|
Call for papers SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: editor@securityfocus.com 
Wireless Forensics: Tapping the Air - Part OneThis two-part series looks at the issues associated with collecting and analyzing network traffic from wireless networks in an accurate and comprehensive way; a discipline known as wireless forensics. Part one of this article focuses on the technical details and challenges for traffic acquisition, and provides design requirements and best practices for wireless forensics tools. 2007-01-02 http://www.securityfocus.com/infocus/1884 
Password Management Concerns with IE and Firefox, part twoThis two-part paper presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems for web browsers, found in Internet Explorer and Firefox. The article specifically addresses IE 6 and 7 and Firefox 1.5 and 2.0. 2006-12-11 http://www.securityfocus.com/infocus/1883
Password Management Concerns with IE and Firefox, part oneThis two-part paper presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems for web browsers, found in Internet Explorer and Firefox. The article specifically addresses IE 6 and 7 and Firefox 1.5 and 2.0. 2006-12-08 http://www.securityfocus.com/infocus/1882 
Vulnerability Scanning Web 2.0 Client-Side ComponentsThis article discusses the challenges faced when vulnerability scanning Web 2.0 applications, and then provides a methodology to detect vulnerabilities in Web 2.0 client-side application components. 2006-11-27 http://www.securityfocus.com/infocus/1881 
Using Nepenthes Honeypots to Detect Common MalwareThis article describes the use of Nepenthes, a low-interaction honeypot, as an additional layer of network defense. Nepenthes can be used to capture malware, alert an administrator about a network compromise, and assist in containing and removing the infection. 2006-11-07 http://www.securityfocus.com/infocus/1880
Hacking Web 2.0 Applications with FirefoxThis article looks at some of the methods, tools and tricks to dissect web 2.0 applications (including Ajax) and discover security holes using Firefox and its plugins. 2006-10-11 http://www.securityfocus.com/infocus/1879 
Recent Security Enhancements in NetBSDNetBSD is renowned for its focus on portability, but great care is also given to security. This paper presents the NetBSD philosophy on security, major design decisions, and its current security features. Following the discussion, current and future research is presented to provide a good look at NetBSD's direction. 2006-10-03 http://www.securityfocus.com/infocus/1878
Beginner's Guide to Wireless AuditingThis article is designed as a beginner's guide to fuzzing wireless device drivers, starting with how to build an auditing environment, how to construct fuzzing tools and finally, how to interpret the results. This auditing environment can be used for WiFi as well as Bluetooth and infrared devices. 2006-09-19 http://www.securityfocus.com/infocus/1877
Analyzing Malicious SSH Login AttemptsMalicious SSH login attempts have been appearing in some administrators' logs for several years. This article takes a new look at the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one's system against these attacks. 2006-09-11 http://www.securityfocus.com/infocus/1876 
Microsoft Office Security, part twoThis article discusses Microsoft Office's OLE Structured Storage and the nature of recent dropper programs and other exploit agents, in an effort to scrutinize the workings of some of the recent MS Office exploits. Part two will then collates some forensic investigation avenues through different MS Office features. Parts of the article sample different MS Office vulnerabilities to discuss their nature and the method of exploitation. 2006-08-29 http://www.securityfocus.com/infocus/1875 |
|
|
Privacy Statement |
