Capture File Filtering with Wireshark Reading a packet capture file with Wireshark and tsharkAug 23, 2012
Wireshark doesn’t just work in real time. If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence.more »
Side Channel Attacks Some web applications send unnecessary information to attackersAug 23, 2012
Sometimes error messages or log entries are too verbose for their own good, disclosing valuable information to attackers.more »
OpenVAS The OpenVAS vulnerability scannerAug 23, 2012
The more IT infrastructure complexity increases, the more indispensable vulnerability scanners become. If you are not interested in retaining the consulting services of a professional hacker, you might want to entrust the task of detecting vulnerabilities to a specialized software tool, such as OpenVAS.more »
Security Lessons: Database Security Protecting your databaseAug 23, 2012
Your database can be one of the most vulnerable elements in your organization. We share some tips for detecting and preventing attacks.more »
HTTPS Proxy Using a Squid proxy with HTTPSAug 23, 2012
How do you monitor the network when your client systems are connecting to secure web servers through HTTPS? We’ll show you how to keep watch using the Squid proxy server and share some inventive certificate tricks.more »
Table of Contents: 143 Intrusion PreventionAug 23, 2012
New vulnerabilities appear every day. To keep your network safe, you need to think like an attacker.more »
For its size, fail2ban, a utility that scans logfiles and bans suspicious IP addresses, punches well above its weight.more »
Customizing PortSentry Do you have a sentry to keep an eye on your servers?Apr 24, 2012
PortSentry monitors your ports and lets you know when they’ve been scanned.more »
Kernel king admits his tone has alienated volunteers, but says the demands of the process require directness.
New flaw in an old encryption scheme leaves the experts scrambling to disable SSL 3
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.