stages, from installation to advanced usage. [more]
Thursday, 3 April 2003, 3:48 PM CET

Interview with Mark G. Sobell
The author of "A Practical Guide to Red Hat Linux 8" talks about his book and Linux in general. [more]
Thursday, 3 April 2003, 3:48 PM CET

New Apache 2.0.45 Fixes Denial of Service Vulnerability
The vulnerability information will be disclosed by iDefense on 8 April 2003. Here you can find a partial reprint of the Apache announcement. [more]
Thursday, 3 April 2003, 2:11 PM CET

Spyware: It's Lurking on Your Machine
This article looks at common forms of spyware, spyware delivery methods, and a cross-section of tools you can use to start a spy hunt on your machine. [more]
Thursday, 3 April 2003, 1:57 PM CET

Bugwatch: New assumptions, new problems
Jude O'Reilley, director of product marketing at Aventail, considers solutions to address the new age of remote access in a world where IT may not control the network, user or desktop. [more]
Thursday, 3 April 2003, 12:41 PM CET

Transaction security harming web services
Unsecured networks making widespread use of web services impractical, says report. [more]
Thursday, 3 April 2003, 12:36 PM CET

Firewall + Firewall Policy = Improved Security
The best way to achieve security effectiveness is to design a security policy. This will ensure the integrity of any mission critical device - especially firewalls. Get tips on generating a firewall policy. [more]
Wednesday, 2 April 2003, 4:24 PM CET

LT Auditor+ Security Software Bundled with Novell Netware
Blue Lance announced that a new version of LT Auditor+ has been developed exclusively for Novell and packaged with "Nakoma," the next official release of NetWare. [more]
Wednesday, 2 April 2003, 4:22 PM CET

Domain authentication sets Xandros Desktop apart
The Xandros software development manager talks about domain authentication - one of the essential keys to integrating with, and eventually migrating from, existing Windows networking infrastructures. [more]
Wednesday, 2 April 2003, 4:05 PM CET

U.S. Information Security Law, Part 2
This is the second part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. [more]
Wednesday, 2 April 2003, 2:05 PM CET

WS-I to clear path for Web services security
The Web Services Interoperability Organization (WS-I) has set up a working group to clear a way through overlapping proposals about Web services security. [more]
Wednesday, 2 April 2003, 1:31 PM CET

Is Cyber Terrorism a Serious Threat to Commercial Organizations?
Cyber Terrorism is a hot topic. Unfortunately, the Ďhypeí surrounding the topic is actually doing a disservice to the application of sensible security defences in the commercial and industrial sectors. [more]
Tuesday, 1 April 2003, 1:50 PM CET

Book Review: Hack Attacks Testing
Don't expect that after reading this book you will become a skilled penetration tester, but if you are interested in security audits it will provide introduction into some of the best security tools around. [more]
Tuesday, 1 April 2003, 1:48 PM CET

Interview with Sunil James
The Manager of iDEFENSE's Vulnerability Contributor Program talks about the company and security in general. [more]
Tuesday, 1 April 2003, 12:42 PM CET

Vulnerabilities in the Media - who to trust?
There are a variety of people and entities that publish information about security problems. Who should you trust? [more]
Tuesday, 1 April 2003, 12:24 PM CET

Hacker eyes Xbox reward
The $100,000 reward promised by Lindows founder Michael Robertson could have been won by a hacker who found a buffer overflow flaw in a 007 Xbox game. [more]
Tuesday, 1 April 2003, 11:51 AM CET

The Security Flag in the IPv4 Header
Firewalls and the like often have difficulty distinguishing between malicious and unusual packets. We define a security flag in the IPv4 header as a means of distinguishing the two cases. [more]
Tuesday, 1 April 2003, 11:36 AM CET

Red Hat Linux 9 has been released
With an improved graphical installation, new usability enhancements and end-user applications, Red Hat Linux 9 is designed for students, home computing and technology enthusiasts. [more]
Tuesday, 1 April 2003, 11:06 AM CET

Microsoft bolsters Wi-Fi security in XP
Microsoft Corp will offer users of its Windows XP operating system free upgrades to beef up wireless LAN security. [more]
Tuesday, 1 April 2003, 10:45 AM CET

Encryption backers brace for new threats
Cheating on income taxes or neglecting to pay sales taxes on online shopping could get you 5 extra years in prison if the government succeeds in restricting data-scrambling technology. [more]
Tuesday, 1 April 2003, 10:44 AM CET


Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. Itís not.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Tue, Sep 2nd