| Security Tools - Community Contributions |
|
|
|
Title
|
Contributor |
Date |
Description |
Rating |
|
An Analysis of the IDS Penetration Tool: Metasploit |
Josh Marquez |
09/12/10 |
Josh Marquez writes this introductory paper on Metasploit. |
10 |
|
A Comparison of VNC Connection Methods |
Frank Isaacs |
30/04/08 |
This paper, written by Frank Isaacs, discusses different methods of deploying VNC with an emphasis on the security considerations of each method, and the tradeoffs associated with the convenience of each method. |
5 |
|
Did I Do That? A Current Analysis of Biometric Technologies |
Jalaynea A. Cooper |
22/10/07 |
Jalaynea Cooper writes this in depth paper that will explore some of the primary types of
physiological and behavioral biometrics. |
10 |
|
Central Authentication using RADIUS and 802.1x |
MOHIT SARASWAT |
10/09/07 |
Mohit Saraswat submits this paper to help understand Radius and 802.1x, what it is, how it works and ideas towards implementing. |
7 |
|
Netcat for the Masses |
Dean De Beer |
30/07/07 |
Dean DeBeer submits this paper on usage of the swiss army knife of technology, Netcat. |
No votes |
|
Public Key Cryptography |
Anoop MS |
23/05/07 |
The paper, submitted by Anoop MS, discusses public key cryptography and its use in applications such as Key Agreement, Data Encryption and Digital Signature. The paper discusses some public key algorithms such as DH, RSA, DSA, ECDH and ECDSA and also gives mathematical explanations on the working of these algorithms. The paper also gives a brief introduction to modular arithmetic, which is the core arithmetic of almost all public key algorithms. |
10 |
|
Graphical Passwords |
Todd Exum |
09/05/07 |
Todd Exum contributes this work which will discuss the benefits and ways in which graphical passwords can be used in the business place, to ensure that computer systems are secure. |
9 |
|
New Technology in the Armed Forces |
Robert Sauls |
16/04/07 |
This is an off subject paper that I agreed to publish to give our minds a quick break from buffer overflows and Microsoft. This contribution from Robert Sauls discusses new advancements in weapons, vehicles, and other technology that the armed forces use to fight the enemy. |
5 |
|
Preparing for Security Event Management |
360is |
26/03/07 |
In this paper, submitted by Nick Hutton of 360is, we learn how to mitigate some of the risks and reduce the costs associated with implementation of Security Event Management systems, arguably among the most complex and highest profile information security projects undertaken today. |
9 |
|
Why Passwords do not live up to Today's Needs |
Sandro Gauci |
22/03/07 |
Sandro Gauci writes this introduction to proper passwords that includes ideas on how to create strong passwords and how to overcome many of the reasons users abuse proper password usage. |
7 |
|
Biometrics, What and How |
Moustafa Kamal |
16/03/07 |
Moustafa Kamal submits this article that attempts to cover all of the characteristics that are used in Biometrics, how they are
used, and what are the disadvantages of using them. |
8 |
|
Writing NASL Scripts |
Hemil Shah |
02/02/07 |
This paper, written by Hemil Shah, discusses Nessus, Nasl, how to write your own Nasl scripts, what applications are needed to write nasl scripts, Loading nasl scripts into the nessus server, Configuration parameters used in nasl scripts, reporting techniques and Few debugging tips.
|
10 |
|
Enterprise Rights Management (ERM): Architectural Approaches |
Avoco Secure |
29/01/07 |
This document compares the architectural approaches to implementing an effective enterprise rights management (ERM) system, namely tethered and untethered models. The document attempts to explore the advantages and disadvantages of both approaches and the impact the two models have on a corporate installation of such a system. |
10 |
|
Web Application Security: The Overlooked Vulnerabilities |
Third Brigade |
08/01/07 |
This contribution from Third Brigade, discusses vulnerabilities associated with applications, types of threats, legislation and steps one can take to minimize the risk presented. |
No votes |
|
Elliptic Curve Cryptography |
Anoop MS |
05/01/07 |
This paper, written by Anoop MS, gives an introduction to elliptic curve cryptography (ECC) and how it is used in the implementation of digital signature (ECDSA) and key agreement (ECDH) Algorithms. He also discusses the implementation of ECC on two finite fields, prime field and binary field. This paper also gives an overview of ECC implementation on different coordinate systems called the projective coordinate systems and the basics of prime and binary field arithmetic. |
9 |
|
Information Security - Tools of the Trade |
Sajeev Nair |
30/11/06 |
Sajeev Nail submits this paper that lists tools and their various purposes to security professionals. |
No votes |
|
Why one virus engine is not enough |
Matthew Simiana |
10/11/06 |
This white paper, written by Matthew Simiana, examines why having multiple anti-virus scanners at mail server level substantially reduces the chance of virus infection and explores ways in which this can be achieved. |
6 |
|
Web Content Filtering in the Corporate Network Perimeter |
Panda Software |
21/10/06 |
Panda Software contributes this white paper discussing filteirng web content in a coporate environment. |
10 |
|
The Four Key Qualities of Effective Host Intrusion Prevention (HIP) Solutions: Defining Deep HIP |
Third Brigade |
20/10/06 |
This white paper, submitted by Third Brigade, explains what to look for in HIP products, and introduces the concept of “Deep HIP” as a means of characterizing effective solutions in this area. |
No votes |
|
Anti-Spam Protection in the Network Perimeter |
Panda Software |
19/10/06 |
Panda Software contributes this white paper on anti-spam in the corporate enterprise. |
No votes |
|
The New Threat: Attackers That Target Healthcare Organizations |
Third Brigade |
18/10/06 |
Third Brigade submits this white paper on the new threats that face medical facilities. |
10 |
|
Anti-Malware Perimeter Protection |
Panda Software |
17/10/06 |
Panda Software submits this white paper on anti-malware security. |
No votes |
|
The Need for Host Intrusion Prevention |
Third Brigade |
16/10/06 |
This whitepaper, submitted by Third Brigade, looks at the security challenges faced by organizations and explains how Host Intrusion Prevention (HIP) plays a critical role in an organization’s overall security strategy. |
5 |
|
Penetration Test Framework UPDATE |
Toggmeister |
10/10/06 |
Lee Lawson submits this update on an excellent Penetration Test Framework. This is a must for anyone performing penetration testing!!! |
9 |
|
Zero Configuration VPN Clients for Mobile Users |
Michael Underwood |
22/05/06 |
In this paper, Michael Underwood examines three VPN services that are designed to be used at
wireless hotspot for either SOHO (small office/home office) or small business users. |
7 |
|
Smart Cards for Traveling Users |
Sandra Price |
01/05/06 |
Sandra Price submits this paper on how the use of smart cards improves security for users who travel. |
10 |
|
Using Virtual Machines to Provide a Secure Teaching Lab Environment |
Harry Bulbrook |
28/04/06 |
This paper, written by harry Bulbrook, discusses using VMWare to set up a lab in which to do security testing. |
10 |
|
Internet Monitoring Software |
Gordon Giles |
15/12/05 |
Gordon Giles contributes this study on tools to help monitor and enforce acceptable use of the Internet. |
6 |
|
Plug-ins - a source of insecurity |
Alice Pierce |
09/12/05 |
Alice Pierce of LockLizard submits this paper which examines and questions the claims often made by plug-ins.
suppliers that they are secure, giving published examples of where they
are not |
2 |
|
Encryption is not enough for DRM |
Alice Pierce |
09/12/05 |
This paper, submitted by Alice Pierce of LockLizard, covers why encryption is not enough to protect your electronic documents and why other factors such as the implementation of the system are equally important. |
7 |
|
How to Combat Spyware in Corporate Environments |
Panda Software |
19/09/05 |
A vendor contribution from Panda Soft on Spyware and how they can help defend against it. |
10 |
|
QuickSilver: Root Password Rotation as a security measure for Small/Medium Scale LANs |
Arjun Venkatraman |
07/09/05 |
Password rotation scheme submitted by Arjun Venkatraman, ideal for small to medium sized businesses. |
No votes |
|
Phoenix: Secure File Transfer Using SSL |
Arjun Venkatraman |
31/08/05 |
Arjun Venkatraman submits this paper on the inner workings of using Phoenix. |
9 |
|
Validy Technology - Solution Against Software Policy and IT Sabotage |
Jean-Christophe Cuenod |
06/02/05 |
Validy is a software publisher whose research and development activity began in 1991. Since its foundation, Validy has directed its research towards IT security, which has today become a crucial component in personal, infrastructure and economic security. |
7 |
|
Computer snooping using InstallRite |
Floydman |
06/09/02 |
Using the InstallRite software as a monitoring/logging tool. |
10 |
|
Software deployment that makes sense |
Floydman |
06/09/02 |
Using the InstallRite software as originally intended: to monitor software installation. |
10 |
|
Log Agent, log file recollection tool |
Floydman |
06/09/02 |
A PERL tool (source code included) for log processing on an NT network. |
6 |
|
About Sniffers |
Obscure |
06/09/02 |
About sniffers, the good and the evil uses: definition, NIDS, monitoring, password sniffing and other malicious uses, general use, defeating sniffers |
6 |
|
|
