PacketSource — Security White Papers
 
A A A
 

All pages tagged with vulnerability

Introduction to the NSA Infosec Assessment Methodology (IAM)

On May 22, 1998 President Clinton signed Presidential Decision Directive 63 (PPD 63). This directive outlined the civilian and governmental responsibility of protecting the US Critical Infrastructure and established the ...

Written by: Mitchell Rowton and added on April 2, 2011

Will Your Network Pass a Security Audit?

It is a well-known fact that in the Internet-connected world network perimeter vulnerabilities do exist that allow unauthorized individuals access to networks and provide the ability to disrupt business continuance. ...

Written by: Michael Bruck and added on June 22, 2011

Secure programmer: Countering buffer overflows

This article discusses the top vulnerability in Linux/UNIX systems: buffer overflows. This article first explains what buffer overflows are and why they're both so common and so dangerous. It then ...

Written by: David A. Wheeler and added on April 29, 2011

The Oversight of Physical Security and Contingency Planning

In today's ever-changing world of information assurance and network security, it can become extremely difficult to keep up on the latest vulnerabilities,viruses, patches, trends, technology, hacker behaviors and activity. It's ...

Written by: Andy S. Krupa and added on Jan. 1, 2011

Introducing Defense-in-Depth to a Small ISP

With the recent spate of worms and vulnerabilities, and the increasing public awareness of same, a rural Internet Service Provider (ISP) requested some assistance in assessing the security of their ...

Written by: Rodney R. Anderson and added on June 27, 2011

Managing Linux Security Effectively in 2004

This article examines the process of proper Linux security management in 2004. First, a system should be hardened and patched. Next, a security routine should be established to ensure that ...

Document added on June 21, 2011

Using a layered security approach to achieve network integrity

It's becoming increasingly clear that the current model for network security -- defend the perimeter and patch, patch, patch -- has some serious shortcomings. First, relying on signature files and ...

Written by: Eric Ogren and added on March 6, 2011

Is the CISSP Becoming Watered Down?

The Certified Information Systems Security Professional (CISSP) has quickly become one of the most talked about certifications in the IT industry. Some may say it's approaching the popularity of Cisco's ...

Written by: Mitchell Rowton and added on Feb. 12, 2011

Location Based Windows Patch Management

In order to propagate, both these worms used known security vulnerabilities in the Windows operating system, vulnerabilities that at that time were already addressed by Microsoft and fixed by security ...

Document added on Jan. 2, 2011

Security Essentials: Patch Management as a Necessary Part of Defense In Depth a Case Study

The purpose of this policy is to establish standards for the timely and continuous vulnerability scanning and patch management of equipment that is owned and operated by the Institute of ...

Written by: Kay A. Cornwell and added on May 20, 2011