Home > Articles > Security > Software Security

Software Security

RSS Feed Subscribe to this topic  RSS details

124 Items

Sort by Date | Title

Securing Databases with Cryptography
Nov 23, 2005
This chapter discusses how cryptography can fit into your security profile. After explaining what cryptography is and providing a general idea of how it works, we dig into the various types of cryptographic algorithms and see where the strengths and weaknesses of each lie.
An Introduction to Security Testing with Open Source Tools
Sep 16, 2005
Michael Kelly reports on handy security uses for four open source tools: WebGoat, Firefox Web Developer, WebScarab, and Ethereal. By combining the tools in easy ways, testers can track down and close the gaping security holes that are often left in applications.
Building a Custom JBoss Login Module
Jun 10, 2005
JBoss comes with very useful modules to define how to log in, but they're designed in a generic fashion to be examples or used in a very simple application. Marcus Zarra walks you through extending one of these modules to fit a custom requirement.
Cryptography: Beginning with a Simple Communication Game
Nov 5, 2004
In this introductory chapter from his book, Wenbo Mao uses a simple game to demonstrate the complexity of cryptography, and its utility for your business.
Reverse-Engineering the First Pocket PC Trojan, Part 2
Oct 8, 2004
In part 2 of their series on the Brador Trojan horse for the Pocket PC, Cyrus Peikari, Seth Fogie, Ratter/29A, and Jonathan Read take us on a detailed tour of exactly how this nasty piece of business works.
Reverse-Engineering the First Pocket PC Trojan, Part 1
Oct 1, 2004
Cyrus Peikari, Seth Fogie, Ratter/29A, and Jonathan Read present a detailed two-part analysis of the Brador Trojan horse for the Windows Mobile operating system.
The Role of Computer Forensics in Stopping Executive Fraud
Oct 1, 2004
Virtual evidence is an important part of nearly every modern corporate crime investigation, and proper handling of that evidence can mean the difference between a conviction and a criminal walking free. In this chapter, you'll learn how to properly investigate computer evidence in a corporate environment.
Designing Strategies for Security Management
Jul 23, 2004
With an eye towards passing the MSCE 70-298 Exam, Bill Ferguson and Ed Tittel explain the ins and outs of managing network security, and the tools that you can use to maintain security on a Windows Server 2003 Network. Included are several sample questions with detailed answers to help you prepare for the exam.
The Theory of Cryptography
Jun 4, 2004
One of the essential ingredients of e-business and enterprise computing is cryptography, which plays a critical role in J2SE and J2EE security. This chapter describes secret-key and public-key cryptographic systems as related to Java 2 Enterprise Edition, in a way that's meant to demystify the concepts and terms surrounding cryptography.
Performance Forensics
Feb 13, 2004
This article draws from lessons and concepts of health care delivery to provide ideas for addressing system-performance complaints with predictable and accurate results. Specific tools from the Solaris Operating System are discussed.
Are You Still Using RSH?
Jan 30, 2004
Running RSH is like leaving your house keys under the welcome mat. SSH offers the same convenience and functionality with far greater security, so why haven't you switched?
Responding to a Customer's Security Incidents, Part 4: Processing Incident Data
Jan 9, 2004
This fourth article focuses on authenticating, preserving, and processing the incident data. Only the salient points for best practices that should be executed in processing the incident data are discussed.
DB2 Universal Database Security
Dec 23, 2003
Nine percent of the DB2 UDB V8.1 Family Fundamentals certification exam (Exam 700) is designed to test your knowledge about the mechanisms DB2 Universal Database uses to protect data and database objects against unauthorized access and modification. This chapter introduces you to the authorization levels and privileges of the DB2 Universal Database.
Trojan Horses
Dec 12, 2003
Malware expert Ed Skoudis discusses Trojan horses, which are computer programs that appear to be benign, but really include hidden malicious code. He outlines different types of Trojan Horses and how to protect against them.
J2EE Security
Nov 26, 2003
This chapter from "Java™ 2 Platform, Enterprise Edition: Platform and Component Specifications" describes the security requirements for the Java™ 2 Platform, Enterprise Edition (J2EE).
Security in Microsoft IIS
Nov 13, 2003
Microsoft's IIS has earned a reputation for being relatively insecure. In this sample book chapter, you'll learn what you can do to make sure your own server isn't at risk, from Passport.NET Authentication to setting the identity of Worker Processes.
What Bill Gates Says About Security
Nov 13, 2003
Microsoft product managers at the PDC hammered home the idea that code has to get better, and that buffer overruns are caused, basically, by sloppy programming. But Bill Gates said, "You don't need perfect code to avoid security problems." Not if you use firewalls and keep your software up to date.
Responding to Customer's Security Incidents--Part 3: Following Up After an Incident
Oct 31, 2003
The third in a five-part series, this article focuses on following up after an incident and presents the best practices that should be executed in the follow-up phase.
Maintaining Security by Implementing, Managing, and Troubleshooting Service Packs and Security Updates
Oct 10, 2003
Roberta Bragg helps you learn the tools and methods necessary to keep systems patched, how to troubleshoot the problems the patches may cause, and understand the reasons tools may not work correctly.
Securing Sun Linux Systems: Part II, Network Security
Sep 26, 2003
The second in a two-part series, this article provides recommendations for securing the Sun Linux 5.0 operating system.

<< < Prev Page 3 4 5 6 7 Next >