When it comes to security, public disclosure of vulnerabilities and working exploit code is now common. We look at why this can be both harmful and helpful to securing your systems.

Maybe password security isn’t perfect, but most networks depend on it. This month we examine some tools for smarter, more versatile authentication.

Romain Gaucher, a specialist in web security, offers his Scalp tool in version 0.4. The log analyzer searches for attacks on Apache web applications.

Conventional, woodpecker-style port knocking is open to sniffing and brute force knocking attacks. Sending an encrypted packet with an access request to the server is safer and more modern. Learn more about Firewall Knock Operator, a.k.a. Fwknop.

Are your systems secure against DNS attacks? We'll show you why they matter and help you determine whether you are vulnerable.

Grendel Scan version 1.0, a Web application testing tools, was introduced at the Defcon Security Conference in Las Vegas.

Learn more about protecting your website with NoScript, ModSecurity, and Site Security Policy.

Mozilla has just released version 3.0.1 of the Firefox browser; the first maintenance update removes a couple of vulnerabilities and fixes a some minor bugs.