• Forums
• Just Added
• Highest Rated
• Most Discussed
• Top Members
• Online Now
• Tags
• RSS Feeds
• JavaScript Feeds

---

Popular Tags
forensics, legal, microsoft, china, vista, spam, ddos, dos, disaster recovery, patriotact

Top Members (rating)
Kelsea (1065)
Mitchell (256)
Jennifer (207)
Paperboy (0)
Melrose2703 (0)
santhoshk (0)
Bulltrader (0)
Atony (0)

Forums
Google has a veterans day logo
How did you get started
Have any quesitons?
NSA-IAM
Whats the best security certifications
Certifications, padding the e-mail signature
Passwords are like underwear

RSS Feeds
Papers
Forum Posts

Open directory of information security papers

Attacks and Exploits Denial of Service, Malware, Phishing, More...	Certifications and Career CheckPoint, Cisco, CompTIA, More...	Cryptology Authentication, Encryption, IPSec, More...
Detection and Prevention Firewalls, Honeypots, Integrity Monitor, More...	Industry and Userbase Background Investigations, Government, Management Topics, More...	Legal and Regulatory FISMA, Gramm Leach Bliley, HIPAA, More...
Network and Infrastructure Load Management, Mobile Devices, Physical Security, More...	Policies and Processes Acceptable Use, Policy Writing, Security Awareness	Protocols and Services BGP, DNS, Email, More...
Response and Recovery Disaster Recovery, Forensics, Incident Handling, More...	Scanning and Auditing Application Auditing, Network Scanning, Patch Management, More...	Servers and Systems Apple, Cisco, FreeBSD, More...
Software and Applications Apache, Oracle, PeopleSoft, More...	Standards and Methods CobiT, ISO 1799, ITIL	Tools and Utilities Packet Crafting, Scanners, Sniffers, More...

Debunking the Microsoft Monoculture
In September 2003 the Computer and Communications Industry Association ( CCIA ) published a paper authored by a number of highly-respected members of the IT security community titled CyberInsecurity: The Cost of Monopoly. What follows is an objectiv...

---

Cybersecurity: The cost of monopoly
CCIA and the report’s authors have arrived at their conclusions independently. Indeed, the views of the authors are their views and theirs alone. However, the growing consensus within the computer security community and industry at large is strikin...

---

Web Application Security: Harder than you think
I was reading an advertisement the other day, from some company offering web hosting services. They were offering their services as secure on the basis that they used "SSL Certificates", "Firewalls", and "VPNs" ( plus a few ot...

---

Kerberos in Practice
Kerberos is technically an authentication protocol. It basically provides a protocol in which users can authenticate themselves to the Kerberos system, and Kerberos will then manage the users authentication to other systems. In short, it is a...

---

Getting a CISSP
Kerry Thompson provides this first hand account of his experience's with the CISSP. "In March of 2001 I started on a mission : to get a CISSP certification. "Easy", I thought, do some studying, sit an exam, pass with flying colors, t...

---

Misconceptions about the importance of IT certifications
It's one of the most highly contested issues in our field. Some people love them, some people hate them, but everyone has passionate theories about their validity.

---

HIPAA Security Review
Microsoft recently announced that it is planning to enter the field of managing PHI (Protected Health Information) for consumers of medical care in the USA. That may be welcome news for consumers, since no one can "standardize" us like Micros...

---

Is Your Agency Failing FISMA?
Is your agency failing to meet its Federal Information Security Management Act (FISMA) requirements? If so, perhaps it's because you feel that FISMA has become nothing more than a "paper drill." Or perhaps you feel that the auditors have ...

---

Hacking WEB 2.0
In this paper, written by Petko Petkov, he outlines some of the dangers of Web2.0 by combining fictional stories with technology that is real. Each story begins with a prologue, which introduces the problem, and finishes with a conclusion, which summ...

---

Group Policy related changes in Windows Server 2008 - Part 1: What are Starter GPOs?
In this article we will discuss “Starter GPOs”. With Starter GPOs you get the ability to save baseline templates to use when creating new Group Policy Objects (GPO). These templates can actually be exported to other domain environments, giving you en...

---

Web Application Hacking vs the IDS
This paper discusses the constantly changing landscape of web application hacking and how this can be detected with an Intrusion Detection System (IDS). The author pays particular attention to encoding, or the process by which information is taken f...

---

Privacy - Keeping your information confidential
Important tips on keeping your information confidential when using the net.

---

Recipe for Mobile Data Security
In this paper, Tom Olzak explores the challenges facing security managers responsible for laptop data security, TPM technology, and how the features of a TPM can integrate with Microsoft’s Bitlocker and Active Directory technologies to provide for mo...

---

A Practical Application of Background Investigations for Small Company Security Perimeters
Companies spend millions of dollars every year to implement applications and hardware for the sole purpose of preventing outside entities from exploiting their computer resources, yet each year it is reported that the majority of Computer Security I...

---

The Death of Leadership in Management
The intention of this paper is to outline the author's views on leadership techniques when it comes to the management of personnel. It will also describe the differences one faces between managing personnel and managing processes to include wha...

---

Contact | Sitemap | Privacy