SecurityFocus

Defeating Honeypots : Network issues, Part 1
The purpose of this paper is to explain how attackers behave when they attempt to identify and defeat honeypots, and is useful for security professionals to deploy honeypots in a more stealthy manner.
By: Laurent Oudot, Thorsten Holz 2004-09-28
http://www.securityfocus.com/infocus/1803

Multi-Layer Intrusion Detection Systems
This article discusses mIDS, a system that brings together many layers of technology into a single monitoring and analysis engine, from integrity monitoring software such as TripWire, to system logs, IDS logs, and firewall logs.
By: Nathan Einwechter 2004-07-06
http://www.securityfocus.com/infocus/1788

Host Integrity Monitoring: Best Practices for Deployment
The purpose of this article is to highlight the important steps and concepts involved in deploying a host integrity monitoring system. These applications can be very helpful with detecting unauthorized change, conducting damage assessment, and preventing future attacks.
By: Brian Wotring 2004-03-31
http://www.securityfocus.com/infocus/1771

Detection of SQL Injection and Cross-site Scripting Attacks
This article discusses techniques to detect SQL Injection and Cross Site Scripting (CSS) attacks against your networks using regular expressions with the open-source IDS, Snort.
By: K. K. Mookhey, Nilesh Burghate 2004-03-17
http://www.securityfocus.com/infocus/1768

Wireless Honeypot Countermeasures
This paper will introduce honeypots as a countermeasure for attacks on wireless environments using WiFi-related technologies. They can be used to identify and defeat unsuspecting blackhat attackers.
By: Laurent Oudot 2004-02-13
http://www.securityfocus.com/infocus/1761

Problems and Challenges with Honeypots
In this paper we take a look at some of the many challenges and problems facing honeypots, and possible approaches on how to solve them. By identifying these problems now, we can hope to make honeypots a stronger technology for the future.
By: Lance Spitzner 2004-01-14
http://www.securityfocus.com/infocus/1757

Checklist for Deploying an IDS
The scope of this article considers the worst case scenario, that of deploying a Network IDS on a remote network (target). The introduction of an IDS into a organization's network can be sensitive and often has political implications with the network staff, and thus a checklist written from the perspective of an outside consultant (even if the IDS is deployed internally) that appeases all parties can be useful to ensure a successful implementation.
By: Andy Cuff 2003-12-30
http://www.securityfocus.com/infocus/1754

Fighting Spammers With Honeypots: Part 2
Part two continues the discussion of open proxies, describes creating fake open mail relays with various honeypots, discusses architecture decisions, and then provides some recent test results that proved very successful. A honeypot can clearly be used to detect, slow and stop spam-related activities while promoting a clean Internet -- but more people must pitch in for them to truly make a difference.
By: Laurent Oudot 2003-11-26
http://www.securityfocus.com/infocus/1748

Fighting Spammers With Honeypots: Part 1
This paper will evaluate the usefulness of using honeypots to fight spammers on several fronts. Part one discusses the methods spammers use to harvest addresses, maintain stealth and manipulate open mail relays on the Internet. Then honeypots will be considered that create fake email addresses to be harvested, identify and track spammers, and simulate open proxies for spammers to use.
By: Laurent Oudot 2003-11-26
http://www.securityfocus.com/infocus/1747

Wireless Intrusion Detection Systems
This paper will describe the need for wireless intrusion detection, provide an explanation of wireless intrusion detection systems, and identify the benefits and drawbacks of a wireless intrusion detection solution.
By: Jamil Farshchi 2003-11-05
http://www.securityfocus.com/infocus/1742