Linux Network Security - Page 72

Discover Network Security News

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 54

Warning: Undefined property: stdClass::$helix_ultimate_image in /var/www/www.linuxsecurity.com-443/html/templates/newsberg/html/com_content/category/blog_item.php on line 55

Understanding Risks of Brute Forcing Session IDs in Web Applications

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Almost all of today's "stateful" web-based applications use session IDs to associate a group of online actions with a specific user. This has security implications because many state mechanisms that use session IDs also serve as authentication and authorization mechanisms -- . . .

Anthony Pell
Nov 13, 2001

In-Depth Analysis of RADIUS Protocol and Its Security Implications

RADIUS is a widely used protocol in network environments. It is commonly used for embedded network devices such as routers, modem servers, switches, etc. This analysis deals with some of the characteristics of the base RADIUS protocol and of the User-Password . . .

Anthony Pell
Nov 12, 2001

Discovering Honeynets for Intrusion Detection and Cybersecurity Training

A honeynet is a very valuable tool for research, intelligence and education: by knowing the methods an intruder uses we can better detect break-ins in the future. Information gathered from honeynets casn be analysed to monitor attack trends. The information collected . . .

Anthony Pell
Nov 08, 2001

NSA SNAC Guidelines: Essential Best Practices for Network Security

This SNAC Guide addresses security "best practices" from the National Security Agency's Systems and Network Attack Center. It includes information on security policies, passwords, host security, buffer overflows, rootkits, and more.

Anthony Pell
Nov 01, 2001

CERT Report on Evolving DoS Attacks Targeting Routers and Networks

The Computer Emergency Response Team (Cert) co-ordination centre reported last week that the targets of denial of service (DoS) attacks are changing, and are becoming more sophisticated and damaging. According to Cert, early DoS attacks overloaded web servers with simple . . .

Anthony Pell
Nov 01, 2001

Exploring DoS Attacks: Implications and Security Challenges for Routers

We all yearn for the more innocent time when the acronym DOS stood for your Disk Operating System, or even the Dept. of State for the better traveled. Today, however, it is a term that brings a chill to many technologists . . .

Anthony Pell
Oct 29, 2001

Enhancing Security in Wireless Networking for Enterprises

"We never gave security a thought," Brian Chee says, talking about what was probably the world's first wireless data network. Chee worked on Aloha Net, a new concept in communications developed by the University of Hawaii back in the late 60's. . . .

Anthony Pell
Oct 29, 2001

New Wireless Attacks: Address Resolution Protocol Risks And Mitigation

Bob Fleck, a security consultant at Cigital, working with Jordan Dimov, has discovered new class of wireless attacks that can be used to gain unauthorized access to normally-protected machines on a standard wire-based internal network. Wireless networks involve installation of . . .

Anthony Pell
Oct 17, 2001

Federal Agent Warns: Windows XP Poses National Security Risks

A computer forensics expert and retired federal agent is trying to convince the U.S. government that Windows XP is a threat to national security and its distribution should be postponed.. . .

Anthony Pell
Oct 15, 2001

New Wireless Hacking Technique Threatens Wired Network Integrity

Security experts are raising alarms about a technique that computer hackers could use to penetrate a company's wired data networks from its wireless networks, Monday's Wall Street Journal reported. Wireless links are increasingly being used by companies to connect desktop and . . .

Anthony Pell
Oct 15, 2001

Can The Internet Aid Cybersecurity Education And Incident Recovery?

The Internet has been used tactically to help after cataclysmic events, but its best future preventive use may be as an educational tool. Given the many Internet security breaches that have occurred this past year, from Code Red to the . . .

Anthony Pell
Oct 12, 2001

Integrating Human Factors Into IT Disaster Planning and Continuity

Any good disaster plan must go well beyond bulletproofing IT and consider a variety of human factors, according to a panel of research analysts speaking Monday at the Gartner Symposium/ITxpo 2001 here. Specifically, Gartner analyst Roberta Witty emphasized that disaster planning . . .

Anthony Pell
Oct 11, 2001

Ethereal Packet Sniffer: Comprehensive Network Analysis Tool

Packet sniffers, sometimes referred to as protocol or network analyzers, are invaluable tools for network and systems administrators. With an abundance of commercial and free software products available, it may be difficult to choose a good product. This article describes Ethereal, . . .

Anthony Pell
Oct 09, 2001

Protecting Network Security From Malware And DoS Threats

Lately, the word "security" has been tossed around a lot in the news, IRC channels and elsewhere in the community. It seems that there's no end to viruses and script kiddies out there just waiting to get through the security on . . .

Anthony Pell
Oct 03, 2001

Addressing DoS and DDoS Attacks in Cyber Security Context

Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have been around for years, but with reports that 4,000 DoS attacks are launched each week, it's clear the problem isn't close to being resolved. In fact, in a recent poll of Information Security . . .

Anthony Pell
Sep 28, 2001

Insights on Internet Security Complexity from Bruce Schneier

The complexity of the Internet is increasing more rapidly than our ability to secure it, according to Internet security expert Bruce Schneier. At the opening of the annual Information Security Solutions Europe (ISSE) conference in London on Wednesday, Schneier, who is . . .

Anthony Pell
Sep 26, 2001

Cyberterrorism Risks: Analyst Insights on Corporate Security Awareness

Although there have been no reported cases of cyberterrorism or hacks of corporate or U.S. government sites, companies must remain vigilant in the coming days, say analysts from the research firm Gartner. Soon after last week's horrific terrorist attacks on U.S. . . .

Anthony Pell
Sep 18, 2001

Exploring Autonomous Patching Methods by Worms and Viruses

Worms and viruses often target specific vulnerabilities in common software. But what if the terms were reversed? Rather than attacking the vulnerability of software for malicious purposes, what if the worm or virus actually attempted to secure the software by applying . . .

Anthony Pell
Sep 13, 2001

WLAN Security Risks: Analyzing WEP Flaws and Access Threats

Trouble is, with the rise of WLANs has come a whole new breed of security threats. A key research paper released on July 25 by cryptographers Scott Fluhrer of Cisco Systems and Itsik Mantin and Adi Shamir of Israel's Weizmann Institute . . .

Anthony Pell
Sep 12, 2001

Understanding The Necessity Of Patching For System Security

Is the patching of mission critical systems and related software a priority for your business? May I suggest that patching such software become an imperative task incorporated into an IT position ASAP. Recent virus outbreaks and increases in overall attacks have . . .

Anthony Pell
Sep 08, 2001

Community Poll

More Polls