- Articles
- Authors
- Blogs
- ISA Server Articles
- Links
- Message Boards
- Newsletter
- RSS
- Security Tests
- Services
- Software
- White Papers
Network Security Library
Network Security Library / Auditing
- Passive Information Gathering (Part 2)
- Date - Feb 21, 2007
- Part 2 of what can be gathered passively in order to formulate a targeted attack.
- Passive Information Gathering (Part 1)
- Date - Feb 07, 2007
- What can be gathered passively in order to formulate a targeted attack.
- The need for effective event management
- Date - Nov 15, 2006
- Logs and their management are however one of the most important aspects in computer systems management. This white paper shows where GFI EventsManager fits in this picture and how it is an invaluable asset in the corporate toolbox.
- Spreadsheet Assurance
- Date - Jun 07, 2006
- To date auditors have not looked too deeply into the content or accuracy of spreadsheets in corporations. With Sarbanes-Oxley (SOX), and the recent Health Insurance Portability & Accountability Act (HIPAA), you can bet that they will start to take a closer look. Will your spreadsheet results pass an audit?
- Analysis of Remote Active Operating System Fingerprinting Tools
- Date - Aug 06, 2003
- There are many tools today that are used for remote active operating system fingerprinting. They all have their own fingerprinting techniques. This paper gives an in-depth analysis of three such tools: Nmap, RINGv2, and Xprobe2. The purpose of the paper is to show how these tools work, and to understand the advantages and disadvantages they each offer.
- Guide to Sybase Security
- Date - Mar 20, 2003
- This article provides a detailed explanation of security for a Sybase database. The article has been written from the perspective of both security auditing and implementation. The queries and details given have been tested on Sybase Adaptive Server Enterprise 12.5 but will be valid for other versions as well.
- Ethical Hacking Techniques to Audit and Secure Web-enabled Applications
- Date - Jun 07, 2002
- Hacking Web Applications Using Cookie Poisoning
- Date - Jun 07, 2002
- Web Application Forensics: The Uncharted Territory
- Date - Jun 07, 2002
- Hacker Repellent
- Date - Jun 07, 2002
- Passive System Fingerprinting using Network Client Applications
- Date - Feb 18, 2001
- Advanced Host Detection - Techniques To Validate Host-Connectivity
- Date - Feb 18, 2001
- Examining port scan methods - Analyzing Audible Techniques
- Date - Feb 18, 2001
- ICMP Usage In Scanning v2.5
- Date - Dec 26, 2000
- An Overview of Network Security Analysis and Penetration Testing
- Date - Sep 03, 2000
- 10 Proposed 'first-aid' security measures against Distributed Denial Of Service attacks
- Date - Apr 18, 2000
- Tribe Flood Network 3000
- Date - Apr 10, 2000
- Why Computers are Insecure
- Date - Apr 10, 2000
- A Weakness in the 4.2BSD Unix TCP/IP Software
- Date - Apr 10, 2000
- A Critical Analysis of Vulnerability Taxonomies
- Date - Apr 09, 2000
- A Taxonomy of UNIX and Network Security Vulnerabilities
- Date - Apr 09, 2000
- Classifying Vulnerabilities
- Date - Apr 09, 2000
- Practical Network Support for IP Traceback
- Date - Apr 09, 2000
- Purgatory 101: Learning to cope with the SYNs of the Internet.
- Date - Apr 09, 2000
- Strategies for Defeating Distributed Attacks
- Date - Apr 09, 2000
- The DoS Project's "trinoo" distributed denial of service attack tool.
- Date - Apr 09, 2000
- Towards a Taxonomy of Network Security Assessment Techniques
- Date - Apr 09, 2000
- Advanced Buffer Overflow Exploit
- Date - Apr 08, 2000
- Compromised - Buffer - Overflows, from Intel to SPARC Version 8
- Date - Apr 08, 2000
- Finding and Exploiting Programs with Buffer Overflows
- Date - Apr 08, 2000
- Buffer Overruns, Whats the Real Story?
- Date - Apr 08, 2000
- Smashing The Stack For Fun And Profit
- Date - Apr 08, 2000
- strlcpy and strlcat--Consistent, Safe, String Copy and Concatenation
- Date - Apr 08, 2000
- w00w00 on Heap Overflows
- Date - Apr 08, 2000
- Win32 Buffer Overflows (Location, Exploitation and Prevention)
- Date - Apr 08, 2000
- The Open Source Security Testing Methodology Manual v2.0
- Date - Feb 27, 2000
- Probing TCP Implementations
- Date - Feb 23, 2000
- Continuous Assessment of a Unix Configuration: Integrating Intrusion Detection and Configuration Analysis
- Date - Feb 21, 2000
- A Map of Security Risks Associated with Using COTS
- Date - Feb 21, 2000
- Commonly Overlooked Audit Trails on Intrusions
- Date - Feb 21, 2000
- The Remedy Dimension of Vulnerability Analysis
- Date - Feb 21, 2000
- Advanced Security Audit Trail Analysis on uniX. Implementation Design of the NADF Evaluator.
- Date - Feb 20, 2000
- ASAX: Software Architecture and Rule-base Language for Universal Audit Trail Analysis.
- Date - Feb 20, 2000
- GASSATA, A Genetic Algorithm as an Alternative Tool for Security Audit Trails Analysis
- Date - Feb 20, 2000
Network Security Library topic
| [ | 26 | ] | Anti Spam | [ | 12 | ] | Anti Virus | [ | 44 | ] | Auditing |
| [ | 60 | ] | Auth. & Access Control | [ | 3 | ] | Content Management | [ | 103 | ] | Cryptography |
| [ | 12 | ] | Disaster Recovery | [ | 36 | ] | Firewalls & VPN's | [ | 6 | ] | Forensics |
| [ | 41 | ] | Harmless hacking book | [ | 1 | ] | Honeypots | [ | 14 | ] | Information Warfare |
| [ | 26 | ] | Intrusion Detection | [ | 7 | ] | Law | [ | 3 | ] | Managed Security Solutions |
| [ | 50 | ] | Misc | [ | 24 | ] | Mobile Code | [ | 32 | ] | NCSC&DoD Rainbow series |
| [ | 13 | ] | NetWare | [ | 31 | ] | Network Security | [ | 4 | ] | Patch Management |
| [ | 3 | ] | Phishing | [ | 38 | ] | Policy & Standards | [ | 25 | ] | Privacy |
| [ | 21 | ] | Software Engineering | [ | 2 | ] | Trojans | [ | 2 | ] | Underground |
| [ | 82 | ] | Unix Security | [ | 19 | ] | Web Security | [ | 39 | ] | Windows Security |
| [ | 6 | ] | Wireless Security |
Featured Links*
Become a WindowSecurity.com member!
Discuss your security issues with thousands of other network security experts. Click here to join!