Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Defeating Honeypots : Network issues, Part 1
The purpose of this paper is to explain how attackers behave when they attempt to identify and defeat honeypots, and is useful for security professionals to deploy honeypots in a more stealthy manner.
Multi-Layer Intrusion Detection Systems
This article discusses mIDS, a system that brings together many layers of technology into a single monitoring and analysis engine, from integrity monitoring software such as TripWire, to system logs, IDS logs, and firewall logs.
Host Integrity Monitoring: Best Practices for Deployment
The purpose of this article is to highlight the important steps and concepts involved in deploying a host integrity monitoring system. These applications can be very helpful with detecting unauthorized change, conducting damage assessment, and preventing future attacks.
Detection of SQL Injection and Cross-site Scripting Attacks
This article discusses techniques to detect SQL Injection and Cross Site Scripting (CSS) attacks against your networks using regular expressions with the open-source IDS, Snort.
Wireless Honeypot Countermeasures
This paper will introduce honeypots as a countermeasure for attacks on wireless environments using WiFi-related technologies. They can be used to identify and defeat unsuspecting blackhat attackers.
Problems and Challenges with Honeypots
In this paper we take a look at some of the many challenges and problems facing honeypots, and possible approaches on how to solve them. By identifying these problems now, we can hope to make honeypots a stronger technology for the future.
Checklist for Deploying an IDS
The scope of this article considers the worst case scenario, that of deploying a Network IDS on a remote network (target). The introduction of an IDS into a organization's network can be sensitive and often has political implications with the network staff, and thus a checklist written from the perspective of an outside consultant (even if the IDS is deployed internally) that appeases all parties can be useful to ensure a successful implementation.
Fighting Spammers With Honeypots: Part 2
Part two continues the discussion of open proxies, describes creating fake open mail relays with various honeypots, discusses architecture decisions, and then provides some recent test results that proved very successful. A honeypot can clearly be used to detect, slow and stop spam-related activities while promoting a clean Internet -- but more people must pitch in for them to truly make a difference.
Fighting Spammers With Honeypots: Part 1
This paper will evaluate the usefulness of using honeypots to fight spammers on several fronts. Part one discusses the methods spammers use to harvest addresses, maintain stealth and manipulate open mail relays on the Internet. Then honeypots will be considered that create fake email addresses to be harvested, identify and track spammers, and simulate open proxies for spammers to use.
Wireless Intrusion Detection Systems
This paper will describe the need for wireless intrusion detection, provide an explanation of wireless intrusion detection systems, and identify the benefits and drawbacks of a wireless intrusion detection solution.