October 2005 | Archive by Month | SearchSecurity.com | Page 4

October 2005

  • Apache fixes pair of Web server flaws

    Update: The vulnerabilities, fixed in newer versions of HTTP Server, could affect nearly seven out of 10 Web sites on the Internet. However, an analyst suggests they are likely low-risk.

  • Protect your Web site against path traversal attacks

    How to protect your Web site against path traversal attacks.

  • Powerful payloads: The evolution of exploit frameworks

    Attackers have new tools to launch faster, more powerful attacks. Contributor Ed Skoudis offers up some examples, some of which are very clever and very evil.

  • Spyware Survey: What's worked for you?

    A look at purchasing decisions and policy-making reflected in SearchSecurity.com's online survey of spyware.

  • Oracle unloads critical patch pile

    The company offered few details on what the flaws are, but they are critical and affect a long list of products.

  • Building trust into mobile computing

    The Trusted Computing Group unveiled "use-cases" that describe secure ways in which to implement features and functions of mobile devices.

  • Snort update fixes security hole

    Attackers could exploit a flaw in the open source IDS to gain unauthorized network access, security firms warn. But a fix is available.

  • The effects of spyware

    In this Ask the Expert Q&A, Michael Cobb discusses various methods spyware uses to compromise a PC. He also suggests tools and tactics to use to rid your PC of an infection.

  • Spyware Survey: Where's this coming from?

    How does your company measure up? A look at the statistics in SearchSecurity.com's online survey exploring the current and predicted threat impact of spyware.

  • Security Bytes: New malware targets Skype users

    In other news, a Microsoft patch causes problems while a Lynx flaw affects Red Hat and Ubuntu Linux distributions.

  • What to tell senior management about regulatory compliance

    The IT Governance Institute offers actionable advice for implementing security governance as it relates to regulatory compliance.

  • How to implement a simulator for FTP and TFTP protocols

    In this Ask the Expert Q&A, our platform security expert discusses the advantages of using the Simple Network Management Protocol. He also explains where to find a simulator for FTP and TFTP protoc...

  • How hybrid cryptosystems secure e-mail exchange

    In this Ask the Expert Q&A, our application security expert discusses how hybrid cryptosystems are used to secure an e-mail exchange.

  • Auditing firewall activity

    This Firewall Architecture Tutorial tip shows how completing a firewall audit of activity can help in the management of valuable firewall data.

  • Placing systems in a firewall topology

    In this Firewall Architecture Tutorial tip, you will learn a firewall topology for placing firewall systems, such as bastion host, screened subnet and multi-homed firewalls.

  • Choosing the right firewall topology: Bastion host, screened subnet or dual firewalls

    An overview of the three most common firewall topologies, including diagrams of a bastion host, screened subnet and dual firewall architectures.

  • How to choose a firewall

    Despite the development and evolution of security technologies, the firewall remains a vital component of any network architecture, and today's organizations have myriad options to choose from. Thi...

  • Firewall Architecture Tutorial

    In this Firewall Architecture Tutorial you will learn all aspects of firewall implementation such as how to choose the right type of firewall for your organization, how to choose a firewall topolog...

  • How avian flu could threaten IT security

    Experts say a potential bird flu pandemic could have a disastrous effect on IT infrastructures. But if companies plan well, those infrastructures could also help minimize chaos.

  • dictionary attack

    A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in...