All pages tagged with session
Introduction to the NSA Infosec Assessment Methodology (IAM)
On May 22, 1998 President Clinton signed Presidential Decision Directive 63 (PPD 63). This directive outlined the civilian and governmental responsibility of protecting the US Critical Infrastructure and established the ...
Written by: Mitchell Rowton and added on April 2, 2011Malicious Hackers and Spam, Part 2
I discovered that a spammer was using the client's server to relay spam. Although the server wasn't an open relay, the spammer was somehow authenticating to the server to send ...
Document added on Feb. 28, 2011Nokia IPSO Boot Manager Upgrade Instructions
As the title suggest I documented this process while upgrading an IP330, these steps may or may not be the same for other Nokia IP products.<br></br><br>Download file</br><br>Go to https://support.nokia.com and ...
Written by: Mitchell Rowton and added on March 2, 2011Master-Key Cryptosytems
We initiate the study of a new class of secret-key cryptosystems, called master-key cryptosystems (MKCSs), in which an authorized third party (hereinafter called "the government," although it need not literally ...
Written by: Matt Blaze, Joan Feigenbaum, and F. T. Leighton and added on June 11, 2011Penetration Testing for Web Applications (Part Three)
In the first installment of this series we introduced the reader to web application security issues and stressed the significance of input validation. In the second installment, several categories of ...
Document added on June 30, 2011Predictability of Windows DNS resolver
The main DNS security issues have very often focused on server side problems and vulnerabilities. This paper focuses on Windows client DNS service, also called DNS resolver. This paper explains ...
Written by: Roberto Larcher and added on Feb. 20, 2011Deploying a Secure Web Application: From a Coding Perspective
The purpose of this document is to give a developer a very detailed and reproducible guideline for the development of a typical web application. The focus will be on common ...
Document added on March 3, 2011Web Application Security for managers
As a manager, part of your job is to plan and prioritize tasks and to control the work done. To plan and prioritize tasks, you need to have a global ...
Document added on March 13, 2011Have Root, Will Hack:
This story is true; only the names have been omitted to protect the (sort of) innocent. Monday, 7:15 AM: I log onto my Solaris box and start the day's regimen. ...
Written by: Robert G. Ferrell and added on June 25, 2011The Internal Threat to Security Or Users Can Really Mess Things Up
On one hand, the media is replete with reports of hackers exploiting various weaknesses in order to gain access to a network and the data it houses. Most, if not ...
Written by: Charles Rhodes and added on March 7, 2011