logo
Home Forum Sources Papers No-Paste User List Links Contacts EvilSentinel
Menu
- Home
- Forum
- Sources
- Papers
- No-Paste
- User List
- Links
- Contacts
- EvilSentinel

Last 5 Posts
Re: Quando due vecchi amici Linuxari parlano ..
Re: Ciau guys...
Re: Apache Log Poisoner
Re: Apache Log Poisoner
Re: Apache Log Poisoner

Last 5 Users
StAkeR
balordo
gain
malossi
murdercode

Login
Username
Password
Registrati qui .

217 users .
Home
Benvenuti su evilsocket.net .
Questo portale contiene sorgenti scritti in diversi linguaggi, papers e materiale riguardante la programmazione e la sicurezza informatica in genere .
Speriamo che la vostra permanenza sia costruttiva e possiate trarre qualcosa di utile dai lavori pubblicati .


Welcome to evilsocket.net .
This site contains sources written in different languages, papers and material about programming and security generally speaking .
We hope that your presence here will be constructive and that you will gain something usefull from published works .




In memory of rgod, great hacker, programmer and artist ... we'll miss you .

News
No excuses -- encrypt all laptops : Every year, more than 5,000 laptops are lost in taxis in London, New York, Chicago and other large cities. According to our research, in 2008 companies' topmost security investment was laptop encryption. Laptop hard drives are getting bigger and now can hold hundreds of thousand to hundreds of millions of sensitive records. As a CSO, one of your top priorities is probably to keep your company off the front page of the news. Is it inexcusable to have laptops in the field with unencrypted hard drives? With such new open source solutions as TrueCrypt, there are few excuses left: All laptops must be fully encrypted. Encryption technology is easy, but encryption solutions are hard. Key management and recovery make it difficult to manage large-scale encryption. Even low-cost encryption software for laptops can add up quite quickly if you deploy it on all laptops. Even if you can afford the cost of the software, however, you have to look at the complexity of the whole solutions
Can obscurity make cryptography better? : I often disagree when the so-called experts talk about security in terms of binary decisions. Managing security risk is always a cost/benefit trade-off compared to the value of the thing being protected. I have always been particularly bothered by security proponents who repeat the mantra, "Security by obscurity is no security," when that declaration is demonstrably incorrect. Obscurity does have value, sometimes significant value, especially in the context of the defense-in-depth paradigm. I've written several articles defending obscurity each year, both here and elsewhere. Even though I can present facts and numbers, and readily demonstrate repeatable experiments to back up my conclusions, my critics usually rely solely on emotional arguments. At the very least, they can never show me how obscurity decreases security without coming up with hyperbolic, unlikely scenarios. A friend shared a popular saying with me: "I can show you the facts, but never convince you."
Asprox computer virus infects key government and consumer websites : Cyber-criminals have attacked key government and consumer websites, allowing them to steal the personal details of anyone browsing the sites, The Times has learnt. Eastern European hackers are suspected of placing the Asprox virus on more than a thousand British websites, including those run by the NHS and a local council, in the past two weeks. Experts described the Asprox virus as a alarming departure from commonplace viruses which tend to be spread through rogue e-mails and unregulated websites. Unlike other viruses, Asprox sits undetected on mainstream sites, with any visitor at risk of being infected. The virus automatically installs itself on a visitor's computer, allowing a hacker to access financial information.
ITIL V3 Improves Information Security Management : This paper, written by Ginger Taylor, will begin with an historical overview of ITIL and then move into a high level overview of Version 3, with particular focus on the Information Security Management process. This paper will address how this process has matured and how organizations can better ensure the confidentiality, integrity, and availability of their IT services by implementing the ITIL framework.
How to Block NDR Spam : In this paper, submitted by GFI, They provide a technical explanation of NDR Spam and recommend solutions that can prevent or limit exposure to this kind of unsolicited email.
Web Application Security: Don't Bolt It On; Build It In : Caleb Sima submits this paper on Web applications and their inherent risks associated, specifically when security is introduced after development.
rss feeds from hackinthebox.org and infosecwriters.com
evilsocket.net - Projected and designed by evilsocket - All rights reserved