| Business Continuity/Disaster Recovery - Community Contributions |
|
|
|
Title
|
Contributor |
Date |
Description |
Rating |
|
XSS Attacks FAQ |
Aelphaeis Mangarae |
07/07/05 |
Aelphaeis Mangarae presents a solid overview of the threat of Cross Site Scripting. Examples of attacks, finding vulnerable sites, and protecting oneself are discussed. |
8 |
|
Vulnerability Enumeration For Penetration Testing |
Aelphaeis Mangarae |
19/11/06 |
This paper is a sequel to Aelphaeis Mangarae's “Learn Information Gathering By Example”. This paper will go through looking for Vulnerabilities in remote system(s), which is what you would do in a Penetration Test after gathering information on the target. |
10 |
|
Cookie Security |
Arvind Doraiswamy |
14/05/06 |
Arvind Doraiswamy contributes this paper which deals with the security issues related to
Internet cookies and managers to assist. |
7 |
|
Business Contingency Planning and Post September 11th, 2001 |
Brett Pladna |
23/07/07 |
Brett Pladna submits this paper that discusses the lessons learned by many companies following Septemeber 11th, 2001. |
No votes |
|
Implementing Effective Vulnerability Remediation Strategies Within the Web Application Development Lifecycle |
Caleb Sima |
01/08/07 |
In part two of this Spi-Dynamics 3 part series, authors Caleb Sima and Vincent Liu discuss how to prioritize and remediate web application vulnerabilities. |
6 |
|
Open Source Intrusion Detection and Prevention: Tools for Today's Corporate Market? |
Craig Gosselin |
17/04/06 |
This contribution, written by Craig Gosselin, discusses two open source tools, Snort and Bro that are either no cost or low cost that you can obtain and train to use. |
10 |
|
Voice over IP Security Planning, Threats and Recommendations |
Dan Sass |
30/12/05 |
Dan Sass discusses the security (risks, policies and procedures) around Voice over IP. |
10 |
|
HTTP Response Splitting |
Diabolic Crab |
19/04/05 |
This paper is a discussion on a fairly new web application vulnerability. It can be used for the following purposes. Cross site scripting (XSS): This is a very common and old form of vulnerability where it allows the user execution of html or java script code which can then lead to the hijacking of the user's cookie or session. |
4 |
|
The Feasibility of P2P Techniques Used in IM Worms |
Ge Zhang |
13/03/06 |
Ge Zhang discusses IM worms infections through URL or infected file transferes in this contribution. |
10 |
|
Business Continuity Management |
Ghazali.A.Wasti |
02/08/04 |
An overview of Business Continuity, and an outlined approach your business can take. |
7 |
|
Information Security – Whose Responsibility is It? |
Guillermo Ortiz-Caceres |
08/12/06 |
This paper, contributed by Guillermo Ortiz-Caceres, discusses the responsibility consumers have and how security can be achieved through education of best practices. |
8 |
|
D-WARD, DDoS and Three Network Administrative Domains |
Hang Chau |
18/10/04 |
Discussion on DDoS Network Attack Recognition and Defense (D-WARD). |
7 |
|
Core CS & Core PS Network High-Level Security Requirements |
Jamie Fisher |
21/02/07 |
Jamie Fisher submits this extensive white paper on mobile/cellular security network. |
10 |
|
Low Cost Technique for Intrusion Detection |
Kelly Lucas |
12/12/05 |
Kelly Lucas submits this paper which addresses a technique that could be used by small to medium sized companies to address the needs of an Intrusion Detection process. |
8 |
|
Mitigation of Social Engineering Attacks in Corporate America |
Kevin C. Redmon |
13/01/06 |
In this paper, Kevin Redmon describes the enemy and his various methods and strategies of attack to access this information. |
10 |
|
Information Privacy and Security for the Home-based Health Information Worker |
Monica S. Dunnehoo |
28/12/05 |
This report by Monica Dunnehoo, offers guidance on implementing Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulations and other privacy and security rules as they apply to the home-based health information worker. |
No votes |
|
Wireless Security while Roving |
Patricia Redding |
29/12/05 |
Patricia Redding submits this paper which examines Wi-Fi Protected Access, Pre-Shared Key, VPN, Remote Authentication Dial-In User Service, Kerberos, EAP, Quality of Service and firewalls as ways to protect computers from attacks such as Evil Twin, Phishing, Eavesdroppers, and Denial of Service. |
No votes |
|
Authentication and Session Management on the Web |
Paul Johnston |
16/06/05 |
This contribution from Paul Johnston discusses web authentication and security. Specifically passwords and authentication, attacksing the system, stealing cookies and mitigation steps. |
7 |
|
VIRUSE - A System Enemy |
Professor PL Pradhan |
26/08/05 |
Professor PL Pradhan submits this paper which takes a look at using computer down time to perform certain tasks such as brute forcing cryptoanalsysis, or other tasks. |
10 |
|
Protecting Your Home Computer from Internet Threats |
Rick Wanner |
23/10/07 |
Rick Wanner submits this update to his previous paper on Protecting Your Home Computer from Internet Threats. |
1 |
|
So You Think You Have a Good Business Recovery Plan? |
Roger Elrod |
13/09/05 |
Roger Elrod delivers this paper on Business Continuity and Disaster Recovery. |
10 |
|
Targeted Cyber Attacks - The Dangers Faced by your Corporate Network |
Sarah Testa |
12/02/07 |
This security e-book, written by Sarah Testa from GFI, explains the real dangers posed by targeted cyber attacks and the measures organizations can adopt to secure against such threats |
9 |
|
Investigating Botnets, Zombies, and IRC Security |
Seth Thigpen |
14/12/05 |
Seth Thigpen submits this paper on Internet Security specific to Zombies, Botnets and how they use IRC as well as attacks committed using these methods such as DDOS. |
7 |
|
Network Hardening: Using Warfare Strategy |
Shawn W. Toderick |
19/08/05 |
Shawn Toderick presents his paper on hardening the network inspired by Sun Tzu’s The Art of War. |
9 |
|
Managing Disasters: Forming, Preparing and Testing the Disaster Recovery Plan |
Stephanie Hight |
20/07/06 |
This paper, written by Stephanie Hight, will attempt to define and discuss the importance of having a Disaster Recovery Plan from the Information Technology perspective, as well as the essentials that need to be included in the plan. It will also discuss the inter-dependence and ability to work together in getting the systems back up and running at the original site or some other designated place. This paper will include tips in choosing the team that will be responsible for recovering all essential systems and the criteria that is placed on what systems need to be recovered in what order. |
8 |
|
Information Security in Community Colleges |
Steven Marcus |
20/12/05 |
Steven Marcus submits this paper on Information Security issues surrounding Community Colleges. |
10 |
|
Building a Wireless Network for Residential Neighborhoods |
Timothy Powers |
18/05/06 |
Timothy Powers submits this paper that will give some detail on the steps involved in setting up a wireless network to cover an apartment complex of several buildings. |
No votes |
|
Penetration Testing Framework |
Toggmeister |
25/07/06 |
This is the best one will find for frameworks to work from when performing penetration testing. Written by Toggmeister and Lee J Lawson. |
10 |
|
Securing Instant Messaging |
Tom Olzak |
23/01/06 |
In this paper, Tom Olzak will review the current challenges facing businesses in which employees use public IM services. He also defines the possible damage to your business because of IM vulnerabilities as well as the objectives of an effective secure IM strategy. Finally, he looks at various ways to meet the goals of that strategy. |
No votes |
|
Keystroke Dynamics |
Tom Olzak |
25/09/06 |
In this paper Tom Olzak takes a look at biometrics, followed by keystroke dynamics, including history, how it works, and why it may be the answer for organizations with people or cost issues. |
10 |
|
|
