Identity theft is the fastest growing crime in America. According to the Federal Trade Commission, the number of identity theft incidents reached 9.9 million in 2003, and is estimated to have taken the average victim $500 and 30 hours to resolve. This article is designed to help network administrators and consumers understand the issues surrounding [...]
Social Engineering is a method often employeed in the attempt to break through network security. It is based on the premise that it is often easier to ask for something than to work for it. Although “social engineering” is not a brand new style of gaining network access. This article will make you think about [...]
Second-order Code Injection: Advanced Code Injection Techniques and Testing Procedures
24 Jul
Posted by Exploitx as WhitePapers
Many forms of code injection (for instance cross-site scripting and SQL injection) rely upon the instantaneous execution of the embedded code to carry out the attack (e.g. stealing a user’s current session information or executing a modified SQL query). In some cases it may be possible for an attacker to inject their malicious code into [...]
By: Todd Jenkins
Introduction
You’ve just been asked by your manager to install a hardened bastion host. The company needs
to strengthen the security between the Internet and the company’s internal network. You
unsuspectingly accept the challenge and tell your manager you need to do some research. How
hard could it be?
Management often likes to use technical jargon even when [...]
By: Johan Hiemstra
An overview of 802.11x, WEP, WAP, and WTLS, their strengths, operation, and vulnerabilities as well as various related wireless security attacks and security technologies.
Read: http://www.securitydocs.com/go/2570
Purpose
This document sets forth the guidelines for using wireless technologies for data connectivity and identifies responsibilities for the deployment of wireless connectivity services and the administration of the wireless radio spectrum. These guidelines describe how wireless technologies are to be implemented, administered and supported at the University of Arizona campus. It supplements the [...]
