ISW Security Papers Contest
Home
About Us

ISW News & Events

Text Library
Submit Your Paper
Contest
Recommended Reading
Contact Us
 

Subscribe to our monthly newsletter and receive updates on:
 
Security/Hack Challenges
ISW's Monthly Contest Prizes & Winners
Recommended Security Books & Reviews
Recently Published Papers
Click here to subscribe/unsubscribe!

Opt-in Terms | Archives
Would you listen to an InfoSecWriters Podcast on Information Security?
 
Yes
No
   

Best Security Papers of the Month Contest:

Contest FAQs

Prizes Catalog



Raven Adler, Jay Beale, Riley “Caez

Read the review here!
 

 

A major objective of the Info Security Writers is seeking the security enthusiasts who write. Most of the site’s content is generated by these people willing to share their knowledge and experiences on the various aspects of security/hacking via original white papers, articles and projects.

The Info Security Writers recognizes and rewards such contributors for their efforts through a monthly best-security-papers contest.

 Click here for more info on SWG
Text Library contribute, read & rate security papers Recommended Reading comprehensive book reviews
Hitchhiker's World contribute articles & personal commentaries
 Policies contribute & download policies
Forums partake in questions & discussions Quiz! the Netcat Geek Quiz here!
09/05/08: An Approach to Web Application Threat Modeling - The aim of this paper, written by Akash Shrivastava, is to identify relevant threats and vulnerabilities in the Web Application and build a Security Framework to help in designing a secure Web Application.
08/05/08: Computer Forensics Procedures, Tools, and Digital Evidence Bags: What They Are and Who Should Use Them - This paper, written by Brett Pladna, will try to demonstrate the importance of computer forensics by describing procedures, tools and differences in the use for individuals/small organizations vs. large organizations.
07/05/08: Security Needs in Embedded Systems - The paper discusses the hardware and software security requirements in an embedded device that are involved in the transfer of secure digital data. The paper gives an overview on the security processes like encryption/decryption, key agreement, digital signatures and digital certificates that are used to achieve data protection during data transfer. The paper also discusses the security requirements in the device to prevent possible physical attacks to expose the secure data such as secret keys from the device. The paper also briefs on the security enforced in a device by the use of proprietary security technology and also discusses the security measures taken during the production of the device.
04/05/08: A Guide E-Mail Systems and Security - Brian Donadio contributes his paper which provides information on secure methods of sending and receiving E-Mail over the Internet.
30/04/08: A Comparison of VNC Connection Methods - This paper, written by Frank Isaacs, discusses different methods of deploying VNC with an emphasis on the security considerations of each method, and the tradeoffs associated with the convenience of each method.
28/04/08: Three Linux Security Basics - This paper, written by Jeff Drake, outlines some basic security issues and concerns as they relate to Linux server security and tools and techniques that can be implemented to harden the system.
08/04/08: Server Virtualization and Information Security Concerns - Daniel James and William J. Sparks discusses virtualization, the benefits, security and financial imapact.
25/03/08: Privacy? Protecting Consumer Data in a Wireless World - Robin Link submits this paper on the personal information vulnerable over wireless retail networks and how PCI plays a part in all of it.
09/03/08: Extensible Authentication Protocol (EAP) Security Issues - This document, written by Samuel Sotillo, presents an overview on some security issues that affect the Extensible Authentication Protocol as defined by the IETF RFC 3748.
26/02/08: Malware – What It Is and How to Avoid It - Daniel James submits this study on the different types of malware and how to protect against them.
 
Infosecwriters.com anticipates your written contributions. CLICK HERE for writing guidelines & other criteria.

Nmap accepting applications for Summer of Code developers - 2008-03-25
Click here to expand the news item.

It may have taken me four months to send this year's first nmap-hackers mail, but the second only took me four hours. I want to let you all know that Nmap has been accepted for the fourth year running to participate in the Google Summer of Code program. This generous and innovative program provides $4,500 stipends to hundreds of university students to create or enhance open source software. Applications are only accepted for one week, until Monday, March 31.

If you are a college student in any country, I'd strongly encourage you to apply for Nmap SoC. There aren't many opportunities available to get paid to work on free software of your choice, and this is one of them. The last three years have been great! Even if you aren't a student, perhaps you have a talented friend or relative who might be interested. This program is a great benefit to Nmap, and the benefit is proportional to the quality of applicants we get. So please spread the word! Some SoC students have turned into long-term Nmap developers and are still writing great new code. Several have become SoC mentors to guide new Nmap SoC students.

Summer of code successes in recent years have lead to the 2nd Generation OS detection system, the Zenmap GUI, the runtime interaction feature which tells you how soon your scan is likely to finish, and much more. Here are more Nmap SoC success stories:

  1. 2007: http://seclists.org/nmap-dev/2007/q4/0024.html
  2. 2006: http://seclists.org/nmap-dev/2007/q1/0235.html
  3. 2005: http://slashdot.org/comments.pl?sid=183143&cid=15133184

If you or someone you know are interested, you can send them to the Nmap 2008 project ideas page at:

http://nmap.org/GoogleGrants.html

And you can learn more about the program in general at:

http://code.google.com/soc/2008/



544 bytes more >>

ISW's Charles Hornat Teaches Security Management - 2007-10-18
Click here to expand the news item.

ISW's Charles Hornat will be mentoring another SANS class in New York City. This class focuses on what is needed to be known for Information Security Managers. Charles will share his experiences as a Security Manager at companies like Sony and Standard and Poors. This class will begin on October 30th in Times Square, NYC.

If you would like more information or would like to sign up, please go to www.sans.org.

0 bytes more >>

Josh Wright and Eavesdropping on Bluetooth Headsets - 2007-10-08
Click here to expand the news item.

Josh Wright, an instructor for SANS , has produced a video demonstration on how to manipulate a BlueTooth headset. He clealy shows how easy it is to remotley connect to a victims headset, and eaves drop, even while the victim is not in a call, and/or inject audio in to the headset.

This is a must view!

To view it click here.

0 bytes more >>

Covert Google and Exploit Bank - 2007-09-04
Click here to expand the news item.
For more details, check :

http://www.infosecwriters.com/hhworld/

0 bytes more >>

Home | About Us | Contact Us | Privacy Policy | Site Map

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , Infosecwriters.com. All rights reserved. Comments are property of the respective posters.