Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Dynamic Linking in Linux and Windows, part one
This article discusses shared libraries in both Windows and Linux, and offers a walk through various data structures to explain how dynamic linking is done in these operating systems. The paper will be useful for developers interested in the security implications and the relative speed of dynamic linking, and assumes some prior knowledge of static and shared libraries.
Basic Journey of a Packet
The purpose of this introductory article is to look at basic look at the journey of a packet across the Internet, from packet creation to switches, routers, NAT, and so on. This topic is recommended for those who are new to the networking and security field and may not have a basic understanding of the underlying process.
Ajax Security Basics
The purpose of this article is to introduce some of the security implications with modern Ajax web technologies. Though Ajax applications can be more difficult to test, security professionals already have most of relevant approaches and tools needed.
Learning an advanced skillset
The purpose of this article is to guide network security analysts towards learning the advanced skillset required to help further their careers. We'll look at two key pillars of knowledge, protocols and programming, and why they're both so important in the security field.
Social engineering reloaded
The purpose of this article is to go beyond the basics and explore how social engineering, employed as technology, has evolved over the past few years. A case study of a typical Fortune 1000 company will be discussed, putting emphasis on the importance of education about social engineering for every corporate security program.
Reducing browser privileges
This article shows the simple approach of reducing privileges for Internet-facing applications such as IE, Firefox, IM and email clients when the user must operate as an administrator.
Identifying P2P users using traffic analysis
This article looks at identifying P2P users and applications in large networks by analyzing traffic behavior instead of monitoring ports or application data.
Bluetooth Security Review, Part 2
Part 2 of the Bluetooth series looks at several unpublished vulnerabilities in Symbian based phones, and then moves on to discuss "Blue Tag" tracking, positioning, and privacy issues.
Bluetooth Security Review, Part 1
This two-part series looks at Bluetooth security and privacy issues, including methods of detection, data loss prevention and social engineering.
Introduction to Spyware Keyloggers
The purpose of this article is to discuss keyloggers found in spyware applications, including their detection, features, and removal.