- Pandemic Outbreak and the Impact of Quarantine on Business Operations
- Dec 7, 2007
- Randy Nash looks at the historical impact of pandemic outbreaks, the preparation and planning that has taken place, and the potential impact that could be expected.
|
- The Future of Identity
- Dec 7, 2007
- David Chisnall looks at the growing problem of identity theft and wonders whether the Internet can give us some ideas for addressing it.
|
- Endpoint Security: What's Missing?
- Nov 30, 2007
- Mark Kadrich describes a new process that will help us understand how our network technology interacts with our security technology.
|
- Gaining Access to Target Systems Using Application and Operating System Attacks
- Nov 21, 2007
- This sample chapter explores basic and advanced techniques for gaining access by manipulating applications and operating systems.
|
- Game Hacking 101
- Nov 21, 2007
- Gary McGraw and Greg Hoglund describe discuss techniques to prevent piracy and cheating in online games.
|
- Fuzzing Frameworks
- Nov 16, 2007
- The authors of Fuzzing explore a number of open source fuzzing frameworks available today, including SPIKE, Autodafé, and GPF.
|
- Preparing for a FISMA Security Audit
- Nov 16, 2007
- How do you prepare for an audit, and what do you do when the findings are issued? Randy Nash examines how to survive the audit gauntlet.
|
- Stateful Web Application Firewalls with .NET
- Feb 9, 2007
- A Web Application Firewall (WAF), though still evolving, is crucial for strong application layer defense. It is possible to bridge WAF and session objects on the .NET platform to build a stateful WAF (SWAF). Security expert Shreeraj Shah covers the concept, implementation, and deployment of SWAF.
|
- Is There a Security Problem in Computing?
- Dec 29, 2006
- This sample chapter examines what kinds of vulnerabilities computing systems are prone to. It then considers why these vulnerabilities are exploited, who is involved, and how to prevent possible attacks on systems.
|
- Seven Steps to XML Mastery, Step 7: Ensure XML Security
- Aug 25, 2006
- We’ve come a long way since the beginning of our journey toward XML mastery. In the last article of his series, Frank Coyle examines XML-related security issues. We begin by looking at the family of XML security standards and then move on to the threat of black-hat attacks and what you can do to safeguard your XML-based applications.
|
- XSS, Cookies, and Session ID Authentication – Three Ingredients for a Successful Hack
- Aug 11, 2006
- Seth Fogie looks at a real-life XSS attack and how it was used to bypass the authentication scheme of an online web application, leading to "shell" access to the web server.
|
- Security Is a UI Problem
- Jul 28, 2006
- Balancing usability and security isn't an easy task, as evidenced by the number of systems with "security features" that are easy for users to turn off. David Chisnall discusses the issues on both sides of the fence.
|
- The Technical Foundations of Hacking
- May 4, 2006
- This chapter helps you prepare for the EC-Council Certified Ethical Hacker (CEH) Exam by covering topics like the Open Systems Interconnect (OSI) system and Transmission Control Protocol/Internet Protocol (TCP/IP). Sample questions with detailed answers from the exam are provided to help you prepare.
|
- Exploring ISA Server 2004 Tools and Concepts
- Aug 26, 2005
- This chapter covers the high-level details of each portion of the ISA Management Console, with emphasis placed on introducing ISA administrators to the tools available to make their lives easier.
|
- Understanding Denial of Service
- Aug 12, 2005
- Denial of Service (DoS) attacks aren't quite like other malicious network traffic. Instead of gaining some benefit, the perpetrator of a DoS attack seeks only to do harm. This chapter explains the hows, whys, and whos of DoS attacks, and what you can do about them.
|
- Score List Hacking: Lessons Learned by Cheating Your Way to Number One, Part 2 of 2
- Aug 5, 2005
- It's bad enough that a score list hacker can thwart genuine users in their attempts to beat your game's high scores. Even worse, the hacker can create havoc on your computer, hijack it for his own personal use, or something even more nefarious. Seth Fogie concludes this series with a pointed discussion of the hazards of leaving your game unprotected and ways to prevent score list hacking. If you've never seen a covert score list chat channel, this is worth a read!
|
- Web Services and Contemporary SOA (Part II: Advanced Messaging, Metadata, and Security)
- Aug 5, 2005
- This chapter examines the relationships between the SOAP messaging framework and the various WS-* extensions in service-oriented architecture and the features that SOAP enables.
|
- Authentication Auditing in Windows 2000
- Jul 29, 2005
- Authentication auditing is an essential part of protecting your Windows computers from intrusion. The big problem in Windows auditing is trying to understand what's going on, without drowning in a flood of irrelevant or useless information. If you let it do so, Windows will bury you in event notifications. Figuring out what's going on from those notifications can be a real chore. Rick Cook provides specific suggestions to start making your auditing process more informative.
|
- Check Point CCSA Exam Cram: Defining Security Policy with SmartDashboard
- Jul 1, 2005
- This chapter will help you prepare for the CCSA exam, with a focus on SmartDashboard. Sample questions and comprehensive explanations will keep you up to date and equip you to pass the exam.
|
- Home Network Vulnerabilities: Spam, Cookies, Pop-Ups, Spyware, and Scams
- Jul 1, 2005
- In addition to viruses and worms, there are some other annoying programs and files out there that you need to protect your home network from. This chapter focuses on spam, cookies, spyware, and scams—what they are, how they work, and how to get rid of or at least control them.
|