Off the Wire

Off The Wire Archive

News items for May 2003

Review - Red Hat Linux Survival Guide
Red Hat Linux is by far the most popular Linux distribution and therefore many books cover it in great detail. This time I went through a book that's not massive in size as others but it still covers a lot of material. Brought to you by the official Red Hat Press, it says to deliver practical advice to get you up and running in no time. Should you get this book? [more]
Friday, 30 May 2003, 1:56 PM CET

Doing it all with OpenSSH, part 1
This is an introduction to doing it all with the secure shell. [more]
Friday, 30 May 2003, 12:10 PM CET

University defends virus-writing class
Safeguards will prevent malicious software from causing problems on the Internet, the school says. [more]
Friday, 30 May 2003, 12:02 PM CET

Top five open source packages for system administrators
This is the final installment of a five-part series in which I introduce my current list of the most useful and widely applicable open source administrative tools. In general, these tools can make your job easier no matter what Unix operating system your computers run. [more]
Friday, 30 May 2003, 11:59 AM CET

Lamo hacks Cingular claims site
Adrian Lamo, the hacker who in the past has exploited security holes at The New York Times and Yahoo, finds a breach at a site where he had access to the records of millions Cingular wireless customers. [more]
Friday, 30 May 2003, 11:54 AM CET

California supremes hear DeCSS case
The Golden State's high court ponders computer code as speech, against warnings that California's economic security is at risk from evil programmers. [more]
Friday, 30 May 2003, 11:51 AM CET

Businesses cut security losses
Greater use of security hardware and software products helped businesses substantially reduce losses due to security incidents, a new survey says. [more]
Friday, 30 May 2003, 11:46 AM CET

Senate Bill 1386 - How does it affect you?
On July 1, 2003, Senate bill 1386 becomes Civil Code 1798.82. In a nutshell, the law states that any person or company doing business in the state of California is responsible for notifying California residents of security breaches to their non-encrypted information. [more]
Friday, 30 May 2003, 11:42 AM CET

Redmond accused of misleading customers
Security researcher Marc Maiffret of eEye digital Security has accused Microsoft of misleading customers in its advisory issued on Wednesday about a vulnerability in Windows Media Services. [more]
Friday, 30 May 2003, 11:38 AM CET

Cisco discussions: wireless security and network management
Cisco's Networking Professional Connection offers a broad range of Cisco IT specific discussions. These technical questions and answers provide lot of practical information on wireless and security topics. [more]
Friday, 30 May 2003, 3:38 AM CET

Palm adds VoIP and security to Tungsten C
Palm said it will team with Meetinghouse Data Communications to make its Aegis WLAN security software available for Tungsten C devices later this summer. [more]
Friday, 30 May 2003, 1:21 AM CET

Microsoft patches more security holes
Microsoft on Wednesday issued a pair of security alerts addressing potential flaws that could make its software vulnerable to attackers. [more]
Friday, 30 May 2003, 1:19 AM CET

Security data project to combat terrorism
Potential IT suppliers must apply for clearance for top-secret initiative. [more]
Thursday, 29 May 2003, 4:29 PM CET

Enlisting the young as white-hat hackers
On a Wednesday evening, in an office suite appointed with Pentium II's and little else, 10 teenagers were doing Andrew Robinson's bidding. Fortified by pizza and soda, they studied a computer system's weaknesses, looking for ways to break in and steal information. [more]
Thursday, 29 May 2003, 4:22 PM CET

Interview with Ivan Arce
The Chief Tehnology Officer of Core Security Technologies discusses the security threats, his top five security tools, importance of penetration testing and information security in general. [more]
Thursday, 29 May 2003, 3:34 PM CET

Apache 2.0.46 released - security and bugfix release
The Apache Software Foundation is pleased to announce the ninth public release of the Apache 2.0 HTTP Server. Of particular note is that 2.0.46 addresses two security vulnerabilities. [more]
Thursday, 29 May 2003, 3:20 PM CET

Centrino, VPN ground some PCs
Some laptop computer owners have discovered an annoying quirk with their machines: Whenever users install certain Nortel security software, their computers' screens turn blue and the laptops cease to work. [more]
Thursday, 29 May 2003, 1:25 PM CET

New head at Microsoft Security Response Center
Steve Lipner, Microsoft's director of security engineering strategy, has handed over responsibility for the MSRC to Kevin Kean, an industry veteran who joined Microsoft as group product manager for management and communications products in 1996, Microsoft said in a statement. [more]
Thursday, 29 May 2003, 1:22 PM CET

Taking the offensive on identity theft
Catch Me If You Can wasn't just a hit at the movies this winter. It's also the modus operandi of a growing band of street criminals and their hacker allies who trade in consumer credit card information, Social Security numbers and other confidential data that are stored inside organizations and wash across millions of Web sites every day. [more]
Thursday, 29 May 2003, 1:22 PM CET

Apple takes aim at music piracy
Updated ITunes software disables certain sharing features. [more]
Thursday, 29 May 2003, 1:13 PM CET

Malware myths and misinformation part 2
This article is the second of a three-part series looking at some of the myths and misconceptions that undermine anti-virus protection. [more]
Thursday, 29 May 2003, 1:13 PM CET

PGP encryption proves powerful
If the police and FBI can't crack the code, is the technology too strong? [more]
Thursday, 29 May 2003, 1:11 PM CET

'Too much cyber security' at CIA
While other government agencies struggle with their cyber security practices, the Central Intelligence Agency apparently suffers from the opposite problem: too much security - according to a recent study of the agency's use of information technology. [more]
Thursday, 29 May 2003, 1:08 PM CET

'Hacking the XBox' - cult classic or crime?
"Only technology that allows you to hack copyright is covered by the DMCA, not information. If [Huang] were providing a box, then that would be actionable, but information on how to do it is not." [more]
Thursday, 29 May 2003, 1:06 PM CET

RSA Security 2003 IT security survey presented
The Emmes Group conducted an in-depth market research survey at the RSA 2003 Conference in San Francisco. The survey results indicate that the majority of respondents plan security purchases within one year. [more]
Wednesday, 28 May 2003, 10:31 PM CET

Review - The Complete Wireless Internet and Mobile Business Programming Training Course
As technology is progressing rapidly, topics like mobile business and mobile commerce receive a lot of attention. Wireless technologies allow organizations to reach new markets, so a number of companies are seeing the possibilities and potentials of mobile platforms as an important part of the e-commerce sphere. Today we take a look at the PTG training course dealing with mobile business and programming. [more]
Wednesday, 28 May 2003, 10:31 PM CET

Web app firewalls toughen up
With a pressing need to do more to protect Web applications from attack, IT staff can turn to a new class of specialized firewalls that do a great deal to protect Web servers, Web applications, and connected internal servers and databases from attack. [more]
Wednesday, 28 May 2003, 5:55 PM CET

OMB says fed security systems improving
Agencies making progress in identifying vulnerabilities but increased reviews have also revealed new threats. [more]
Wednesday, 28 May 2003, 5:55 PM CET

The dangers of neglecting identity management
Many Global 2000 companies are suffering from serious security vulnerabilities and operational inefficiencies because of a lack of secure identity management, according to a new study by Stanford University and Hong Kong University of Science and Technology. [more]
Wednesday, 28 May 2003, 3:38 PM CET

Wireless, web services dominate security interests
In a new weekly tally of white-paper downloads from the ITPapers service, wireless networks and Web services dominate. [more]
Wednesday, 28 May 2003, 3:36 PM CET

Microsoft XP security update flawed
Microsoft has withdrawn a security update for Windows XP after discovering that it switched off Internet connections for some of the 600,000 users who downloaded and installed it. [more]
Wednesday, 28 May 2003, 2:46 PM CET

AirTraf security
One of the things to pay attention to with wireless security is the usefulness of a site survey. Here, Victor Marks talks about conducting such a survey without having to buy a horrendously expensive software package, and getting immediate feedback and the most effectiveness. [more]
Wednesday, 28 May 2003, 2:42 PM CET

ISS adds 'virtual' patching
The upgrade aims to ease IT security. [more]
Wednesday, 28 May 2003, 2:32 PM CET

Symantec to provide US DOD with threat info
A deal between Symantec and the U.S. Department of Defense will provide the U.S. government with intelligence gathered from Symantec's DeepSight threat and vulnerability alert services. [more]
Wednesday, 28 May 2003, 2:31 PM CET

Police provide PR help
UK's National High Tech Crime Unit wants more firms to report computer crimes, offering in return help with negative publicity. [more]
Tuesday, 27 May 2003, 4:16 PM CET

ARM adding hardware-based security to its cores
Chip designer ARM Ltd. Tuesday said it will add extensions to its processor core next year that incorporate hardware-based security technologies. [more]
Tuesday, 27 May 2003, 4:02 PM CET

Build a cross-platform test network
This tutorial shows how to combine Samba and GRUB to build a compact, highly adaptable, cross-platform test network, capable of booting and networking a large number of operating systems on a small number of machines. [more]
Tuesday, 27 May 2003, 3:55 PM CET

Setting up SuSE for wireless networking
I was excited to set up my copy of SuSE Linux Professional 8.2 on a machine I'm planning to use for testing. Everything went smoothly except for installation of the Orinoco Silver PC Card network adapter. Several hours and unsuccessful tacks later, I can claim victory, and maybe save you time if you tackle the same task. [more]
Tuesday, 27 May 2003, 3:51 PM CET

Adventures with Kerberos, CVS, and GSS-API
Jennifer Vesperman, author of the upcoming Essential CVS, recently tried to make her CVS installation use Kerberos authentication. She describes how she went about integrating the two in this article. [more]
Tuesday, 27 May 2003, 3:40 PM CET

You can catch more spies with honey
Honeypots and honeynets can take the sting out of hacker attacks. [more]
Tuesday, 27 May 2003, 3:39 PM CET

Software tracks down stolen PCs
Pilfering a PC may become less appealing, if software makers Phoenix Technologies and Softex have their way. [more]
Tuesday, 27 May 2003, 3:34 PM CET

Conducting a security audit: an introductory overview
This article will offer a brief overview of security audits: what they are, why they are important, and how they are conducted. [more]
Tuesday, 27 May 2003, 12:53 PM CET

Over 70 percent of businesses are hacked
A survey has found that three-quarters of businesses in Asia have suffered from network intrusions in the past, says market research firm IDC. [more]
Tuesday, 27 May 2003, 12:49 PM CET

Hackers inspired by Iraq war
The war in Iraq appears to have prompted a jump in the number of attacks disrupting internet sites to record levels. [more]
Tuesday, 27 May 2003, 12:48 PM CET

Key iterations and cryptographic salts
The following document discusses the use of key iterations and cryptographic salts to stop dictionary attacks in password based encryption (symmetric cryptography). [more]
Monday, 26 May 2003, 6:25 PM CET

AVIEN reaction on computer viruses university course
Members of the Anti-Virus Information Exchange Network reacted with dismay today when they were informed of the intention of University of Calgary Professor Dr. John Aycock to teach the creation of malware as part of a course on Computer Viruses and Malware. [more]
Monday, 26 May 2003, 6:24 PM CET

Which is buggier - Windows or Linux?
Which operating system - Windows or Linux - deserves the dubious title, "Most Prone to Bugs and Security Problems"? [more]
Monday, 26 May 2003, 6:02 PM CET

Feds to open cyber-security ops center
Officials at the department of Homeland Security plan to announce this week the establishment of a national cyber-security center, which brings all the department's information security assets under one umbrella, according to people briefed on the plan. [more]
Monday, 26 May 2003, 5:59 PM CET

GIDIS Trusted Linux: A MLS Linux version
GIDIS Trusted Linux is a security enhanced version of Linux which descends from Lisex. [more]
Monday, 26 May 2003, 5:59 PM CET

The top 10 Wireless LAN policy violations
With a broad base of customers that includes more than 50 Blue Chip companies and large government agencies, AirDefense collected data to compile the 10 most common wireless LAN policy violations. [more]
Monday, 26 May 2003, 5:42 PM CET

Review - The Windows XP/2000 Answer Book
The examples in this book are organized very well for easy access. This is a perfect reference guide both for system administrators and home users that want to solve problems without wasting time searching for the answers. [more]
Monday, 26 May 2003, 5:25 PM CET

Trend Micro bug preys on "P"
Trend Micro's antispam software recently took issue with the letter "P." [more]
Monday, 26 May 2003, 5:06 PM CET

Introducing new wireless security
Emerging standards plug holes, strengthen encryption. [more]
Monday, 26 May 2003, 3:51 PM CET

Geeky legal beagles nail spammers
A team of tech-savvy lawyers is gunning for spammers and software companies that commit fraud and foist incomprehensible software licenses on consumers. New York State Attorney General Eliot Spitzer uses old laws in new ways to fight for consumers' rights. [more]
Monday, 26 May 2003, 3:49 PM CET

Cyber insurance between the lines
Your company may already have insurance against computer attacks and electronic sabotage, without even knowing it. [more]
Monday, 26 May 2003, 3:48 PM CET

PGP hints at secure instant messaging
The chief executive of PGP Corporation, Phillip Dunkelberger, has hinted the company will release a secure instant messaging application following the re-launch of the brand in June last year. [more]
Monday, 26 May 2003, 3:47 PM CET

Cyber-crime crackdown
The newly minted Australian High Tech Crime Centre could collect its first when a 17-year-old faces the Adelaide Youth Court charged with a single count of illicitly receiving $4890 from an ANZ customer's internet banking account. [more]
Monday, 26 May 2003, 3:44 PM CET

HNS Newsletter Issue 163 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 26 May 2003, 8:02 AM CET

Review - IPSec Second Edition
IPSec is short for IP Security, a set of protocols developed by the Internet Engineering Task Force, is used to secure exchange of packets at the IP layer. If you're interested in the subject than you'll be glad to know that the second edition of IPSec is out. What does this edition deliver? Read on to find out. [more]
Friday, 23 May 2003, 5:27 PM CET

Installing and securing Red Hat Linux
This article details the steps required to install Red Hat Linux on a production server. [more]
Friday, 23 May 2003, 9:36 AM CET

Congress slams spam
A broad international effort is needed to stop the torrent of junk e-mail that threatens Internet commerce and correspondence. [more]
Friday, 23 May 2003, 9:20 AM CET

Worker vengeance makes its way online
Furious that he'd been fired from the travel agency where he worked, James O'Brien hacked into his former employer's computer system and canceled 60 customers' airline tickets. [more]
Friday, 23 May 2003, 9:12 AM CET

Viruses 101: U of C to teach secrets of cybercrime
Developing malicious software - viruses, worms and Trojan horses - will soon be part of the program for 16 students at the University of Calgary. [more]
Friday, 23 May 2003, 9:09 AM CET

PayPal scam rises again
PayPal users are once again the targets of a hit-and-run e-mail scam aimed at conning them out of their personal and financial information. [more]
Friday, 23 May 2003, 9:04 AM CET

Wireless LAN attacks explained
This white paper outlines how hackers are exploiting vulnerabilities in 802.11 wireless LANs and the widely available wireless hacking tools that are used. [more]
Friday, 23 May 2003, 9:03 AM CET

Palyh worm problems could easily have been avoided
One frequently ignored aspect of corporate antivirus protection is the built-in file filtering facilities that such protection normally includes, and which represents a fundamental feature in mail server antivirus solutions. [more]
Thursday, 22 May 2003, 2:09 PM CET

Unwanted e-mail
Security companies aim to perfect techniques to protect individual and corporate computer users. [more]
Thursday, 22 May 2003, 11:29 AM CET

Try to protect yourself from identity theft
Recent news events have shed light on how easy it is for hackers to steal our identities and ruin our financial lives. Recently, federal authorities reported that they had cracked a ring responsible for the largest case of identity theft in U.S. history. [more]
Thursday, 22 May 2003, 11:23 AM CET

Microsoft and Symantec give Senate recipes for frying spam
In a sign of the difficulty facing federal lawmakers as they craft antispam legislation, Microsoft Chairman Bill Gates and Symantec Corp. CEO John Thompson have offered starkly different plans for combating the problem. [more]
Thursday, 22 May 2003, 11:18 AM CET

Security conference features weird and woeful predictions
The good news: by 2010, computers should match the human brain in processing power. The bad news: by decade’s end, wireless-based viruses, hacking, and security breaches will be a major headache for IT administrators. [more]
Thursday, 22 May 2003, 11:17 AM CET

Cybersecurity and you: five tips every consumer should know
It's no accident that the Bush administration's cybersecurity plan begins with an appeal to home users and small businesses, arguably the least computer security-conscious group of Internet users. [more]
Thursday, 22 May 2003, 11:15 AM CET

Patching Apache
The last thing anyone in the Apache community seems to want is to compromise its open-source roots and cause fragmentation of an extremely popular Web server. But most distributors also want to make money by fine-tuning it to run with their Linux distros. [more]
Thursday, 22 May 2003, 11:13 AM CET

How can we stop the spread of worms?
Banning executable attachments is the first step, security expert says. [more]
Thursday, 22 May 2003, 11:11 AM CET

How secure is Windows Server 2003?
By all indications, Windows Server 2003 is engineered to be more secure than its predecessors. Or is it? [more]
Thursday, 22 May 2003, 11:07 AM CET

Passive network traffic analysis
This article will offer a brief overview of passive network monitoring, which can offer a thorough understanding of the network's topology: what services are available, what operating systems are in use, and what vulnerabilities may be exposed on the network. [more]
Thursday, 22 May 2003, 11:06 AM CET

Anti-terror law used against hackers, thieves
A Justice Department report card on the USA-PATRIOT Act reveals it's not just for terrorists anymore. [more]
Thursday, 22 May 2003, 11:05 AM CET

Review - CCIE Security Exam Certification Guide
The information compressed in this book surely isn't enough to pass the test without any problems, but it provides a notable quantity of knowledge, which will come quite useful during this two-hour written exam. [more]
Wednesday, 21 May 2003, 10:59 PM CET

Interview with Dave Wreski
The founder and CEO of Guardian Digital talks about his company, computer security and Linux in general. [more]
Wednesday, 21 May 2003, 2:07 PM CET

Home network security
This document gives home users an overview of the security risks and countermeasures associated with Internet connectivity. [more]
Wednesday, 21 May 2003, 11:39 AM CET

Virus attacks: home PC users most at risk
In Singapore, home users are the most vulnerable when computer viruses and worms are on a rampage. [more]
Wednesday, 21 May 2003, 11:35 AM CET

You've got spam (very likely from a hijacked computer)
The Flint Hill School, a preparatory academy in Oakton, Virginia, might seem an unlikely place to find an Internet spammer. But late last year, America Online traced a new torrent of spam, or unsolicited e-mail ads, to the school's computer network. [more]
Wednesday, 21 May 2003, 11:29 AM CET

Testers angry over spam-blocking fees
Claiming they helped build a service that was supposed to remain free, beta testers of Cloudmark's spam-blocking system are protesting the launch of the finished version, which costs $3.99 per month. [more]
Wednesday, 21 May 2003, 11:22 AM CET

AU security researchers need legal advice: CERT
The technical head of CERT, Jeff Carpenter, says Australian researchers should familiarise themselves with copyright laws in the context of reverse engineering malicious code to avoid hassles with DMCA-like legislation. [more]
Wednesday, 21 May 2003, 11:18 AM CET

Fizzer virus secrets revealed
The Fizzer virus - which caused havoc on P2P and chat networks - has been decompiled, revealing many of its secrets. [more]
Wednesday, 21 May 2003, 11:13 AM CET

Microsoft's SCO licensing deal 'snubs Linux'
An agreement to license Unix intellectual property from SCO Group is designed to feed the fear, uncertainty and doubt surrounding Linux, industry observers say. [more]
Wednesday, 21 May 2003, 11:11 AM CET

Application security - the next frontier?
Last week Checkpoint confirmed that it is branching out into new areas, notably application security. [more]
Wednesday, 21 May 2003, 11:10 AM CET

Citrix plans Linux due to Windows' fears
Citrix has outlined plans to develop a Linux version of one of its key security products--because customers believe that using Windows servers for access systems exposes them to too many security risks. [more]
Wednesday, 21 May 2003, 11:06 AM CET

Consumers still wary of online security
Even consumers with several years of experience online continue to cite security and privacy features as a key factor in the decision to spend online. [more]
Wednesday, 21 May 2003, 11:05 AM CET

BASEL II: Everyone is in the risk business now
Managing risk used to be straightforward process, but all that is about to change for the world's central banks and their IT departments. [more]
Wednesday, 21 May 2003, 12:18 AM CET

WLAN manager's dilemma
Wireless LANs solve two important problems for network managers. They reduce the cost of LAN infrastructure deployment and enhance client mobility. But they also introduce headaches of their own, especially when it comes to security and management. [more]
Tuesday, 20 May 2003, 6:18 PM CET

I expect it would get Bill's attention
Here it goes again. Microsoft Corp. made the front pages recently for yet another security bug, this time in its Passport authentication service. [more]
Tuesday, 20 May 2003, 6:14 PM CET

Security budgets on the up
Purse-strings are loosening when it comes to IT security, in the financial services sector at least. [more]
Tuesday, 20 May 2003, 6:13 PM CET

Despite U.S. efforts, web crimes thrive
Here in his hometown, Michael is a respected computer programmer. In the United States, he's a wanted man. [more]
Tuesday, 20 May 2003, 6:13 PM CET

E-commerce needs it own security net
For many companies, the protection of brand, reputation and customers, is paramount. The importance of safeguarding these assets in the virtual world of the internet as it is offline. [more]
Tuesday, 20 May 2003, 6:12 PM CET

A spy machine of Darpa's dreams
A defense agency information-gathering project code-named LifeLog looks, to some national security experts and civil libertarians, like a successor to the controversial Total Information Awareness initiative. [more]
Tuesday, 20 May 2003, 6:05 PM CET

Relax, it was a honeypot
A security company cleverly tricks hackers into compromising one of its distribution sites. Really. [more]
Tuesday, 20 May 2003, 5:53 PM CET

Cisco to unveil security products
Lending new credence to the saying, "the more, the merrier," Cisco Systems plans to announce 14 security products and services on Tuesday. [more]
Tuesday, 20 May 2003, 8:40 AM CET

ID harvest scam targets AOL users
Scammers are sending out invitations targeted at AOL members asking them to click on a link, which states that recipients have seven unread email messages. [more]
Monday, 19 May 2003, 11:25 PM CET

Malware myths and misinformation part one
Anti-virus and other industry security researchers are generally a knowledgeable and well-intentioned bunch, but the public voices of the industry are usually drawn not from the research community, but from the marketing department. [more]
Monday, 19 May 2003, 11:23 PM CET

DISA tests wireless LAN products
In March, the Defense Information Systems Agency began evaluating various wireless local-area network products, such as access points, wireless switches and dedicated security software. [more]
Monday, 19 May 2003, 11:20 PM CET

A new fix for wireless woes?
Within months, federal agencies will reap the rewards of the growing wireless local-area network market, as major government contracts begin offering a new class of wireless network gear stamped with much-needed federal certification. [more]
Monday, 19 May 2003, 11:19 PM CET

Infosecurity Europe a highly successful event
Infosecurity Europe proved that the Information security market is going from strength to strength with over 8,800 serious buyers visiting the show, making the 8th Infosecurity Europe the best ever. [more]
Monday, 19 May 2003, 10:29 PM CET

Some sites easy marks for hackers on the Web
There is an epidemic of graffiti on the Internet. The Web sites of Al-Jazeera and Madonna are among the thousands defaced during recent months. [more]
Monday, 19 May 2003, 5:10 PM CET

Security breaches rage through Asia Pacific
Security breaches are running rampant in the Asia Pacific (APAC) region, as findings from Evans Data Corporation indicate that three-quarters of the nearly 600 developers that were surveyed reported at least one violation during 2002. Of that group, two-thirds had three or more security breaches. [more]
Monday, 19 May 2003, 5:08 PM CET

Worm spoofs Microsoft tech support e-mail
New network worm named "Palyh" is spreading via email and local area networks while masquerading an e-mail from Microsoft's technical support. [more]
Monday, 19 May 2003, 5:03 PM CET

Review - TCP/IP Bible
There are tons of books about TCP/IP - some deal with network implementation issues, some with applications, others are about security implications, and still further you can find books on protocol theory and protocol analysis. This book gives you an overview, a starting point on everything there is to know about TCP/IP. [more]
Monday, 19 May 2003, 2:18 PM CET

The sad state of storage security
Storage system security is getting little attention on many levels, according to a recent report from research firm The451. [more]
Monday, 19 May 2003, 11:33 AM CET

IRC administrators may out-hack Fizzer virus
Internet relay chat network administrators have found several possible ways of stopping the Fizzer worm, but they might run afoul of US hacking laws. [more]
Monday, 19 May 2003, 11:31 AM CET

Internet dreams turn to crime
This is a story about how a legitimate business turned into crime. [more]
Monday, 19 May 2003, 7:57 AM CET

Security fears stall Wi-Fi growth
Market slowed by wireless security anxieties, but smaller companies less concerned. [more]
Monday, 19 May 2003, 7:50 AM CET

HNS Newsletter Issue 162 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 19 May 2003, 12:23 AM CET

Review - UNIX: Visual QuickStart Guide, Second Edition
There's a myriad of online documentation and books out there that can help you get into UNIX. This book is different as it concentrates on teaching using a lot of screenshots which makes it one of the best resources for beginners. What does it offer exactly? Read on to find out. [more]
Friday, 16 May 2003, 3:28 PM CET

Interview with Mark Komarinski
The author of the Training Course for Red Hat Linux and Senior Linux System Administrator for Harvard Medical School talks about his work and general Linux issues. [more]
Friday, 16 May 2003, 1:54 PM CET

Security spending rising for data centers, surveys show
As the director of global security at Hewitt Associates LLC, Dan Josephites is taking a multifaceted approach to bolstering defenses at his company, which is the nation’s largest human resources outsourcer. [more]
Friday, 16 May 2003, 12:40 PM CET

Latest addition to hacker toolkits - a light bulb
Java and .Net virtual machines can be prised open with a little ingenuity and hacking tools as crude as a light bulb, according to a pair of Princeton University researchers. [more]
Friday, 16 May 2003, 11:52 AM CET

IM secure(ity)
Most IM systems in use today were designed with scalability in mind, rather than security. [more]
Friday, 16 May 2003, 11:48 AM CET

Administer Linux on the fly
The /proc filesystem is one of Linux's great features, and this article gives you a thorough grounding in some of its most useful aspects. [more]
Friday, 16 May 2003, 11:46 AM CET

Feds prime new antispam weapon
Federal and state law enforcement agencies pledged to take an aggressive new approach to fighting spam: identifying "open relay" mail servers that serve as conduits for massive quantities of junk e-mail. [more]
Friday, 16 May 2003, 11:40 AM CET

Securing Apache: step-by-step
This article shows in a step-by-step fashion, how to install and configure the Apache 1.3.x Web server in order to mitigate or avoid successful break-in when new vulnerabilities in this software are found. [more]
Friday, 16 May 2003, 11:37 AM CET

Wireless cameras: security or snooping?
Wireless surveillance cameras could intrude on consumer privacy, data protection and civil liberty, according to experts. [more]
Friday, 16 May 2003, 11:34 AM CET

Expired domains expose eBay security glitch
eBay's security was called into question twice this week as separate sources reported loopholes in the "log-in" system that allowed hackers to gain access to users' accounts. [more]
Friday, 16 May 2003, 11:32 AM CET

Small firms 'shun' PC security
Britain's small businesses are taking risks with the security of their computer networks, say experts. [more]
Friday, 16 May 2003, 11:30 AM CET

Hackers bigger threat than rogue staff
Survey of financial firms finds 90 per cent of security breaches come from outside. [more]
Friday, 16 May 2003, 11:30 AM CET

Flaw in Fizzer's code reduces a number of infections
Sophos reports that the Fizzer worm, which spreads via email, file-sharing networks and IRC, contains a bug which has reduced its chances of spreading even more widely. [more]
Friday, 16 May 2003, 1:05 AM CET

When bad things happen to good companies
If you don't have a clear cyberincident response plan in place, you risk losing millions of dollars. [more]
Thursday, 15 May 2003, 11:34 AM CET

FTC forum: Internet users want cheap privacy
Internet users want to keep their personal information private, but they want privacy tools to be cheap, easy to use and nearly invisible. [more]
Thursday, 15 May 2003, 11:32 AM CET

Wiping out the data that won't die
The undead cause you problems. Not the ones from horror movies, but the files on your hard drive that you only think you zapped. [more]
Thursday, 15 May 2003, 11:27 AM CET

Credit card scam raises awareness of identity theft
"Identity theft is a major issue." That's the word from Clay Cone, spokesman for First National Bank of Florida, following a recent incident in which an attacker had tapped into the database of an unidentified merchant and retrieved an undisclosed number of Visa card numbers. [more]
Thursday, 15 May 2003, 11:26 AM CET

Puzzles could block mass computer attacks
Setting computers a puzzle could thwart a type of mass computer attack increasingly being used to target websites, say US computer researchers. [more]
Thursday, 15 May 2003, 11:22 AM CET

Is Palladium getting a bad rap?
Privacy experts warn that Microsoft's Next Generation Secure Computing Base, also known as Palladium, could enable content providers to enforce draconian copyright protections. But a Microsoft representative says don't believe the hype. [more]
Thursday, 15 May 2003, 11:16 AM CET

In search of the IT patch master
"There's a false sense of security" once a patch is installed on a network, says Steve Larsen, CEO of BigFix. Over a six- to 12-month period, about 20 percent of machines will become unpatched. [more]
Thursday, 15 May 2003, 11:13 AM CET

Is your wireless network airtight?
I'm sitting with my ThinkPad in a Starbucks near Akasaka. The cafe isn't advertised as a WLAN hot spot, so I'm pleasantly surprised to find myself enjoying high-speed Internet access courtesy of some nearby wireless network... [more]
Thursday, 15 May 2003, 11:12 AM CET

DNSSEC: security for essential network services
How can DNSSEC be implemented to prevent potential future catastrophic attack, and why has it not been widely deployed by the Internet community to date? What are the largest DNS security holes and how can you protect your network? [more]
Thursday, 15 May 2003, 11:09 AM CET

RIAA apologizes for threatening letter
The Recording Industry Association of America apologized Monday to Penn State University for sending an incorrect legal notice of alleged Internet copyright violations. [more]
Thursday, 15 May 2003, 11:06 AM CET

Handbook for Computer Security Incident Response Teams
The document is aimed at aiding the planning, creation and development of CSIRTs: teams trained specifically to deal with IT security incidents. It also describes how teams should interact with other organizations and how sensitive information should be handled. [more]
Wednesday, 14 May 2003, 10:50 PM CET

Review - Deploying License-Free Wireless Wide-Area Networks
This is a very good guide aimed to the IT savvy people interested in planning and deploying broadband wireless WANs and to those who see the obvious advantages of wireless networking. This book provides must-read information on wireless fundamentals and wire-free network planning. [more]
Wednesday, 14 May 2003, 4:07 PM CET

New attack sheds light on virtual machine security flaws
A student researcher has come up with an attack that uses light to thwart the security of Java and .Net virtual machines. [more]
Wednesday, 14 May 2003, 12:42 PM CET

Beware of the new breed of hackers
Bank robbers rarely choose a target at random when planning a heist. They usually have intimate knowledge of their target, scope it out and plan the attack. We see a similar approach now being used on the Internet. [more]
Wednesday, 14 May 2003, 12:40 PM CET

Improving oracle security
Logical Apps offers granular security for Oracle databases. [more]
Wednesday, 14 May 2003, 12:40 PM CET

Hacking 2003 - the new agenda
Bank robbers rarely choose a target at random when planning a heist. They usually have intimate knowledge of their target, scope it out and plan the attack. We see a similar approach now being used on the Internet. [more]
Wednesday, 14 May 2003, 12:35 PM CET

Taiwan braces for Chinese hacker onslaught
Taiwan has stepped up its cyber security measures for fear of an impending attack by a China-based hacker group. [more]
Wednesday, 14 May 2003, 12:33 PM CET

Computerbild discloses security loophole at eBay
A loophole remains open in the security system of the eBay online auction house according to reports by Europe’s largest computer magazine Computerbild. [more]
Wednesday, 14 May 2003, 12:32 PM CET

Linux productivity magazine - Tripwire
This issue of Linux Productivity Magazine is devoted to Tripwire, which can alert you quickly when there's an intrusion. So kick back, relax, enjoy, and remember that if you're an Open Source user, this is your magazine. [more]
Wednesday, 14 May 2003, 12:29 PM CET

Symantec releases Norton Security for Mac
Symantec has released Norton Internet Security 3.0 for Macintosh. The software suite, scheduled to be available in June, now includes a parental control feature that blocks Web sites that are inappropriate for viewing by children. [more]
Wednesday, 14 May 2003, 1:25 AM CET

Spam attempts to scam Bank of America customers
Customers of another bank are being targeted by e-mail scammers attempting to steal account information and other personal data. [more]
Wednesday, 14 May 2003, 1:22 AM CET

OASIS members form Web Application Security technical committee
A newly formed OASIS Web Application Security Technical Committee will attempt to unite industry consensus and provide standards for classifying and responding to web security vulnerabilities. [more]
Wednesday, 14 May 2003, 1:21 AM CET

Linux security: public key and symmetric key encryption
This is an excerpt from "A Practical Guide to Red Hat Linux 8" in which Mark G. Sobell gives you information on encryption. [more]
Tuesday, 13 May 2003, 4:45 PM CET

Antiforensics: the looming arms race
The anticipated release of a Windows-based "antiforensics" tool will likely heat up a simmering arms race between cybersleuths and digital bad guys. [more]
Tuesday, 13 May 2003, 9:51 AM CET

A firewall for all occasions
Packet filters, proxies, stateful inspection--which type of firewall is right for you? [more]
Tuesday, 13 May 2003, 9:48 AM CET

Businesses 'unaware of basic on-line security'
Businesses and other organisations were paying dearly because they did not bother with basic security to protect their on-line dealings, a conference was told today. [more]
Tuesday, 13 May 2003, 9:43 AM CET

Check Point stops attacks at app level
Check Point Software Technologies Ltd. is making a major move into the application security and intrusion prevention markets with a new set of capabilities for its widely deployed FireWall-1 and VPN-1 boxes. [more]
Tuesday, 13 May 2003, 9:43 AM CET

On virus writers
Unemployed virus writers take heart: the recording industry is hiring cyber miscreants to attack its own customers. And we thought you'd never amount to anything. [more]
Tuesday, 13 May 2003, 8:06 AM CET

U.S. information security law, part 3
This is the third part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In this installment, we will look at the basics of the criminal information security law. [more]
Tuesday, 13 May 2003, 8:05 AM CET

Sneaky virus spreading rapidly
A new computer virus is spreading across the internet via e-mail and file-sharing programs, computer security experts have warned. [more]
Tuesday, 13 May 2003, 8:02 AM CET

The infosec matrix
This sci-fi film has a lesson for security pros--we'll never control our systems if we neglect the human element. [more]
Tuesday, 13 May 2003, 8:00 AM CET

Internet identification
We wonder just how many people are familiar with the term "official personal authentication system." [more]
Tuesday, 13 May 2003, 7:58 AM CET

Iran steps up net censorship
Iran has tightened controls on the internet, ordering thousands of websites to be blocked. [more]
Tuesday, 13 May 2003, 7:57 AM CET

Review - Inside the Security Mind
Security is a complex process with dynamic details and in order to make efficient security decisions you need a security mind, and that's exactly what the author helps you develop with this book. [more]
Monday, 12 May 2003, 4:15 PM CET

Trustix Secure Linux 2.0 beta 2 released
Trustix team announced that Trustix Secure Linux 2.0 beta 2 (aka Hurricane) is available for download. As this is a beta release, it is not intended for usage on production servers. [more]
Monday, 12 May 2003, 4:13 PM CET

Before friday comes spamday
Nearly half of all e-mail messages sent are spam, according to research conducted by the British ISP BT Openworld and antivirus firm Brightmail, and the spammers' favorite day to stuff your mailbox is Thursday. [more]
Monday, 12 May 2003, 3:29 PM CET

Tenable's software tracks attacks to network security
For the average person, network security goes on in back rooms where overworked techies study blinking lights and speak in code. The relevance of that world to the daily life of a banker is minimal - except when the system is attacked. [more]
Monday, 12 May 2003, 3:27 PM CET

Recyled credit card numbers pose fraud risk
The use of recycled credit card numbers by UK banks could create loopholes for fraud. [more]
Monday, 12 May 2003, 3:25 PM CET

Smart disk to protect laptops
A new hard disk with an integrated smartcard reader protects files on lost or stolen laptops. [more]
Monday, 12 May 2003, 3:18 PM CET

HNS Newsletter Issue 161 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 12 May 2003, 3:08 PM CET

Jini Starter Kit 2.0 tightens Jini's security framework
Sun Microsystems' new JSK 2.0 incorporates three new specifications: a new programming model and infrastructure for Jini services, a new implementation of Java RMI and several changes to existing Jini tools and utilities. [more]
Saturday, 10 May 2003, 2:33 AM CET

Hot IT areas: WLAN and security
According to the most recent Trendsetter Barometer from PwC, over 60 percent of CEOs of the fastest growing US companies cite wireless LANs and security applications as the IT areas of interest for the coming two to three years. [more]
Saturday, 10 May 2003, 2:31 AM CET

Latest weekly virus report
This week’s report looks at four malicious code: the worms, Sory (W32/Sory), Kickin (W32/Kickin) and Winur (W32/P2P.Winur.C), and the Trojan AOL.Aim (Trj/PSW.AOL.Aim). [more]
Friday, 9 May 2003, 2:51 PM CET

Passport problems could cost Microsoft
Microsoft faces a possible investigation and significant fines for a security lapse that could have exposed the personal information of millions of consumers. [more]
Friday, 9 May 2003, 10:08 AM CET

Knowledge center: a simple test of reactions in a crisis
At the Cyber Security Super Bowl, a simple card game shows that when rules and communications are gone, people react with assumptions and values instilled through training and culture. [more]
Friday, 9 May 2003, 10:04 AM CET

Alleged Fluffi Bunni leader worked for Siemens
The reputed head of an international hacker ring worked in the U.K. offices of Siemens Communications, the company said. [more]
Friday, 9 May 2003, 9:56 AM CET

"Banned" Xbox hacking book selling fast
Too hot for tech publishers, Andrew Huang self-published his comprehensive guide to hacking Microsoft's game console. Weeks before publication, he's already pre-sold half of his initial print run. [more]
Friday, 9 May 2003, 9:52 AM CET

CERT warns of mother's day virus
CERT is warning computer users to beware of a potentially destructive Trojan horse timed to coincide with another holiday. [more]
Friday, 9 May 2003, 9:48 AM CET

Balancing data needs and privacy
It's hard to believe much good will come of the Bush administration's plan for a grandiose surveillance network that would scour trillions of data snippets worldwide hunting for signs of terrorism. [more]
Friday, 9 May 2003, 8:49 AM CET

Microsoft, Best Buy accused of Net scam
A Los Angeles man has filed a proposed class action lawsuit against Best Buy Inc. and Microsoft, accusing them of scamming customers by charging them for online services without their knowledge. [more]
Friday, 9 May 2003, 8:47 AM CET

Guarding your systems with Guardian Digital
The recent release of EnGarde Secure Linux Community Edition reminds us that there are all sorts of Linux flavors out there for the enterprise to sample. [more]
Friday, 9 May 2003, 8:42 AM CET

E-Mail hoax targets First Union customers
A hoax e-mail purporting to come from First Union Bank and attempting to dupe recipients to visit a malicious Web site is making the rounds on the Internet. [more]
Friday, 9 May 2003, 8:05 AM CET

Wanted: top hackers as trackers
Police are offering 20 computer nerds the opportunity to become highly paid spies working for the NSW counter-terrorist unit. [more]
Friday, 9 May 2003, 8:02 AM CET

Review - Hacking Exposed Linux, Second Edition
As the security scene is progressing actively, the books from the Hacking Exposed series receive upgrades in the form of new editions. Today, we take a look at second edition of the acclaimed "Hacking Exposed Linux". [more]
Thursday, 8 May 2003, 4:11 PM CET

Analyst: Security spending shifts to outsourcing by '07
A new study predicts a shift in spending toward security services that will balloon that market to more than $20 billion by 2007. [more]
Thursday, 8 May 2003, 11:48 AM CET

Formatting and reinstalling after a security incident
This article will examine the process of starting over, and more specifically, reinstalling after a security incident. [more]
Thursday, 8 May 2003, 11:47 AM CET

Phreaks threaten voice IP security
Increasing use of voice-over-IP technology could result in a return to "phreaking" - hacking of telephony systems to make free calls. [more]
Thursday, 8 May 2003, 1:19 AM CET

MS takes open-source security lessons
Microsoft's global director of product security, George Stathakopoulos, has told ZDNet Australia that the software giant has learned security lessons from the wider software community. [more]
Thursday, 8 May 2003, 1:18 AM CET

Eric S. Raymond responds to SCO's DoS claims
In a recent press release, SCO suggests that the Linux community may be responsible for the denial-of-service attack on its servers that occurred on Friday, May 2nd. This is a baseless slur, unsupported by facts. [more]
Thursday, 8 May 2003, 1:17 AM CET

EarthLink sues the 'Buffalo spammer'
EarthLink announced that it is embroiled in a legal battle against an alleged spammer who sent nearly a billion unsolicited commercial e-mails since early last year. [more]
Thursday, 8 May 2003, 1:13 AM CET

Case study: Deutsche Bank tries to marry wireless and security
A company looking to beef up the security of its wireless operations should start with its own policies and standards, according to Ken Newman, director of security and risk management at Deutsche Bank AG. [more]
Thursday, 8 May 2003, 1:11 AM CET

Ferreting out software piracy
The software industry has deployed the latest high-tech weapon in its fight against the billion-dollar scourge of software piracy -- a cartoon ferret. [more]
Thursday, 8 May 2003, 1:08 AM CET

Interview with Harvey Bondar from Digital Persona
Harvey Bondar, a vice president of worldwide marketing at Digital Persona, talks about his company, biometric security market and newly announced Microsoft Windows Server 2003 security related partnership. [more]
Wednesday, 7 May 2003, 10:36 PM CET

HNS Book Contest - four great books for one article
Would you like to get the following books: Red Hat Linux 8 Bible, Hack Attacks Testing, Hack Attacks Revealed and The Art of Deception? By writing an article for HNS, you can win 3520 pages of great reading material. [more]
Wednesday, 7 May 2003, 3:59 PM CET

HNS Book Contest - Want some knowledge?
A little effort can get you some free books on computer security and Linux. What more could you ask for? Come get some! [more]
Wednesday, 7 May 2003, 2:35 PM CET

Is Kerberos about to get resurgence?
With the arrival of Windows Server 2003 we might be forgiven if we think that Kerberos is on its way out. [more]
Wednesday, 7 May 2003, 11:22 AM CET

Hacked Wi-Fi security standard faces axe
Wi-Fi Protected Access to replace Wireless Equivalent Privacy security protocol. [more]
Wednesday, 7 May 2003, 11:09 AM CET

Practical examples for establishing Web service security in .NET
Instead of abstract theories, here are some examples to provide an easy and quick way to accomplish a rather complex task. [more]
Wednesday, 7 May 2003, 10:50 AM CET

Virtual evidence
The scene of a cybercrime needs to be secured just like the scene of any other crime. Karl Cushing finds out what you should and should not do to protect vital evidence. [more]
Wednesday, 7 May 2003, 10:48 AM CET

Nagel: Palm's OS 6 to boost security, wireless, multitasking
PalmSource president and CEO David Nagel said security, wireless and robust multitasking are among the key features in the company's next version of its handheld operating system. [more]
Wednesday, 7 May 2003, 10:47 AM CET

What's new in Windows Server 2003
In this article, the author counts down the top ten features that you should know about. [more]
Wednesday, 7 May 2003, 10:44 AM CET

Passing the Sun Certified System Administrator, part II exam
Emmett Dulaney focuses on the Sun Certified System Administrator, Part II exam for Solaris 9 (exam CX-310-015). [more]
Wednesday, 7 May 2003, 10:42 AM CET

Backup is key to identity theft protection
Identity theft complaints doubled in 2002, according to the Federal Trade Commission, with approximately 163,400 Americans reporting an act of identity theft. [more]
Wednesday, 7 May 2003, 10:12 AM CET

Can a computer virus make your car sick?
Vehicles with fancy computer systems could be exposed to programs that can disable some of their features - or worse. [more]
Wednesday, 7 May 2003, 10:10 AM CET

Gates promotes MS' security tech
Bill Gates speaks about Microsoft's new security technology at a Windows conference. The system, which builds security into silicon chips to offer unprecedented levels of protection against hackers, has raised some concerns among fair-use advocates. Gates says consumers needn't worry. [more]
Wednesday, 7 May 2003, 10:09 AM CET

How an antivirus program works
From the early viruses, created as experiments in the eighties, to the latest malicious code, one of the biggest worries for all computer users is the threat of viruses entering their systems. [more]
Wednesday, 7 May 2003, 12:34 AM CET

Fingerprints to lock up laptops
DigitalPersona plans to announce a fingerprint scanner for laptops and handhelds that doubles as a jog dial. [more]
Tuesday, 6 May 2003, 11:00 AM CET

How to keep your Microsoft software secure
Do you know that a new Internet Explorer security update became available on April 23? It's true. As always, it's very important to your computer's safety that you install it, since several recent worms take advantage of IE flaws. But, unless you know where to look, you may not have heard about this update or be able to get it. And that's a problem. [more]
Tuesday, 6 May 2003, 10:59 AM CET

Hack binge on SA Linux sites
An attacker successfully penetrated 53 South African Web sites on Friday, says IT security and e-commerce attorney Reinhardt Buys. [more]
Tuesday, 6 May 2003, 10:50 AM CET

Watch where you're snooping
Monitoring every staff email and website visited is a waste of time and money. [more]
Tuesday, 6 May 2003, 10:44 AM CET

The OpenBSD Packet Filter FAQ
Aimed at users of OpenBSD 3.3, The OpenBSD Packet Filter FAQ is meant to provide a supplement to the PF man pages. [more]
Tuesday, 6 May 2003, 10:41 AM CET

Auditing web site authentication, part two
This is the second part of a two-part series discussing a standard audit procedure consisting of a list of questions to test Web site authentication schemes. [more]
Tuesday, 6 May 2003, 10:38 AM CET

Microsoft aims for protection - from users
The word "security" is used a lot by Microsoft officials when they discuss the company's plan for Next-Generation Secure Computing Base, formerly code-named Palladium. [more]
Tuesday, 6 May 2003, 10:35 AM CET

Sneaky software hijacks more browsers
Patrick Ewalt still fumes about being hijacked on the Internet. Last fall, he clicked on a pop-up ad and got diverted to the ad's Web site, which then implanted itself as the first page to appear whenever Ewalt started his Web browser. [more]
Tuesday, 6 May 2003, 10:29 AM CET

Blocking a cyberterror attack
In the abstract, fighting a war is simple. The enemy and the targets are generally identifiable. But in the war against hackers and virus writers, the combatants are harder to know. [more]
Tuesday, 6 May 2003, 10:24 AM CET

Ideal security focus recognised
Named best performing distributor for 2003 by security vendor Symantec. [more]
Tuesday, 6 May 2003, 10:18 AM CET

DbEncrypt for Microsoft SQL Server released
Application Security, Inc. today announced DbEncrypt for Microsoft SQL Server. Product capabilities include: MSDE encryption, ease of encryption management, advanced auditing configurations and enhanced recovery mechanism. [more]
Tuesday, 6 May 2003, 8:47 AM CET

Positive identification in a wireless world
Widespread wireless use has raised serious new security challenges. How can you be certain the person connecting to your wireless network is a legitimate user? [more]
Tuesday, 6 May 2003, 8:10 AM CET

ISS "X-Force Internet Watch" web site compromised
ISS web site hosting information on X-Force Internet Watch (XFIW), was compromised with an anti-war message. [more]
Tuesday, 6 May 2003, 2:25 AM CET

Apple squashes e-store ID bug
Apple Computer said it fixed a security flaw at its online store late last week that could have enabled attackers to hijack customers' accounts and place fraudulent orders. [more]
Monday, 5 May 2003, 6:27 PM CET

Limited money for e-security in Australia
The Federal Government's much-vaunted IT security cornerstone - a "beefed-up" Australian Computer Emergency Response Team - is likely to be unveiled at AusCERT's conference on the Gold Coast next week. [more]
Monday, 5 May 2003, 6:02 PM CET

Offshore coding work raises security concerns
Outsourcing critical software development to foreign workers puts systems at risk, users say. [more]
Monday, 5 May 2003, 6:00 PM CET

Is spam behind a cell-phone virus?
Some AT&T Wireless subscribers believe a text message masquerading as spam is on the loose and damaging cell phones in the United States. [more]
Monday, 5 May 2003, 5:59 PM CET

Book Review - Windows XP Professional Security
The real value of this book is in the practical knowledge that it contains. It's well written and easy to use, a truly excellent resource for system administrators and a great learning guide for those of you interested in learning more about the security of your Windows XP box. [more]
Monday, 5 May 2003, 5:56 PM CET

HNS Newsletter Issue 160 has been released
Get it in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is brought to you by Surfcontrol. Stop Spam Now - Free SurfControl E-mail Filter Trial. [more]
Monday, 5 May 2003, 4:45 PM CET

Privacy backers size up new chief
Experts debate whether the new chief privacy officer for the Department of Homeland Security will be able to protect citizens from undue snooping - or just protect the administration from its critics. [more]
Monday, 5 May 2003, 3:51 PM CET

Security is a people problem - right?
Let's face it - the one thing you can't predict with any accuracy is people's capacity for stupidity. [more]
Monday, 5 May 2003, 3:47 PM CET

Best way to stop spammers? Make them pay!
Spam isn't so much a technological or legal problem as an economic one--it's a cheap way to advertise. So if you want to change spammers' cost-benefit calculations, raise their costs. [more]
Monday, 5 May 2003, 3:45 PM CET

Voicemail hacking on the rise
Voicemail can cost you. Just ask K.C. Hatcher, a San Francisco-based graphic artist. [more]
Monday, 5 May 2003, 3:44 PM CET

A smart card day in Paris
In Paris, it's hard to imagine a day without smart cards. Invented in France in 1979, the small plastic cards get their brains from a computer chip that can be programmed to allow consumers to chat on their cell phones, buy baguettes and ride the metro. [more]
Monday, 5 May 2003, 3:42 PM CET

Microsoft to get technical on Longhorn, 'Palladium'
Company will give first demo of security initiative at WinHEC. [more]
Monday, 5 May 2003, 3:36 PM CET

Survey: top 75 security tools
In May of 2003, Fyodor conducted a survey of Nmap users from the nmap-hackers mailing list to determine their favorite security tools. [more]
Monday, 5 May 2003, 3:36 PM CET

Web seminar on FIRE forensic Linux environment
This Wednesday, SANS is hosting a free web seminar titled "5 Ways to FIRE up Your Incident Response and Forensic Environment". [more]
Monday, 5 May 2003, 2:03 AM CET

Mixed reviews on Windows Server 2003 security
Security solution providers offered mixed reviews of the security of Microsoft's recently released Windows Server 2003. [more]
Saturday, 3 May 2003, 1:54 AM CET

Review - Apache Server 2.0: The Complete Reference
Brian Behlendorf, one of the co-founders of Apache said about the author of this book - "Ryan Bloom (the book's author) knows the internals of the 2.0 HTTP server at least as well as Linus Torvalds knows his way around the Linux kernel". Is the book really that good? Read on to find out. [more]
Friday, 2 May 2003, 10:17 PM CET

Weekly virus report - two worms, a trojan and a macro virus
In this report Panda Software takes a look at Aurity, a Word macro virus, two worms: Halfint and Nolor, and a Trojan called Optix.Pro. [more]
Friday, 2 May 2003, 9:44 PM CET

Stupidity trumps security
It doesn't matter how good your policies are if you don't enforce them. [more]
Friday, 2 May 2003, 11:38 AM CET

What's the difference between a viral attack and a scan?
Infosec exhibitors were yesterday urged to check their systems for a virus after the performance of the security conference's network took a severe hit. [more]
Friday, 2 May 2003, 11:37 AM CET

Securing Windows systems
A recent report on Microsoft and security suggests that the technology giant was right to embark on its Trustworthy Computing initiative to make users more confident in the security of its products. [more]
Friday, 2 May 2003, 3:36 AM CET

Former cybersecurity czar to join eBay
Online auction giant eBay is responding to the growing Internet fraud by calling in Howard Schmidt, the former top adviser to President Bush on cybersecurity. [more]
Friday, 2 May 2003, 3:33 AM CET

Are blacklists killing more than spam?
Spam has become such a vexing problem that, if current trends continue, e-mail could become a far less useful way to communicate. [more]
Friday, 2 May 2003, 3:23 AM CET

Fight spam with SpamProbe
How to set up this trainable e-mail filter to eliminate false positives, work with IMAP and run as a cron job. [more]
Friday, 2 May 2003, 3:20 AM CET

Cover blown on auction scammers
The Federal Trade Commission and 29 states have launched a campaign to crack down on Internet auction fraud, federal and state officials said Wednesday. [more]
Friday, 2 May 2003, 3:15 AM CET

Initiatives to fight e-crime
The Infosecurity show highlighted new efforts to tackle online crime. [more]
Friday, 2 May 2003, 3:13 AM CET

OpenBSD 3.3 has been released
This is the 13th release on CD-ROM (and 14th via FTP). This version provides significant improvements, including new features, in nearly all areas of the system. [more]
Thursday, 1 May 2003, 8:30 AM CET

Locking down digital documents
Companies struggling to control information in a collaborative environment may have a friend in CYA Technologies Inc.'s new CYA Secure Collaboration Platform. [more]
Thursday, 1 May 2003, 1:30 AM CET

Public key cryptography demystified
Public key technology has an important role to play in helping us protect our information and to be able to rely on the network to handle transactions of increasing value. [more]
Thursday, 1 May 2003, 1:23 AM CET

Air Force wins cyberexercise
The Air Force Academy recently beat out the four other service academies in the Cyber Defense Exercise, a cyber training tool designed to prepare students to protect and defend the nation's critical information systems. [more]
Thursday, 1 May 2003, 1:19 AM CET

Is VoIP secure? You make the call
Is your network equal to the task? Are you willing to risk exposing data and voice on the Internet? [more]
Thursday, 1 May 2003, 1:06 AM CET

Locking down IIS
Microsoft makes good on its promise to make Win2003's internal Web server secure by default. [more]
Thursday, 1 May 2003, 1:04 AM CET

Interview with Anonymous
Anonymous, the author of "Maximum Security 4th edition" and other security books, talks about his secret identity, his latest book, the full disclosure of vulnerabilities and other security issues. [more]
Thursday, 1 May 2003, 12:56 AM CET

Virginia threatens spammers with jail
Internet mavens who clog computers with massive volumes of unsolicited e-mail pitches now risk landing in prison and losing their riches under a tough Virginia law signed Tuesday. [more]
Thursday, 1 May 2003, 12:47 AM CET

Tutorial: fairly-secure anti-spam gateway using OpenBSD
This document describes how to setup a spam-blocking email gateway based on open source and freely available software. [more]
Thursday, 1 May 2003, 12:28 AM CET

Honeypots: simple, cost-effective detection
This is the fourth article in an ongoing series on honeypots. This article will examine the role of honeypots in detection. [more]
Thursday, 1 May 2003, 12:21 AM CET

Patching is the problem, says Microsoft
Providing reliable, easy-to-install patches expensive and troublesome, says security chief. [more]
Thursday, 1 May 2003, 12:17 AM CET

Firms neglect remote workers' IT security
Too many companies adopting 'out of sight, out of mind approach', warns survey. [more]
Thursday, 1 May 2003, 12:11 AM CET


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Aug 29th