PUBLIC MARKS from micah with tag security

Virtualization software allows you to run multiple operating systems on one machine at the same time. Yes, that's a gross simplification, but let's keep things simple.

SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.

Protecting our computers and information from attack is becoming an increasingly dangerous and dodgy game in the Internet age.

One would think that the fact that none of these schemes made it in to the official IEEE 802.11i security standard would give a clue to their effectiveness, but time and time again that theory is proven wrong.

Our mistake is YOUR problem

The purpose of this article is to go beyond the basics and explore how social engineering, employed as technology, has evolved over the past few years.

Today I got a burr in my saddle again about SSH brute force attacks after finding thousands of attacks from a single machine against a couple of our network hosts. Unable to find a suitable solution, I went ahead and wrote my own.

BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans.

sshdfilter blocks the frequent brute force attacks on ssh daemons, it does this by directly reading the sshd logging output and generating iptables rules, the process can be quick enough to block an attack before they get a chance to enter any password at all.

Google has become the de facto standard in the search arena. It's easy, quick and powerful. For those same reasons that the general user has gravitated to Google, so have the hackers.

I'm a Mac user. I make no qualms about it. I do my best to play the part. This includes being smug about my platform. Very smug. So it was with a year's worth of chagrin that I discovered yesterday that my machine got hacked while on the company network.

The average user has no idea of the risks associated with public WiFi hotspots. Here are some very simple tips for them to keep their network access secure.

We aim to provide the basic teaching and reference material to enable the less technical among us to better understand the relevance of the news posted on the site and it's application in everyday computing.

This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discussed in an ethical manner. Part two of two.

This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discussed in an ethical manner. Part one of two.

WASTE is an anonymous, secure, and encryped collaboration tool which allows users to both share ideas through the chat interface and share data through the download system. WASTE is RSA secured, and has been hearalded as the most secure P2P connection protocol currently in development.

Ungoliant, the public release project name for the system in place at the University of Indianapolis known as Shelob, is a system that utilizes open-sourced backends to isolate problematic (virus-infected or otherwise) hosts from a network. Ungoliant incorporates vmpsd, snort, and nmap for detection and containment.

I wanted to write an article on the strengths of OpenVPN, but I just can't get the message out without first talking about the serious insecurities I see in the rest of the SSL Virtual Private Network (VPN) space.

Windows is sorely lacking in PC security. That situation may not change until Windows Vista (formerly Longhorn) comes out sometime next year. Meanwhile here are a few ways to turn Windows' poor security to your advantage.

Let me introduce you to the six dumbest ideas in computer security. What are they? They're the anti-good ideas. They come from misguided attempts to ignore reality. These dumb ideas are the fundamental reason(s) why all that money you spend on information security is going to be wasted.

We've all seen it happen: you or someone you know has downloaded something from the internet that seemed harmless enough at the time. Next thing you know, the computer has slowed to a crawl. Pop-up advertising starts to appear out of nowhere. Private information gets sent to some company you've never heard of. And the worst part? Trying to uninstall the software might only make the problem worse.

Or, how to block a few million spams per day without breaking a sweat.

I'd like to think that this is a must read for anyone who's ever said, "I just have a little home computer. If people want to hack into it, they will, but there's nothing worth taking on there." When you're building an army of 20,000 to 30,000 zombie PCs, each and every computer becomes valuable. The reader comments at the end of this article help explain why.

Because sometimes one whopper of a mistake can be more instructive than a binder's worth of best practices, we interviewed more than a dozen security consultants to arrive at our 10 worst practices list.