Enllaços
Contingut actualitzat
Categories
Contingut antic
(ja no s'actualitza)
Versions anteriors
d'aquesta pàgina
Arxiu
|
|
 |
diumenge, 25 / gener / 2004 |
[ComputerWorld] The future of security és un interessant article on es prediu que algun esdeveniment catastròfic, que l'anomena el Digital Pearl Harbor que marcarà el nostre futur. L'article es en certa mesura catastrofista, però de lectura molt recomanable.
|
21:34 (# Enllaç permanent) ()
|
|
[ONLamp.com] Web App Security Testing with a Custom Proxy Server
In this article, I'll discuss some common web-application security flaws and then demonstrate how to detect them. In the process of auditing web applications for security flaws, I will also present a PHP script that will act as a web proxy server, allowing us to intercept and alter HTTP requests between the web browser and the target web server. As we will see, this PHP script will aid us tremendously in testing for security flaws.
|
18:29 (# Enllaç permanent) ()
|
|
Forgate (Forge Gateway) permet la captura del tràfic dins d'una xarxa on es fan servir commutadors (switches). El mètode utilitzat és l'emmetzinament ARP per tal de fer creure al sistema que s'està monitoritzant que l'estació amb l'sniffer és la passarel·la per defecte. Forgate és una prova de concepte de determinats mètodes, alguns dels quals estan implementats a ettercap.
|
18:17 (# Enllaç permanent) ()
|
|
[Via Slashdot] El NIST, dins del seu programa de conversació dels suports d'emmagatzematge digital, ha publicat una guia amb una sèrie de normes per a la protecció i conservació dels CD i DVD. La guia està disponible en format PDF (1,24 MB - PDF) i també com una guia ràpida (294 KB - PDF) amb allò que cal fer i que no s'ha de fer:
- Agafar els discos pel forat central o el contorn.
- Fer servir un retolador que no faci servir dissolvent per marcar els discos.
- Mantenir la superfície dels discos neta
- Emmagatzemar els discos en posició vertical
- Quan no es facin servir els discos, conservar-los dins del seu recipient.
- Els discos enregistrables s'han d'obrir tot just al moment de realitzar l'enregistrament.
- Els discos s'han de conservar en un entorn sec, fresc i fosc, amb aire net.
- La neteja dels discos s'ha de fer amb cotó, desplaçant-lo des del centre fins a l'extrem en línia recta.
- Fer servir detergent específic, alcohol o metanol per a la neteja dels discos.
- Verificar, abans d'enregistrar informació, la superfície del disc.
|
12:42 (# Enllaç permanent) ()
|
|
Disponible a http://www.osaia.org/letters/sco_hill.pdf
Innovation in software in itslef is not a problem -- new computing technologies have long been an engine of growth for our nation. But there are two serious problems associated with the spread of Linux and the Open Source approach to software development and distribution.
First, Linux and Open Source software are developed and distributed (often at no cost) under a schema called the GNU General Public License (GPL) which, some believe, is in direct contradiction to U.S. Copyright law, to the Digital Millennium Copyright Act (DMCA), and to the recent Supreme Court decision in Eldred vs. Ashcroft.
(...)
The second problem with Open Source software is that is not all original. Linux software contains significant UNIX software code that has been inappropriately, and without authorization, placed on Linux. I know this because my company, The SCO Group, owns the rights to that UNIX code originally developed by AT&T. SCO holds licenses to this valuable asset with more than 6,000 companies, universities, government agencies and other organizations. But as the use of Linux has grown, license revenue from UNIX has shrunk. Why whouldn't it? Why should someone license UNIX code from SCON and other legitimate providers when they can get much of that same code, for free, in Linux?
(...)
2. The threat to our international competitive position. In a growing number of countries, including Britain, Germany, France, Israel, Brazil, Japan, South Korea, China and Russian (sic), national and municipal governments are requiring that governments entities use Open Source software, Instead of UNIX from any number of U.S. companies or Windows from Microsoft, governments thoughout Europe and Asia are using Linux, often downloaded for free from the Internet.
3. The threat to our national security. I assert than Open Source software --available widely through the Internet -- has the potential to provide our nation's enemies or potential enemies with computing capabilities that are restricted by U.S. law. SCO's UNIX software is subject to export licensing restrictions, and for good reason. With the powerful multi-processing features of UNIX software, someone could build a supercomputer for military applications. My company must adhere to these restrictions: we cannot sell to North Korea, Libya, Iran, Sudan and several other nations. But a computer expert in North Korea can download the latest version of Linux, complete with multi-processing capabilities misappropriated from UNIX, and, in short order, build a virtual supercomputer.
When I talk about this, some people think I'm an alarmist. I have a different view --I think that this may have already happened.
(...)
The GPL (which its authors call "copyleft" to emphasize that it is the opposite of copyright) should not be allowed to continue to undermine the foundation of one of our most important industries.
Dan McBride
President and CEO,
The SCO Group, Inc.
|
12:24 (# Enllaç permanent) ()
|
|
[Loganalisys.org]
Log Analysis is one of the great overlooked aspects of operational computer security. Many organizations spend hundreds of thousands of dollars on intrusion detection systems (IDS) deployments - but still ignore their firewall log...
(..)
We're dedicated to pulling together a repository of useful information on log analysis for computer security.
|
12:00 (# Enllaç permanent) ()
|
|
© Copyright 2003-2004 Xavier Caballe. 
|
|
|
