Stunnel 4.00 Builds on Prior Success
Late last week, the newest version of Stunnel[1], the secure SSL wrapper, was released. Stunnel encapsulates cleartext protocols within strong SSL encryption and can be used to protect pretty much any standard[2] TCP connection, from your mail protocol (POP, IMAP, SMTP) to your own customized application. Stunnel runs on many different operating systems from Linux and other Unix-like systems (*BSD, Solaris, etc) to Windows.
Thursday, September 12, 2002
Evaluating Network Intrusion Detection Signatures, Part 1
Over the past several years, a number of academic and commercial entities have conducted evaluations of various network intrusion detection (NID) software, to determine the overall effectiveness of each product and to compare the products to each other. Many system administrators and security analysts are also responsible for conducting their own evaluations of NID products, in order to choose a solution for deployment in their environments. NID evaluations typically include some rough indication of the relative quality of each product's signatures. However, high signature quality is critical to achieving a good NID solution, so the importance of accurately evaluating signature quality cannot be stressed strongly enough.
In this series of articles, we will present recommendations that will help you to evaluate NID signatures. As you shall see, properly testing NID signatures is a surprisingly complex topic. We will begin by discussing some of the basics of evaluating NID signature quality, and then look at issues relating to selecting attacks to be used in testing. Although you may not necessarily perform hands-on NID testing and evaluations, the information presented in this series of articles will give you the knowledge and the facts to get the most out of published reviews and comparisons of NID signatures. Note that we assume that the reader is already familiar with the basic concepts and principles of network intrusion detection.
Over the past several years, a number of academic and commercial entities have conducted evaluations of various network intrusion detection (NID) software, to determine the overall effectiveness of each product and to compare the products to each other. Many system administrators and security analysts are also responsible for conducting their own evaluations of NID products, in order to choose a solution for deployment in their environments. NID evaluations typically include some rough indication of the relative quality of each product's signatures. However, high signature quality is critical to achieving a good NID solution, so the importance of accurately evaluating signature quality cannot be stressed strongly enough.
In this series of articles, we will present recommendations that will help you to evaluate NID signatures. As you shall see, properly testing NID signatures is a surprisingly complex topic. We will begin by discussing some of the basics of evaluating NID signature quality, and then look at issues relating to selecting attacks to be used in testing. Although you may not necessarily perform hands-on NID testing and evaluations, the information presented in this series of articles will give you the knowledge and the facts to get the most out of published reviews and comparisons of NID signatures. Note that we assume that the reader is already familiar with the basic concepts and principles of network intrusion detection.
Web server security
This article details how to secure dynamic content on an Apache Web server. Topics covered include general security issues pertaining to dynamic content, securing Server Side Includes, configuring Apache's Common Gateway Interface, and wrappering dynamic content. The article is targeted primarily at Webmasters and system administrators responsible for maintaining and securing a Web server; however, anyone with a need or desire to server dynamic content will benefit from the topics covered. A basic understanding of Linux commands, permissions, and file structures is assumed.
This article details how to secure dynamic content on an Apache Web server. Topics covered include general security issues pertaining to dynamic content, securing Server Side Includes, configuring Apache's Common Gateway Interface, and wrappering dynamic content. The article is targeted primarily at Webmasters and system administrators responsible for maintaining and securing a Web server; however, anyone with a need or desire to server dynamic content will benefit from the topics covered. A basic understanding of Linux commands, permissions, and file structures is assumed.
Web Hacking: Attacks and Defense
Web Hacking is the ultimate technical good read. With solid technical content, keen analysis, and acclaimed cut-to-the-chase writing style, the authors bring unparalleled insight to both well-known and lesser-known web vulnerabilities. They show how to defend your web servers and web-based payment systems. They explain the complete range of attacks, including buffer overflows, the most wicked of attacks. "How Do They Do It?" real-world case studies describe how different attacks work and why they work.
Web Hacking is the ultimate technical good read. With solid technical content, keen analysis, and acclaimed cut-to-the-chase writing style, the authors bring unparalleled insight to both well-known and lesser-known web vulnerabilities. They show how to defend your web servers and web-based payment systems. They explain the complete range of attacks, including buffer overflows, the most wicked of attacks. "How Do They Do It?" real-world case studies describe how different attacks work and why they work.
Sunday, September 08, 2002
Corporate Spies: Get Out
If you want good employees, treat them like human beings and show them some trust. Spying makes for a frosty, unwelcome workplace.
As an employee and not a boss, I have a fairly limited perspective in terms of allowable workplace slack. At every job I've started since the computer came into play, part of the human resources mix has been perusal and signing of a document that states, basically, that I have sold my soul to the company store.
This document varies in its wording, but it basically threatens the new employee with expulsion if the phone, computer or office is used for any type of personal business whatsoever.
If you want good employees, treat them like human beings and show them some trust. Spying makes for a frosty, unwelcome workplace.
As an employee and not a boss, I have a fairly limited perspective in terms of allowable workplace slack. At every job I've started since the computer came into play, part of the human resources mix has been perusal and signing of a document that states, basically, that I have sold my soul to the company store.
This document varies in its wording, but it basically threatens the new employee with expulsion if the phone, computer or office is used for any type of personal business whatsoever.
Profile of the Perfect Security Guru
Experts agree that penetration testing or vulnerability analysis are key to securing systems, but opinions differ on whether a background in hacking is necessary.
Experts agree that penetration testing or vulnerability analysis are key to securing systems, but opinions differ on whether a background in hacking is necessary.
Trick 'wardriving' hackers with a blizzard of bogus access points
Software that generates a blizzard of bogus wireless network access points could bamboozle hackers trying to access corporate and home computer networks. This would stop them stealing wireless surfing time and exploring corporate wireless networks, say the two US computer programmers behind the scheme.
Software that generates a blizzard of bogus wireless network access points could bamboozle hackers trying to access corporate and home computer networks. This would stop them stealing wireless surfing time and exploring corporate wireless networks, say the two US computer programmers behind the scheme.
Win2K First Responder's Guide
When it comes to handling computer security incidents, proper first response handling of computer security incidents is second in importance only to incident prevention. Improper handling or collection of available information can do irreparable harm to an investigation. Investigators need to have a thorough understanding of what information they intend to collect, as well as the tools they can use and the effects those tools have on the system itself.
When it comes to handling computer security incidents, proper first response handling of computer security incidents is second in importance only to incident prevention. Improper handling or collection of available information can do irreparable harm to an investigation. Investigators need to have a thorough understanding of what information they intend to collect, as well as the tools they can use and the effects those tools have on the system itself.
Computer forensics specialists in demand as hacking grows
Today's real-life crime-fighters battle villains more sophisticated than those the comic-book character ever faced — and these modern-day crooks often set their sights on threatening business, government and national security using computers.
Today's real-life crime-fighters battle villains more sophisticated than those the comic-book character ever faced — and these modern-day crooks often set their sights on threatening business, government and national security using computers.
Subscribe to:
Posts (Atom)