Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Blocking Traffic by Country on Production Networks
A lot of the network data coming from other countries' networks is malicious -- or at best, unwanted. SecurityFocus contributor Timothy Mullen shows data from some recent filtering tests and demonstrates how to do per-country filtering on Microsoft's ISA Server.
Standards in desktop firewall policies
The purpose of this article is to discuss the need for a desktop firewall policy within an organization, determine how it should be formed, and provide an example of one along with the security benefits it provides an organization.
Demystifying Denial-Of-Service attacks, part one
This paper provides an introduction to Denial of Service (DoS) attacks, their methodologies, common prevention techniques, and how they differ from Distributed Denial of Service (DDoS) Attacks. This article is intended to be a broad overview for the beginner or intermediate-level administrator on the different types of DoS attacks.
Software Firewalls: Made of Straw? Part 2 of 2
Part two looks at Layered Service Provider based Trojans hidden in the protocol stack, providing stealthy communication through an open firewall port.
Software Firewalls: Made of Straw? Part 1 of 2
This article looks at design issues with software firewalls that can render them useless in several ways.
Software Firewalls versus Wormhole Tunnels
This article explains how the PCAP library on Windows can be used to render software firewalls and client VPN environments ineffective, easily bypassing traditional security measures.
The Perils of Deep Packet Inspection
This paper looks at the evolution of firewall technology towards Deep Packet Inspection, and then discusses some of the security issues with this evolving technology.
Packet Crafting for Firewall & IDS Audits (Part 2 of 2)
This article is the second of a two-part series that will discuss various methods to test the integrity of your firewall and IDS using low-level TCP/IP packet crafting tools and techniques.
Packet Crafting for Firewall & IDS Audits (Part 1 of 2)
This article is the first of a two-part series that will discuss various methods to test the integrity of your firewall and IDS using low-level TCP/IP packet crafting tools and techniques.
Transparent, Bridging Firewall Devices
This article examines the concept of a transparent or bridging firewall which sits hidden in-line with the network it protects.