All pages tagged with privilege
Cross-Site Scripting Vulnerabilities
A CSS vulnerability is caused by the failure of a site to validate user input before returning it to the clientÂ’s web-browser. The essence of cross-site scripting is that an ...
Document added on April 12, 2011Downstream Liability for Attack Relay and Amplification
While accessing the Internet at work, Jane finds a six-month old vulnerability in MegacorpÂ’s web server. Exploiting this vulnerability, Jane is able to gain privileged access to the system. From ...
Document added on March 7, 2011SQL Injection and Oracle, Part Two
This is the second part of a two-part article that will examine SQL injection attacks against Oracle databases. The first installment offered an overview of SQL injection and looked at ...
Written by: Pete Finnigan and added on April 29, 2011DNS Security Considerations and the Alternatives to BIND
This paper is going to discuss the important considerations of the DNS Security. Due to the continuous break-ins to BIND 8 (one of the most popular choice of DNS server) ...
Written by: Seng Chor, Lim and added on June 3, 2011Authentication and Authorization: The Big Picture with IEEE 802.1X
In the enterprise, Auth-x will provide IT staff and network managers with the ability to tighten security by enabling improved, automated implementation of their security policy. Auth-x brings authentication and ...
Written by: A Arthur Fisher and added on Feb. 8, 2011Over Your Shoulder: Why Your Employer is Entitled to Watch You
One of the reasons the Internet continually been a subject of lively debate is the crackdown of employers on the use of web-surfing and e-mail applications in the workplace. This ...
Written by: Ben Malisow and added on Jan. 16, 2011Implementing Least Privilege at your Enterprise
Enterprise security involves people, process and technology. The principle of least privilege can and should be applied to all of those areas An expansion of the topic of "least privilege" ...
Written by: Jeff Langford and added on Jan. 31, 2011Benefits Of Implementing Secure Computing's Sidewinder Firewall Appliance At A U.S. Army Military Installation
The implementation of the Sidewinder firewall solution would transparently support the upgraded network demands and add essential security mechanisms such as Application Layer protection, Stateful Inspection technology, etc. These functionalities ...
Written by: Andrew Rafla and added on April 15, 2011IMPLEMENTING sudo TO REPLACE su
As a historically semi-autonomous user community, conducting research on its own, mostly in isolated labs, and separate from the main production lines, the POISE group has enjoyed an usually high ...
Document added on Jan. 31, 2011RBAC In The Real World
In the computer industry, access control refers to managing the ability for people to access computers and computer resources. Access control should enhance security without hindering someone from performing his ...
Written by: Christine Occhipinti and added on March 9, 2011