Geeks With Blogs
ex-blog Information security world February 2004 Entries
New NMap Version Released
Fyodor announced today, on the BugTraq mailing list, the immediate availability of NMap v3.50. As most of you know, NMap is the defacto standard in the security realm for vulnerability scanning and host fingerprinting. It also would have ranked #1 on Fyodor's 75 Top Security Tools had he not disqualified his own utility from being voted on and appearing on the list. The changelog for NMap can be viewed here. [from Anil John's blog] ......

Posted On Friday, February 27, 2004 10:01 AM

Writing Secure Code - PPT's and Demo Code
Joel Semeniuk posted ppts and demo code from his last webcast: I finally got around to sticking up PowerPoints and demo code from my last set of Webcasts on Writing Secure Code ( 1. Powerpoints: Best Practices & Threats 2. Demos: Best Practices & Threats [Nonsensical Saunter of All Things Irrelevant] The Archive of the actual webcasts can be found @: Writing Secure Code – Best Practices – Level 300http://msevents.microsof... ......

Posted On Thursday, February 26, 2004 7:15 AM

IBM and Cisco Team to Deliver Integrated Security
From Cisco press release: Corporations are demanding better security at lower costs, and the skills and security products of our two companies are extremely complementary. Cisco is a leader in firewall, intrusion detection and other IP-based network security protections. IBM is an expert in security administration software and services. Together, we cover the entire IT infrastructure. More importantly, we cover most of the key areas that need protection against manual or automated hacker attacks ......

Posted On Saturday, February 14, 2004 5:05 PM

Secure programmer: Countering buffer overflows
Another good article on defensive programming at developerWorks: This article discusses the top vulnerability in Linux/UNIX systems: buffer overflows. This article first explains what buffer overflows are and why they're both so common and so dangerous. It then discusses the new Linux and UNIX methods for broadly countering them -- and why these methods are not enough. It then shows various ways to counter buffer overflows in C/C++ programs, both statically-sized approaches (such as the standard ......

Posted On Saturday, February 14, 2004 4:59 PM

Updated Errata for Writing Secure Code 2nd Edition
Forgot to mention that last week Michael Howard posted the errata for Writing Secure Code, Second Edition. [Update 03/06/2004] Michael posted updated errata ......

Posted On Saturday, February 14, 2004 4:50 PM

Visited countries map ;-)

Russia looks impressive ;-) but sometimes I want to travel to right-down part of this map...

create your own visited country map
[from Chris's rants]


Posted On Saturday, February 14, 2004 4:31 PM

Windows Security and DS for UNIX
MS posted Solution Guide for Windows Security and Directory Services for UNIX. Looks interesting from the point of enterprise identity management and Kerberos interop.

Posted On Monday, February 9, 2004 6:58 AM

The time to break backwards compatibility.
This SHOULD be done in Longhorn. Although I am confident that most of the kernel has been rewritten by now over the years… I think that there are entire areas of code that have to be removed, or at the very least, refactored. There are entire subsystems within Windows that simply should be torn out, as they have been replaced with better systems that should be threat modeled, analyzed and refactored. This might/will break backwards compatibility with some software. Some people might not like ......

Posted On Monday, February 9, 2004 6:30 AM

Copyright © John Doe | Powered by: