|
Call for papers SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: editor@securityfocus.com 
Five common Web application vulnerabilitiesThis article looks at five common Web application attacks, primarily for PHP applications, and then presents a short case study of a vulnerable Website that was found using Google and easily exploited. 2006-04-28 http://www.securityfocus.com/infocus/1864 
Lessons learned from Microsoft's MS06-013 patchThis article takes a quick look at the functionality changes in MS06-013, and then discusses the new types of deployment decisions that are being made within enterprise environments in light of this critical Microsoft security patch. 2006-04-19 http://www.securityfocus.com/infocus/1863
Two attacks against VoIPThis purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. The first attack demonstrates the ability to hijack a user's VoIP Subscription and subsequent communications. The second attack looks at the ability to eavesdrop in to VoIP communications. 2006-04-04 http://www.securityfocus.com/infocus/1862 
Learning an advanced skillsetThe purpose of this article is to guide network security analysts towards learning the advanced skillset required to help further their careers. We'll look at two key pillars of knowledge, protocols and programming, and why they're both so important in the security field. 2006-03-24 http://www.securityfocus.com/infocus/1861
Social engineering reloadedThe purpose of this article is to go beyond the basics and explore how social engineering, employed as technology, has evolved over the past few years. A case study of a typical Fortune 1000 company will be discussed, putting emphasis on the importance of education about social engineering for every corporate security program. 2006-03-14 http://www.securityfocus.com/infocus/1860 
Zero to IPSec in 4 minutesThis short article looks at how to get a fully functional IPSec VPN up and running between two fresh OpenBSD installations in about four minutes flat. 2006-02-28 http://www.securityfocus.com/infocus/1859 
Sebek 3: tracking the attackers, part twoThe second article in this honeypot series discusses best practices for deploying Sebek 3 inside a GenIII honepot, and shows how to patch Sebek to watch all the attacker's activities in real-time. 2006-02-13 http://www.securityfocus.com/infocus/1858
Malicious Malware: attacking the attackers, part 2This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discussed in an ethical manner. Part two of two. 2006-02-02 http://www.securityfocus.com/infocus/1857
Malicious Malware: attacking the attackers, part 1This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discussed in an ethical manner. Part one of two. 2006-01-31 http://www.securityfocus.com/infocus/1856
Sebek 3: tracking the attackers, part oneThe first of this two-part series will discuss what Sebek is and what makes it so interesting, first by looking at the new capabilities of version 3 and how it integrates with GenIII Honeynet infrastructures. 2006-01-16 http://www.securityfocus.com/infocus/1855 |
|
|
Privacy Statement |
