qzdrproject.wordpress.com
June | 2008 | Quizzy Drop
https://qzdrproject.wordpress.com/2008/06
QZ’s DrProject development blog. Archive for June 2008. Laquo; Quizzy Drop home page. Laquo; Older Entries. Dumb redirects interact poorly with forms. The current design for an improved role editor is still in prototype, but this is what it looks like:. The implementation of role removal is problematic, which I will be illustrating. Upon pressing the Remove button, this confirmation form is unhidden using JavaScript:. Action=remove role) if the role is still in use:. If the role to be removed is still in...
matthiasrohr.blogspot.com
Matthias Rohr: July 2011
http://matthiasrohr.blogspot.com/2011_07_01_archive.html
My thoughts on application security engineering, management and assurance. Monday, July 18, 2011. When it comes to conducting a security review of an application architecture (aka design review) there are basically two major terms that are often referenced. First the software-centric Threat Modeling. Approach by Microsoft. Second, one suggested by Gary McGraw that is known as Architectural Risk Analysis. For instance, we end up with a list of qualitative risks. By John Steven on "Advanced Threat Modeling...
matthiasrohr.blogspot.com
Matthias Rohr: Pushing Appsec Left in the SDLC
http://matthiasrohr.blogspot.com/2011/07/pushing-appsec-left-in-sdlc.html
My thoughts on application security engineering, management and assurance. Saturday, July 2, 2011. Pushing Appsec Left in the SDLC. There are basically two main reasons why conceptual application security is so vital. First, the cost factor:. There are plenty of studies comparing costs of defect fixing in different development lifecycles. Graff and van Wyk estimates, for instance, estimates in their book Secure Coding: Principles and Practices. Second, the archived level of security. With this first conc...
linux.ufaras.ru
Безопасность: iptables, snort, xinetd, chroot, шифрование, rootkit, ...
http://linux.ufaras.ru/secur.html
53 Системы обнаружения вторжения - Intrusion Detection System. 531 Проекты, разработанные для представления данных, сохраненных Snort'ом, в понятном виде. 55 Access Control List. Для bind, sendmail). 58 Сканеры портов, снифферы. 58A Обнаружение сканирования, атак на отказ в обслуживании, снифферов. 58B Определение типа операционной системы хоста, инициирующего соединение с вами. 511 Средства, позволяющие проверить целостность системы. 513 Удаленный лог-сервер (remote log-server). 524 OpenSSL and OpenSSH.
cellstreamblog.blogspot.com
The CellStream Blog: January 2011
http://cellstreamblog.blogspot.com/2011_01_01_archive.html
Wednesday, January 12, 2011. The Central Office Transformation. My recent post on the evolution of the telephone. What will we put into these emptying but valuable and capable facilities? Not at all. In fact, the phone company can do this and by using virtual machine technology, actually release/resell the physical servers several times over. The business case is actually quite compelling. This expands the Service Provider offerings into the realm of cloud services that we ourselves are using...The overa...
radajo.com
RaDaJo (RAul, DAvid and JOrge) Security Blog: April 2007
http://www.radajo.com/2007_04_01_archive.html
RaDaJo (RAul, DAvid and JOrge) Security Blog. Turning Information Security Inside-Out. April 17, 2007. Writing Secure Code: The Root Cause of the Problem? The son of the son of the son of my son will be able to make a living as a security professional. We finally get the idea and start fixing the root of nowadays security issues, vulnerable software. I finished my Masters degree in Computer Science a decade ago, and at that time, I didn't go through a single security best practice in any of the different...
linux.anrb.ru
Безопасность: iptables, snort, xinetd, chroot, шифрование, rootkit, ...
http://linux.anrb.ru/secur.html
53 Системы обнаружения вторжения - Intrusion Detection System. 531 Проекты, разработанные для представления данных, сохраненных Snort'ом, в понятном виде. 55 Access Control List. Для bind, sendmail). 58 Сканеры портов, снифферы. 58A Обнаружение сканирования, атак на отказ в обслуживании, снифферов. 58B Определение типа операционной системы хоста, инициирующего соединение с вами. 511 Средства, позволяющие проверить целостность системы. 513 Удаленный лог-сервер (remote log-server). 524 OpenSSL and OpenSSH.