WindowSecurity.com Articles & Tutorials Archive

Articles & Tutorials by date (Click here to sort Articles & Tutorials by topic)

2008
[	8	]	January, 2008	[	6	]	February, 2008	[	6	]	March, 2008
[	11	]	April, 2008	[	1	]	May, 2008
2007
[	10	]	January, 2007	[	9	]	February, 2007	[	8	]	March, 2007
[	6	]	April, 2007	[	8	]	May, 2007	[	6	]	June, 2007
[	7	]	July, 2007	[	11	]	August, 2007	[	7	]	September, 2007
[	12	]	October, 2007	[	11	]	November, 2007	[	7	]	December, 2007
2006
[	13	]	January, 2006	[	9	]	February, 2006	[	11	]	March, 2006
[	9	]	April, 2006	[	12	]	May, 2006	[	10	]	June, 2006
[	9	]	July, 2006	[	11	]	August, 2006	[	9	]	September, 2006
[	10	]	October, 2006	[	11	]	November, 2006	[	9	]	December, 2006
2005
[	9	]	January, 2005	[	11	]	February, 2005	[	12	]	March, 2005
[	12	]	April, 2005	[	11	]	May, 2005	[	14	]	June, 2005
[	12	]	July, 2005	[	14	]	August, 2005	[	10	]	September, 2005
[	10	]	October, 2005	[	8	]	November, 2005	[	9	]	December, 2005
2004
[	4	]	January, 2004	[	3	]	February, 2004	[	5	]	March, 2004
[	3	]	April, 2004	[	6	]	May, 2004	[	9	]	June, 2004
[	9	]	July, 2004	[	8	]	August, 2004	[	8	]	September, 2004
[	7	]	October, 2004	[	9	]	November, 2004	[	9	]	December, 2004
2003
[	6	]	January, 2003	[	5	]	February, 2003	[	10	]	March, 2003
[	8	]	April, 2003	[	15	]	May, 2003	[	8	]	June, 2003
[	11	]	July, 2003	[	5	]	August, 2003	[	6	]	September, 2003
[	13	]	October, 2003	[	5	]	November, 2003	[	4	]	December, 2003
2002
[	1	]	March, 2002	[	9	]	April, 2002	[	7	]	June, 2002
[	29	]	July, 2002	[	7	]	August, 2002	[	4	]	September, 2002
[	537	]	October, 2002	[	10	]	November, 2002	[	8	]	December, 2002
2001
[	6	]	February, 2001	[	1	]	May, 2001	[	1	]	October, 2001
2000
[	129	]	February, 2000	[	188	]	April, 2000	[	5	]	September, 2000
[	2	]	December, 2000

Articles & Tutorials for December, 2002

Session Fixation Vulnerability in Web-based Applications: Date - Dec 20, 2002; Author - ACROS Security; Section - Network Security Library / Web Security; Many web-based applications employ some kind of session management to create a user-friendly environment. Sessions are stored on server and associated with respective users by session identifiers (IDs). To prevent attackers hijacking users' identities by obtaining session IDs, web servers are employing techniques for protecting session IDs from three classes of attacks: interception, prediction and brute-force attacks. This paper reveals a fourth class of attacks against session IDs: session fixation attacks.
Securing Windows 2000 Active Directory (Part 2): Date - Dec 20, 2002; Author - Ricky M. Magalhaes; Section - Articles / Windows OS Security; Protecting active directory’s integrity is paramount. This is the second article in the two part series that focuses on active directory security. Active directory is the windows 2000 information repository that needs to be kept very secure. Active directory has vital service dependencies such as DNS which changes the scope of what needs to remain secure. I will focus on actions that you can take in order to safeguard the active directory service.
Sandbox II : Worms and Viruses: Date - Dec 16, 2002; Author - Norman; Section - Network Security Library / Anti Virus; Last year I presented how a simulated computer, which is integrated inside the scanner engine, can detect viruses based on actual performance. I demonstrated regular file replication for regular Win32 PE infectors. However, regular file replicating viruses do not pose the biggest threat – worms and viruses spreading through the Internet do. I will demonstrate how detection of these critters can be applied to the simulated computer, how these simulated computers can ‘network’ inside a single scanner engine, opening shares and communicate with a simulated SMTP server, how we deal with run-time libraries, e.g. Visual Basic DLLs, what is possible to simulate and what is not.
Wireless Security Primer 101: Date - Dec 16, 2002; Author - Robert J. Shimonski; Section - Articles / Wireless Security; The first article in a two part series that serves as an introduction to wireless communication, as well as a description of wireless networks, protocols and security standards.
Anti Virus Software: Norton, McAfee, Trend Micro, or Hauri?: Date - Dec 15, 2002; Author - Relevant Technologies; Section - Network Security Library / Anti Virus; In this paper four of the leading antivirus software solutions are tested side by side in order to determine which one provides the best overall protection.
Honeypots - Definitions and Value of Honeypots: Date - Dec 10, 2002; Author - Lance Spitzner; Section - Network Security Library / Honeypots; Discusses what honeypots are, how they can add value to an organization, and several honeypot solutions.
Combat intruders with GFI's latest release of LANguard S.E.L.M.!: Date - Dec 06, 2002; Author - GFI Software; Section - Articles / Intrusion Detection; Each day the threat to the security of a corporate network increases and exploited vulnerabilities seem to multiply exponentially. A breached enterprise network can yield trade secrets, expose core business functions or have its information destroyed by intruders bent on profit, mayhem and mischief. In-depth defense is the only solution to this problem in an increasingly interconnected world - and surveillance is the first bulwark of defense.
Securing Windows 2000 Active Directory (Part 1): Date - Dec 02, 2002; Author - Ricky M. Magalhaes; Section - Articles / Windows OS Security; Protecting active directory’s integrity is paramount. This article will focus on active directory security and will be written in two parts. Active directory is the windows 2000 information repository that needs to be kept very secure. Active directory has vital service dependencies such as DNS which changes the scope of what needs to remain secure. I will focus on actions that you can take in order to safeguard the active directory service.