Thursday, May 22, 2003

Passive Network Traffic Analysis
Network IDS devices use passive network monitoring extensively to detect possible threats. Through passive monitoring, a security admin can gain a thorough understanding of the network's topology: what services are available, what operating systems are in use, and what vulnerabilities may be exposed on the network. Much of this data can be gathered in an automated, non-intrusive manner through the use of standard tools, which will be discussed later in this article. While the concepts presented here are not difficult to understand, the reader should have at least an intermediate understanding of IP and a base-level familiarity with the operation of network sniffers.

Tuesday, May 20, 2003

Securing Apache: Step-by-Step
This article shows in a step-by-step fashion, how to install and configure the Apache 1.3.x Web server in order to mitigate or avoid successful break-in when new vulnerabilities in this software are found.