Security Projects - Page 48
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Lance Spitzner submits the latest from the Honeynet Project. "Honeypots are an exciting new technology. They allow us to turn the tables on the bad guys, we can take the initiative. In the past several years there has been growing interest in exactly what this technology is and how it works. The purpose of this paper is to introduce you to honeypots and demonstrate their capabilities. We will begin by discussing what a honeypot is and how it works, then go into detail using the OpenSource solution Honeyd.. . .
Cyclone is a programming language based on C that is safe, meaning that it rules out programs that have buffer overflows, dangling pointers, format string attacks, and so on. High-level, type-safe languages, such as Java, Scheme, or ML also provide safety, but they don't give the same control over data representations and memory management that C does (witness the fact that the run-time systems for these languages are usually written in C.). . .
North Pole - Citing concerns about security and licensing costs, Santa Claus is considering migrating his computer systems from Microsoft Windows to Linux. . .
The Open Web Application Security Project (OWASP) are pleased to annouce the imminent availability of CodeSeeker, an Application Level Firewall and Intrusion Detection System (AFWIDS) for Linux, Win32 and Solaris.. . .
Experts say the insertion of Trojans into two popular tools reinforces the need to run readily available programs, such as MD5 hashes, to ensure that code hasn't been altered. Experts recommend using MD5 hashes to expose Trojans. This and similar programs, such as MD4, SHA and SHA-1, continually compare codes generated by "healthy" software to hashes of programs in the field.. . .
Yesterday I've put out the BIND 4.9.10-OW2 patch, which includes the patch provided by ISC and thus has the two recently announced vulnerabilities affecting BIND 4 fixed. Another recent update is crypt_blowfish 0.4.5.. . .
A year ago, identity was mostly the concern of privacy and crypto guys. The only company taking much public interest was Microsoft, which was busy scaring everybody with its Passport identity management system and the Hailstorm initiative that went along with . . .
With online security alerts and virus attacks at an all-time high, SBC Communications (Quote, Company Info) on Monday launched an anti-hacker research center aimed at protecting consumers and Internet networks from security violations. . .
Douglas Kilpatrick sent in a note about a new open source project going on at Network Associates. "Privman is a library that makes it easy for programs to use privilege separation, a technique that prevents the leak or misuse of privilege from applications that must run with some elevated permissions. Applications that use the Privman library split into two halves, the half that performs valid privileged operations, and the half that contains the application's logic. The Privman library simplifies the otherwise complex task of separating the application, protecting the system from compromise if an error in the application logic is found.. . .
The sixtieth edition of PHRACK MAGAZINE is going to be released on December 25th as an X-MESS present to the community. To make this milestone edition of PHRACK MAGAZINE a quality release, the PHRACK MAGAZINE editorial staff are soliciting papers from . . .
The Defense Department is giving Carnegie Mellon University $35.5 million to develop tools and tactics for fighting cyberterrorism. The inventions to be researched and engineered at the top computer science school would serve equally well in battling hackers and Internet crooks. . . .
Its time for October's scan of the month. This months scan sponsored by Digital Forensic Research Workshop is slightly different than the scans of the month that you are used to. Scan 24 is available here. The police report. . .
The joint project, dubbed Infrastructure for Resilient Internet Systems (IRIS), aims to use distributed hash table (DHT) technology to develop a common infrastructure for distributed applications. DHT is like having a file cabinet distributed over numerous servers, explained Frans Kaashoek, a . . .
Attempting to protect software on CD-ROM disks from illegal copying, Hudson Soft Co. Ltd. and Victor Company of Japan Ltd. (JVC) have developed a copy protection technology that employs embedded encryption keys. . .
Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. . .
A new and novel way of communicating over fiber optics is being developed by physicists supported by the Office of Naval Research. Rather than using the amplitude and frequency of electromagnetic waves, they're using the polarization of the wave to . . .
The Internetworked Security Information Service (ISIS) brings together four independent projects--the Open Source Vulnerability Database, the Alldas.de defacement-tracking service, the PacketStorm software database and the vulnerability watchdog VulnWatch--into a loosely organized collaboration. "There are a lot of commercial organizations that . . .
Boffins have moved one step closer to a practical implementation of the Holy Grail of encryption - quantum cryptography - by exchanging keys across a 67km fibre optic network. Until recently, the idea of quantum key distribution has been tested only. . .
LogError sent in a pointer to a PDF on the LSM project. "The access control mechanisms of existing mainstream operating systems are inadequate to provide strong system security. Enhanced access control mechanisms have failed to win acceptance into mainstream . . .
Peer-to-peer networks such as Morpheus and Audiogalaxy have enabled millions to trade music, movies and software freely. A group of veteran hackers is about to unveil a new peer-to-peer protocol that may eventually let millions more surf, chat and e-mail free. . .