- Securing Databases with Cryptography
- Nov 23, 2005
- This chapter discusses how cryptography can fit into your security profile. After explaining what cryptography is and providing a general idea of how it works, we dig into the various types of cryptographic algorithms and see where the strengths and weaknesses of each lie.
|
- Open Source Tools for Security Testing
- Sep 16, 2005
- Michael Kelly reports on handy security uses for four open source tools: WebGoat, Firefox Web Developer, WebScarab, and Ethereal. By combining the tools in easy ways, testers can track down and close the gaping security holes that are often left in applications.
|
- Building a Custom JBoss Login Module
- Jun 10, 2005
- JBoss comes with very useful modules to define how to log in, but they're designed in a generic fashion to be examples or used in a very simple application. Marcus Zarra walks you through extending one of these modules to fit a custom requirement.
|
- Cryptography: Beginning with a Simple Communication Game
- Nov 5, 2004
- In this introductory chapter from his book, Wenbo Mao uses a simple game to demonstrate the complexity of cryptography, and its utility for your business.
|
- Reverse-Engineering the First Pocket PC Trojan, Part 2
- Oct 8, 2004
- In part 2 of their series on the Brador Trojan horse for the Pocket PC, Cyrus Peikari, Seth Fogie, Ratter/29A, and Jonathan Read take us on a detailed tour of exactly how this nasty piece of business works.
|
- Reverse-Engineering the First Pocket PC Trojan, Part 1
- Oct 1, 2004
- Cyrus Peikari, Seth Fogie, Ratter/29A, and Jonathan Read present a detailed two-part analysis of the Brador Trojan horse for the Windows Mobile operating system.
|
- The Role of Computer Forensics in Stopping Executive Fraud
- Oct 1, 2004
- Virtual evidence is an important part of nearly every modern corporate crime investigation, and proper handling of that evidence can mean the difference between a conviction and a criminal walking free. In this chapter, you'll learn how to properly investigate computer evidence in a corporate environment.
|
- Designing Strategies for Security Management
- Jul 23, 2004
- With an eye towards passing the MSCE 70-298 Exam, Bill Ferguson and Ed Tittel explain the ins and outs of managing network security, and the tools that you can use to maintain security on a Windows Server 2003 Network. Included are several sample questions with detailed answers to help you prepare for the exam.
|
- The Theory of Cryptography
- Jun 4, 2004
- One of the essential ingredients of e-business and enterprise computing is cryptography, which plays a critical role in J2SE and J2EE security. This chapter describes secret-key and public-key cryptographic systems as related to Java 2 Enterprise Edition, in a way that's meant to demystify the concepts and terms surrounding cryptography.
|
- Performance Forensics
- Feb 13, 2004
- This article draws from lessons and concepts of health care delivery to provide ideas for addressing system-performance complaints with predictable and accurate results. Specific tools from the Solaris Operating System are discussed.
|
- Are You Still Using RSH?
- Jan 30, 2004
- Running RSH is like leaving your house keys under the welcome mat. SSH offers the same convenience and functionality with far greater security, so why haven't you switched?
|
- Responding to a Customer's Security Incidents, Part 4: Processing Incident Data
- Jan 9, 2004
- This fourth article focuses on authenticating, preserving, and processing the incident data. Only the salient points for best practices that should be executed in processing the incident data are discussed.
|
- DB2 Universal Database Security
- Dec 23, 2003
- Nine percent of the DB2 UDB V8.1 Family Fundamentals certification exam (Exam 700) is designed to test your knowledge about the mechanisms DB2 Universal Database uses to protect data and database objects against unauthorized access and modification. This chapter introduces you to the authorization levels and privileges of the DB2 Universal Database.
|
- Trojan Horses
- Dec 12, 2003
- Malware expert Ed Skoudis discusses Trojan horses, which are computer programs that appear to be benign, but really include hidden malicious code. He outlines different types of Trojan Horses and how to protect against them.
|
- J2EE Security
- Nov 26, 2003
- This chapter from "Java™ 2 Platform, Enterprise Edition: Platform and Component Specifications" describes the security requirements for the Java™ 2 Platform, Enterprise Edition (J2EE).
|
- Security in Microsoft IIS
- Nov 13, 2003
- Microsoft's IIS has earned a reputation for being relatively insecure. In this sample book chapter, you'll learn what you can do to make sure your own server isn't at risk, from Passport.NET Authentication to setting the identity of Worker Processes.
|
- What Bill Gates Says About Security
- Nov 13, 2003
- Microsoft product managers at the PDC hammered home the idea that code has to get better, and that buffer overruns are caused, basically, by sloppy programming. But Bill Gates said, "You don't need perfect code to avoid security problems." Not if you use firewalls and keep your software up to date.
|
- Responding to Customer's Security Incidents--Part 3: Following Up After an Incident
- Oct 31, 2003
- The third in a five-part series, this article focuses on following up after an incident and presents the best practices that should be executed in the follow-up phase.
|
- Maintaining Security by Implementing, Managing, and Troubleshooting Service Packs and Security Updates
- Oct 10, 2003
- Roberta Bragg helps you learn the tools and methods necessary to keep systems patched, how to troubleshoot the problems the patches may cause, and understand the reasons tools may not work correctly.
|
- Securing Sun Linux Systems: Part II, Network Security
- Sep 26, 2003
- The second in a two-part series, this article provides recommendations for securing the Sun Linux 5.0 operating system.
|