software development, security, opinion
Archive for the ‘security’ Category.
TechnologyEvaluation.com: OKENA Pioneers Next-Generation Intrusion Prevention: “Intrusion prevention has evolved as a smarter alternative to intrusion detection. Pioneer OKENA has mapped application behaviors into rules, and is using these behavior rules to prevent intrusions up front. This second-generation approach offers substantial bottom line savings, and frees up IT resources for other tasks.”
Microsoft warns millions about IE security flaw. vnunet.com Jan 4 2002 11:52AM ET [Tech latest]
Ditch IE – veteran bug hunter. Guninski nails another vulnerability [The Register]
Debian Security Advisory: exim
Patrice Fournier discovered a bug in all versions of Exim older than
Exim 3.34 and Exim 3.952.
The Exim maintainer, Philip Hazel, writes about this issue: “The
problem exists only in the case of a run time configuration which
directs or routes an address to a pipe transport without checking the
local part of the address in any way. This does not apply, for
example, to pipes run from alias or forward files, because the local
part is checked to ensure that it is the name of an alias or of a
local user. The bug’s effect is that, instead of obeying the correct
pipe command, a broken Exim runs the command encoded in the local part
of the address.”
MS security patch opens new hole. ZDNet Jan 4 2002 9:06AM ET [Computer security news]
New hole in AOL Instant Messenger lets hackers take over. San Francisco Chronicle Jan 3 2002 2:34AM ET [Computer security news]
P2P Apps Share Spyware. File-sharing programs LimeWire, BearShare, Grokster and Kazaa recently included software that tracks users online. The companies plead ignorance, blaming bundled advertising software. By Michelle Delio. [Wired News]
Charlie Kaufman, Iris Associates:
Active Content: Really Neat Technology or Impending Disaster (AUDIO):
an amusing one-hour talk about how bad it is
TechRepublic:
Troubleshooting L2TP/IPSec VPN connections in Win2K
Working with Windows 2000’s L2TP/IPSec VPN connections is a whole different ball game from managing PPTP. Take a look at these valuable tips for troubleshooting L2TP/IPSec issues.
Steve Gibson has just released a simple tool that allows anyone — no
matter how junior and inexperienced — to quickly disable or enable
the Universal Plug & Play Internet server that runs by default —
even after applying Microsoft’s patch — in every copy of Windows XP.
You are currently browsing the archives for the security category.
