Fyodor announced today, on the BugTraq mailing list, the immediate availability of NMap v3.50. As most of you know, NMap is the defacto standard in the security realm for vulnerability scanning and host fingerprinting. It also would have ranked #1 on Fyodor's 75 Top Security Tools had he not disqualified his own utility from being voted on and appearing on the list. The changelog for NMap can be viewed here. [from Anil John's blog] ......
Joel Semeniuk posted ppts and demo code from his last webcast: I finally got around to sticking up PowerPoints and demo code from my last set of Webcasts on Writing Secure Code (http://joel.isa-geek.net) 1. Powerpoints: Best Practices & Threats 2. Demos: Best Practices & Threats [Nonsensical Saunter of All Things Irrelevant] The Archive of the actual webcasts can be found @: Writing Secure Code – Best Practices – Level 300http://msevents.microsof... ......
From Cisco press release: Corporations are demanding better security at lower costs, and the skills and security products of our two companies are extremely complementary. Cisco is a leader in firewall, intrusion detection and other IP-based network security protections. IBM is an expert in security administration software and services. Together, we cover the entire IT infrastructure. More importantly, we cover most of the key areas that need protection against manual or automated hacker attacks ......
Another good article on defensive programming at developerWorks: This article discusses the top vulnerability in Linux/UNIX systems: buffer overflows. This article first explains what buffer overflows are and why they're both so common and so dangerous. It then discusses the new Linux and UNIX methods for broadly countering them -- and why these methods are not enough. It then shows various ways to counter buffer overflows in C/C++ programs, both statically-sized approaches (such as the standard ......
Forgot to mention that last week Michael Howard posted the errata for Writing Secure Code, Second Edition. [Update 03/06/2004] Michael posted updated errata ......
Russia looks impressive ;-) but sometimes I want to travel to right-down part of this map...
create your own visited country map[from Chris's rants]
This SHOULD be done in Longhorn. Although I am confident that most of the kernel has been rewritten by now over the years… I think that there are entire areas of code that have to be removed, or at the very least, refactored. There are entire subsystems within Windows that simply should be torn out, as they have been replaced with better systems that should be threat modeled, analyzed and refactored. This might/will break backwards compatibility with some software. Some people might not like ......