November 2005

  • VLAN hopping (virtual local area network hopping)

    VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.30 Nov 2005

  • Cisco patches Security Agent flaw

    The networking giant warned in an advisory Tuesday that local users could exploit a hole in its threat protection software.30 Nov 2005

  • Apple patches 13 flaws in Mac OS X

    Attackers could gain unauthorized system access, compromise sensitive data and launch malcode by exploiting a series of security holes in Mac OS X. But patches are available.30 Nov 2005

  • New algorithm promises to secure P2P content

    Three cryptographers have developed a secure P2P content distribution method without creating bottlenecks, and it could prove to be a significant breakthrough in the encryption arena.30 Nov 2005

  • IPsec architectures and implementation methods

    In this excerpt of The TCP/IP Guide, author Charles M. Kozierok explains the three different implementation architectures defined for IPsec: integrated, bump in the stack (BITS) and bump in the wi...29 Nov 2005

  • How to tame Google Desktop

    Although not classified as spyware, if left unmanaged and unmonitored desktop search engines, like Google Desktop, can introduce serious security concerns. This tip examines these risks and explain...29 Nov 2005

  • Sun fixes multiple Java flaws

    Attackers could exploit flaws in the Java Runtime Environment and Management Extensions to read and write local files or execute applications.29 Nov 2005

  • Opera: Another contender in the browser wars

    Opera Software removed the ad banners and dropped the licensing fees from its browser, making Opera a viable alternative to Internet Explorer. Learn how Opera compares to Firefox in terms of securi...28 Nov 2005

  • Zotob

    Zotob is a computer worm used by an attacker to gather personal and financial information from computers running Microsoft Windows that have a buffer overflow vulnerability. Zotob, which has severa...28 Nov 2005

  • How different DBMSes implement Internet database security

    Learn what it takes to achieve comprehensive DBMS security, in this application security Ask the Expert Q&A.28 Nov 2005

  • PING with Desiree Beck

    28 Nov 2005

  • Verifying legitimate help desk requests

    Learn how to to defeat social engineers and measures help desk staff should take to protect the network after password resets.28 Nov 2005

  • Binary over JPEG

    In this Ask the Expert Q&A, Michael Cobb explains what "binary over JPEG" is and how hackers use this mechanism to exploit system vulnerabilites.28 Nov 2005

  • How an attacker cracks a symmetric key-based system

    Learn how an attacker cracks a symmetric key-based system.28 Nov 2005

  • A Sobering return from the holiday weekend

    AV firms are eyeing several new threats, including a Sober variant now responsible for one out of every 14 e-mails on the Net. This as many users fire up PCs after a four-day holiday break.28 Nov 2005

  • How Kerberos, PKI and IPsec interoperate

    In this Ask the Expert Q&A, our identity and access management expert explains how these three unrelated systems interoperate to authenticate and manage digital certificates.28 Nov 2005

  • How IPsec and SSL/TLS use symmetric and asymmetric encryption

    In this Ask the Expert Q&A, our identity and access management expert explains how IPsec and SSL/TLS use these two authentication methods to establish secure Web sessions.28 Nov 2005

  • Busted: The inside story of 'Operation Firewall'

    A trial attorney with the Department of Justice offers an inside look at Operation Firewall, the 18-month investigation that nabbed a network of thieves responsible for 1.7 million credit card thefts.28 Nov 2005

  • More from SearchSecurity -- December 2005

    Highlights from the December 2005 issue of Information Security magazine.28 Nov 2005

  • Securing e-mail exchanges

    In this Ask the Expert Q&A, Michael Cobb examines how using S/MIME and various encryption methods can help solve your confidentiality, authenticity, non-repudiation, unsecured backup and other e-ma...24 Nov 2005