Et Cetera

Wed
06
Jan

Using Events-Per-Second as a Factor in Selecting SEM Tools

Contributed by Roberto Angelino,

Events Per Second, or EPS, as it is commonly referred to in the world of network security, is a measurement that is used to convey how fast a network generates data from its security devices (firewalls, Intrusion Detection Systems (IDS), servers, routers, etc.), and/or how fast an SEM product can correlate data from those devices. A savvy buyer will match the EPS his network is generating to those that can be accommodated by the SEM tool that he is purchasing.

This document is in PDF format. To view it click here.

Mon
04
Jan

Ethical Hacking: Rationale for a Hacking Methodological Approach to Network Security

Contributed by Regina D. Hartley

Thu
31
Dec

Application Error Handling: How to Avoid Death by a Thousand Cuts

Contributed by Bryan Sullivan and Billy Hoffman

When an application error occurs, whether due to user input or an internal function, we as conscientious developers want to present an error message that will help the end user correct the problem. However, it is possible to be too helpful with your error handling approach. By providing overly detailed application error messages to your users, you can actually be opening your site to hackers. Hackers spend the majority of their time performing reconnaissance on a site, slowly gathering multiple pieces of information to determine how a site is vulnerable. Sometimes, it is a seemingly innocuous piece of information in an application error message that provides an attacker with the last piece of the puzzle necessary for him to launch a devastating attack.

This document is in PDF format. To view it click here.

Tue
29
Dec

End-user Device Security

Contributed by Tom Olzak

Where does your business expend most of its resources to prevent malicious code attacks? If your company is like those for which I have worked, most of the time and effort is spent on the network perimeter and servers. But what about those ubiquitous end-user devices?

This document is in PDF format. To view it click here.

Tue
29
Dec

End Points Malfeasance

Contributed by Aditya K Sood

This article shows the advancement in the flaw that occur in the end point technology ie client/server transactions. In this the emphasis laid on the HTTP/HTTPS for undertaking rogue issues which become the further base of attacking on the network or protocol infeasibility. The issue discussed are of much importance when ever network problems are concerned.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Et Cetera