Expert analysis
An Introduction to Snort
This is a presentation at the Houston ISSA Meeting in April by Ricard Bejtlich, a senior forensic consultant for Foundstone. Download the presentation in PPT format here.
Security Advisories Week: 30 May – 6 June 2002
Title: Imap server buffer overflow Date: May 30 2002 Vendor: Mandrake Vulnerable systems: Mandrake Linux 7.1, 7.2, 8.1, 8.2, Corporate Server 1.0.1 Full advisory: Problem …
Reduce Your Virus Exposure with an Active Virus Protection System
This article describes today’s virus environment, why you need to reevaluate your current anti-virus strategy, and how your business can deploy SonicWALL’s active …
Corporate Security Overview: 28 May – 4 June 2002
A number of security companies send us their company press releases, which we republish in the press section of Help Net Security. This is an overview of interesting …
Backdoored dsniff, fragroute and fragrouter
In a recent hack of irssi server, attacker modified the configure script which gave him shell access to any system that installed the backdoored irssi program. The same thing …
Keeping Secrets in Hardware: the Microsoft XBox Case Study
This paper discusses the hardware foundations of the cryptosystem employed by the Xbox video game console from Microsoft. A secret boot block overlay is buried within a system …
RSA Security enhances RSA Keon
In support of its commitment to make the deployment and use of digital certificates easy for conducting secure and cost-effective e-business, RSA Security announced that its …
Security Advisories Week: 22-29 May 2002
Title: OpenServer popper buffer overflow and denial of service Date: May 22 2002 Vendor: Caldera Vulnerable systems: OpenServer 5.0.5 and OpenServer 5.0.6 Full advisory: …
Cyclone: A Safe Dialect of C
Cyclone is a safe dialect of C. It has been designed from the ground up to prevent the buffer overflows, format string attacks, and memory management errors that are common in …
Cross Site Scripting “the security gap”
I wonder if Microsoft applies the patches on their systems of their products. This question is always on my mind. I personally think that sufficient effort is not made on this …
Corporate Security Overview: 21-28 May 2002
A number of security companies send us their company press releases, which we republish in the press section of Help Net Security. This is an overview of interesting …
Basic security with passwords
The password. It really gives you power doesn’t it? You’re the only one that has the “key” to the workstation or something else that has to be kept …
Featured news
Resources
Don't miss
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform
- AI made crypto scams far more dangerous