THE CERT COORDINATION Center (CERT/CC) security organization has warned of a critical vulnerability in the widely used Concurrent Versions System (CVS) software that could enable an unauthenticated remote attacker with read-only access to execute arbitrary code, alter program operation, read sensitive information, or cause a denial of service to servers. . . .
Inherently flawed security protocols and a strong grassroots push to adopt wireless local-area networks (LANs) are creating substantial security risks for enterprises. The first priority should be to establish a comprehensive policy to address wireless deployments, with user authentication as a . . .
Wireless Local Area Networks (WLANs) are taking off. Enterprises are turning to WLANs in droves because they offer mobility and huge cost advantages. In fact, studies show that wireless workers are more productive, less pressured and save businesses money. Gartner, Inc., . . .
Joshua Wright is a Network Engineer for Johnson & Wales University. He's been investigating wireless security and one of the results of his research has been the whitepaper "Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection". The paper reviews . . .
Security researchers at the firm @stake say they've found a flaw in how network device drivers send information that could create an "information leakage vulnerability" that may let hackers collect sensitive information sent from vulnerable devices. If successful, @stake says, hackers . . .
To be on the receiving end of a distributed denial of service (DDoS) attack is a nightmare scenario for any network administrator, security specialist or access provider. It begins instantly, without warning, and continues relentlessly: machines down, jammed bandwidth, overloaded routers. . . .
The purpose of properly securing a wireless access point is to close off the network from outsiders who do not have authorization to use your services. This is often easier said than done. A wireless network is more difficult to . . .
Without an abundance of expensive equipment or an Internet Service Provider, Croshere and Popkoff surf the Web all over the Palo Alto area, often by simply driving around and letting their iBooks -- which come with a built-in antenna and optional wireless Internet card -- track wireless connections at homes and businesses.. . .
In 2002, users and companies got a respite from the disruptive viruses of 2001. But a more sophisticated generation of worms is on the way. The year 2002 may have been a relatively quiet for virus attacks, but security experts . . .
In the next two articles, I'll demonstrate how to configure and troubleshoot an IPSec VPN on a FreeBSD system. When I first started configuring VPNs, I quickly discovered two things. First, there is more than one way to configure a VPN . . .
Since anyone with the software could pry, cable is back in style. The Meteorological Agency and the Tokyo metropolitan government stopped using wireless local area networks (LAN) last week after learning data was wide open to anyone with the will . . .
With identity theft on the rampage, network managers are being hit by an increasing barrage of software, hardware and services for user authentication. Organizations are implementing technologies ranging from traditional passwords/PINs to PKI and SSL certificates, tokens, fingerprint readers, and even . . .
Heavy users of technology now employ nearly two dozen passwords to gain access to various IT systems and Web sites--but are compromising security by writing them down. The 2002 NTA Monitor Password Survey found that the typical intensive IT user now has 21 passwords, and has two strategies to cope, neither of which is advisable from a security standpoint: they either use common words as passwords or keep written records of them. The survey found that some of these heavy users maintain up to 70 passwords. Forty-nine percent write their passwords down, or store them in a file on their PC. . . .
Internet and telecommunications experts, here on Friday to discuss homeland security, said increasingly complex software operating systems and networks have made it easier than ever to disrupt U.S. communications systems. At the same time, hackers don't need to be highly . . .
Attention, Wi-Fi users: The Department of Homeland Security sees wireless networking technology as a terrorist threat. That was the message from experts who participated in working groups under federal cybersecurity czar Richard Clarke and shared what they learned. . .
Losing sleep lately? With rogue wireless LAN access points popping up every time you turn around it's easy to understand why. Securing the ether is becoming job No. 1. One approach that's gaining favor is to use security gateways to . . .
For hackers or 'script kiddies' to attack and severely damage a Web site or corporate server it's almost a point-and-click exercise using widely available 'downloadable exploits'. According to local security industry experts, most Australian organisations are more vulnerable than ever and are struggling with the know-how to deal with security issues. . .
IT managers are cautiously optimistic that wireless networks will - over time - become as secure as today's local area networks, but security concerns are still holding back deployment of the technology. Those are the main findings of a limited (but still informative) survey of IT security manager attitudes on the deployment of 802.11b (wireless) networks by security consultancy Defcom released this week. . .
Infineon Technologies AG has made a strategic decision to put security features into its wireless-modem chips, a move that points up concerns across the industry about the safety of mobile networks. Infineon and a handful of other chip vendors are gambling on the assumption that system OEMs will soon be clamoring for wireless solutions able to handle strong encryption--well beyond what's now specified in wireless communication standards. . .
The overwhelming vote by the Senate late Tuesday approving a Homeland Security Department clears the way for massive reorganization of the federal government that will have a dramatic impact on computer and network security. . .
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
