|
Call for papers SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: editor@securityfocus.com 
Penetration Testing IPsec VPNsThis article discusses a methodology to assess the security posture of an organization's IPsec based VPN architecture. 2005-02-09 http://www.securityfocus.com/infocus/1821 
Apache 2 with SSL/TLS: Step-by-Step, Part 2Part two of the Apache2 with SSL/TLS series offers mod_ssl recommendations and then discusses three different ways to sign a certificate, including setting up a local Certificate Authority using OpenSSL. 2005-02-02 http://www.securityfocus.com/infocus/1820
Blind Buffer Overflows In ISAPI ExtensionsThis paper will outline the risks ISAPI Extensions pose and how they can be exploited by third parties without any binary exposure or knowledge using blind stack overflows. This method can enable remote code execution in proprietary and third party applications. 2005-01-25 http://www.securityfocus.com/infocus/1819
Apache 2 with SSL/TLS: Step-by-Step, Part 1This article begins a series of three articles dedicated to configuring Apache 2.0 with SSL/TLS support, in order to ensure maximum security and optimal performance of secure web communication. This part introduces key aspects of SSL/TLS and then shows how to compile and configure Apache 2.0 with support for these protocols. 2005-01-18 http://www.securityfocus.com/infocus/1818 
The Perils of Deep Packet InspectionThis paper looks at the evolution of firewall technology towards Deep Packet Inspection, and then discusses some of the security issues with this evolving technology. 2005-01-11 http://www.securityfocus.com/infocus/1817
SSH Port ForwardingIn this article we look at SSH Port Forwarding in detail, as it is a very useful but often misunderstood technology. SSH Port Forwarding can be used for secure communications in a myriad of different ways. 2005-01-06 http://www.securityfocus.com/infocus/1816 
How ITIL Can Improve Information SecurityThis article provides an overview of ITIL, a management-level set of best practices and guidelines for an integrated and process-based approach to IT and security. 2004-12-22 http://www.securityfocus.com/infocus/1815
WEP: Dead Again, Part 1This article is the first of a two-part series that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools. In many cases, a WEP key can be determined in seconds or minutes. 2004-12-14 http://www.securityfocus.com/infocus/1814 
Detecting Complex VirusesThe purpose of this paper is to examine the difficulties of detecting complex viruses, including polymorphic, metamorphic and entry-point obscuring viruses. Whether or not an anti-virus (AV) technology can detect these viruses can be a useful metric to consider when evaluating AV products. 2004-12-06 http://www.securityfocus.com/infocus/1813
SSH and ssh-agentThis article discusses how to take SSH Identity/Pubkey trust relationships to the next level, by using ssh-agent as a keymaster to manage a user's authentication needs automatically. 2004-11-23 http://www.securityfocus.com/infocus/1812 |
|
|
Privacy Statement |
