Et Cetera

Fri
24
Jul

Snort on Windows Server 2003

Contributed by Suni Vakharia and restored from the old Infosecwriters.com archives.

A detailed write up on installing Snort on a Windows 2003 server with installation and configuration notes.

This document is in PDF format. To view it click here.

Fri
24
Jul

Implementing a Digital Forensics Lab in Education

Contributed by Steve Scott

Thu
23
Jul

Are Companies Really Protecting Consumer Information

Contributed by Carl Brackett.

Technology has changed through the years and has affected the way items are purchased, whether it is online or at conventional stores. Cash or check is not the only means of paying for a purchase as people have started taking advantage of debit or credit cards since they are suppose to be safer than carrying cash. The real question that comes to mind, are people really safer using a debit or credit card?

People are under the impression that their information associated to these cards are safe and secure when making a transaction, but the fact is unclear to most individuals that the information is vulnerable when these companies do not take appropriate security measures to keep this information secure. Over the last several years, there have been many incidents where this data has been obtained from security breaches like Target, Wal-Mart, TJ Max, Home Depot, or online websites like Apple or eBay.

Tue
21
Jul

Crawling Ajax-driven Web 2.0 Applications

Contributed by Shreeraj Shah and restored from the old Infosecwriters.com archive.

Crawling web applications is one of the key phases of automated web application scanning. The objective of crawling is to collect all possible resources from the server in order to automate vulnerability detection on each of these resources. A resource that is overlooked during this discovery phase can mean a failure to detect some vulnerabilities. The introduction of Ajax throws up new challenges [1] for the crawling engine. New ways of handling the crawling process are required as a result of these challenges. The objective of this paper is to use a practical approach to address this issue using rbNarcissus, Watir and Ruby.

This document is in PDF format. To view it click here.

Tue
21
Jul

Regulations and Technologies to Reduce Breaches in Computer Networks

Contributed by Ming-Li Tabor.

From the records, there are more hackers attacking computer network systems. The systems include banks, companies, and hospitals. Millions of records were breached and billions of dollars were lost. The government regulations require data breach notification. According to Title II of the Communications Act of 1934, Internet service providers are liable to their customers. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) protects health information. Magnetic strip technology can help to reduce breaches. The methods include chip card, chip and pin, Europay, MasterCard, Visa card (EMV), and tokenization. Some technologies provide detection of intrusion. These technologies include honeypots, snort, and Open Source Tripwire. Honeypots collect information about the attacker’s activities. Snort is easily deployed on most nodes. Open Source Tripwire is a host-based detection system.

Pages

Subscribe to RSS - Et Cetera