Secure Programming Studies in secure programming for adminsOct 31, 2005
Like a poison apple, a Web program that is tasty on the surface may contain a highly dangerous core. Admins who do their own programming need to follow secure programming practices to avoid the bitter taste of insecurity.more »
Squid proxy server Implementing a home proxy server with SquidOct 31, 2005
A proxy server provides safer and more efficient surfing. Although commercial proxy solutions are available, all you really need is Linux and an old PC in the attic.more »
XSA Attack Stopping the cross-site authentication attackOct 31, 2005
A new form of phishing attack deposits an HTML tag on the vulnerable service to trap users into authenticating.more »
Admin Workshop: Resolvers Insider Tips: Resolving Names in DNSSep 30, 2005
The resolver is the window from your computer to the global DNS system. Simply typing a URL awakens a link to computers all over the world.more »
Charly's Column The Sysadmin’s Daily Grind: PortfwdAug 31, 2005
Incoming TCP connections do not always end up where they are supposed to. A freely configurable redirector points digital debris in the direction of a new and better place.more »
TCP Hijacking Understanding and preventing TCP attacksAug 31, 2005
It is quite easy to take a TCP connection down using a RST attack, and this risk increases with applications that need long-term connections, such as VPNs, DNS zone transfers, and BGP. We’ll describe how a TCP attack can happen, and we’ll show you some simple techniques for protecting your network.more »
Socks 5 Examining the generic Socks version 5 proxy protocolJun 30, 2005
Socks is a universal proxy protocol for TCP and UDP that allows internal hosts to securely pass the firewall and authenticates users. This article describes the latest version of the Socks proxy protocol and shows how to implement it.more »
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.