http://www.devshed.com Security - RSS Feeds en-us Thu, 26 Nov 2009 06:32:19 -0500 Thu, 26 Nov 2009 06:32:19 -0500 Sat, 25 Jul 2009 00:06:48 -0400 http://www.devshed.com/c/a/Security/Critical-Microsoft-Visual-Studio-Security-Patch-Tuesday-0723209/?kc=rss - Here comes another critical patch from Microsoft. What it fixes is anyone's guess, but it affects almost all versions of Windows and .NET Visual Studio back to 2003. Developers are encouraged to register their guess, but make your guesses after you apply the patch. Speculation is that the Inter...]]> http://www.devshed.com/c/a/Security/Critical-Microsoft-Visual-Studio-Security-Patch-Tuesday-0723209/?kc=rss Thu, 23 Jul 2009 01:14:08 -0400 http://www.devshed.com/c/a/Security/US-Faces-Tech-Security-Expert-Deficit-10294/?kc=rss - There's a definite digital-divide starting, but it's not between the rich and the poor; it's between the IT Security expert haves and have-nots...and it's spreading from private companies all the way to the US Government. Recent studies of the country's top IT management shows that a whopping 35%+ ...]]> http://www.devshed.com/c/a/Security/US-Faces-Tech-Security-Expert-Deficit-10294/?kc=rss Thu, 13 Nov 2008 09:00:46 -0500 http://www.devshed.com/c/a/Security/LAN-Reconnaissance/?kc=rss - This chapter covers LAN reconnaissance; specifically, it covers capturing packets and scoping out the LAN environment using ettercap-ng, p0f, and dsniff. When investigating a LAN, your goals can sometimes be at odds with each other. Are you trying to be quick? Is stealth a factor? Sometimes going fo...]]> http://www.devshed.com/c/a/Security/LAN-Reconnaissance/?kc=rss Mon, 30 Jul 2007 09:00:47 -0400 http://www.devshed.com/c/a/Security/An-Epilogue-to-Cryptography/?kc=rss - Throughout this multi-part series we examined the coding of few individual encryption and decryption algorithms. Please keep in mind that none of them were ultimately secure. With the quantum leaps that technologies and computer resources have made nowadays, their decryption would be quite easy e...]]> http://www.devshed.com/c/a/Security/An-Epilogue-to-Cryptography/?kc=rss Tue, 24 Jul 2007 09:00:48 -0400 http://www.devshed.com/c/a/Security/A-Sequel-to-Cryptography/?kc=rss - I have promised that in this article I will continue showing you real-world encryption algorithms and more specifically that we are going to XOR. Throughout this part we will find out what exactly is XOR, how to implement it into an encryption algorithm, and ultimately a few techniques for breaking...]]> http://www.devshed.com/c/a/Security/A-Sequel-to-Cryptography/?kc=rss Mon, 23 Jul 2007 09:00:47 -0400 http://www.devshed.com/c/a/Security/An-Introduction-to-Cryptography/?kc=rss - This is the first article of a multi-part series. It serves the purpose of introducing you to cryptography. I cannot promise an easy ride through this journey, but it will be a comprehensible and amazing one. As much as we'll get into this, we'll realize how complex cryptography can be. But that sh...]]> http://www.devshed.com/c/a/Security/An-Introduction-to-Cryptography/?kc=rss Thu, 30 Jun 2005 09:00:00 -0400 http://www.devshed.com/c/a/Security/Security-Overview/?kc=rss - The concept of network security may seem somewhat of a moving target or several moving targets. When we talk about “security” we know what we want, but describing it and making it happen can be different matters altogether. Network security has a natural conflict with network connectivity. The more ...]]> http://www.devshed.com/c/a/Security/Security-Overview/?kc=rss Thu, 19 May 2005 09:00:01 -0400 http://www.devshed.com/c/a/Security/Network-Security-Assessment/?kc=rss - This chapter discusses at a high level the rationale behind Internet-based network security assessment and penetration testing. To retain complete control over your networks and data, you must take a proactive approach to security, an approach that starts with assessment to identify and categorize y...]]> http://www.devshed.com/c/a/Security/Network-Security-Assessment/?kc=rss Wed, 30 Mar 2005 09:00:01 -0500 http://www.devshed.com/c/a/Security/Firewalls/?kc=rss - So now that you have a fairly secure operating system and know a few basic tricks, lets get into using some more complex security tools. This chapter describes how to configure and run a secure open source firewall. If you already have a firewall, you may still want to read this chapter if you need ...]]> http://www.devshed.com/c/a/Security/Firewalls/?kc=rss Mon, 28 Feb 2005 09:00:01 -0500 http://www.devshed.com/c/a/Security/Whats-behind-the-curtain-Part-II/?kc=rss - Internet usage entails many risks. You surf the Internet to do your work and you end up with a system with degraded performance and an unexpected behavior. Congratulations! No, you did not win the lottery; you have just been hacked! In the first part of “Whats behind the curtain” article I e...]]> http://www.devshed.com/c/a/Security/Whats-behind-the-curtain-Part-II/?kc=rss Mon, 21 Feb 2005 09:00:00 -0500 http://www.devshed.com/c/a/Security/Whats-behind-the-curtain-Part-I/?kc=rss - Introduction Everyone who uses the Internet has encountered at least one security violation. Sometimes these violations go unnoticed by the security-unaware user, and other times we may found out about them after they have caused severe damage to our information and systems. The best approach to so...]]> http://www.devshed.com/c/a/Security/Whats-behind-the-curtain-Part-I/?kc=rss Wed, 02 Feb 2005 09:00:22 -0500 http://www.devshed.com/c/a/Security/Vectors/?kc=rss - NO DOUBT MOST OF US can sympathize with this Register reader: Hi Mr. Greene, I have just read your article on the severe Windows security hole and I still cannot for the life of me fathom ports there are so many! I have been on line now for two years and have had to reformat my hard drive so ma...]]> http://www.devshed.com/c/a/Security/Vectors/?kc=rss Mon, 24 Jan 2005 09:00:23 -0500 http://www.devshed.com/c/a/Security/PKI-Looking-at-the-Risks/?kc=rss - To be fair to the readers, I believe that it is time to explain the possible risks and threats associated with Public Key Infrastructure (PKI). Until now, I have given you a lot of information on how to use PKI. (Editor's note: see Eliana Stavrou's articles on ASP Free). Although PKI is considered...]]> http://www.devshed.com/c/a/Security/PKI-Looking-at-the-Risks/?kc=rss Tue, 04 Jan 2005 09:00:30 -0500 http://www.devshed.com/c/a/Security/A-Quick-Look-at-Cross-Site-Scripting/?kc=rss - Introduction The question keeps spinning in our minds, just like a ball bouncing deeply inside the brain: is our website really secure? Surely, thats a very tough topic to answer. But one thing is true in all cases: there are not any websites “completely” safe from attacks. Given the uncontrolle...]]> http://www.devshed.com/c/a/Security/A-Quick-Look-at-Cross-Site-Scripting/?kc=rss Tue, 26 Oct 2004 09:00:02 -0400 http://www.devshed.com/c/a/Security/PKI-Architectures-How-to-Choose-One/?kc=rss - Introduction Deciding to implement a PKI architecture is not an easy task to do. There are many factors which must be taken into consideration if we want to benefit from PKI technology. Before moving into explaining various PKI architectures and the criterion we use to choose the one that best su...]]> http://www.devshed.com/c/a/Security/PKI-Architectures-How-to-Choose-One/?kc=rss