|
 |
diumenge, 24 / abril / 2005 |
Malware Evolution - January - March 2005, informe trimestral de Kapersky Lab sobre l'evolució del malware. En aquesta edició tracta sobre els motius pel quals sembla que els virus ja no provoquin epidèmies, l'augment dels atacs contra els sistemes de missatgeria instantània, els efectes del Service Pack 2 de Windows XP en la seguretat i la consolidació dels programes espies i de publicitat.
|
19:34 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
Operational Security Requirements for Large Internet Service Provider (ISP) IP Network Infrastructure indica quin són els requeriments operatius de seguretat que ha de tenir un proveïdor de serveis d'Internet i en general tothom que tingui una xarxa IP de gran mida. Indica les mesures que cal aplicar a nivell de xarxa (encaminadors i commutadors)
Network operators need tools to ensure that they are able to manage their networks securely and to insure that they maintain the ability to provide service to their customers. Some of the threats are outlined in section 3.2 of [RFC2196]. This document enumerates features which are required to implement many of the policies and procedures suggested by [RFC2196] in the context of the infrastructure of large IP-based networks.
|
17:07 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
[BigAdmin] The Solaris Cryptographic Framework.
The Solaris Cryptographic Framework provides cryptographic services to users and applications through commands, a user-level programming interface, a kernel programming interface, and user-level and kernel-level frameworks. The Solaris Cryptographic Framework provides these cryptographic services to applications and kernel modules in a manner seamless to the end user, and brings direct cryptographic services, like encryption and decryption for files, to the end user.
The user-level framework is responsible for providing cryptographic services to consumer applications and the end-user commands. The kernel-level framework provides cryptographic services to kernel modules and device drivers. Both frameworks give developers and users access to software-optimized cryptographic algorithms.
The programming interfaces are front-ends to each of the frameworks. A library or a kernel module that provides cryptographic services can be plugged into one of the frameworks by the system administrator, making the plug-in's cryptographic services available to applications or kernel modules. This flexibility allows the system administrator to plug in different cryptographic algorithm implementations or hardware accelerated cryptographic providers.
|
01:00 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
Worm Hotspots: Explaining Non-Uniformity in Worm Targeting Behavior, un interessant treball que posa de manifest les limitacions en els mecanismes disponibles actualment per a la mesura de l'activitats dels cucs.
Long after the Blaster, Slammer/Sapphire, and CodeRedII worms caused significant worldwide disruptions, a huge number of infected hosts from these worms continue to probe the Internet today. This paper investigates hotspots (non-uniformities) in the targeting behavior of these important Internet worms. Recent data collected over the period of a month and a half using a distributed blackhole data collection infrastructure covering 18 networks including ISPs, enterprises, and academic networks show 75K Blaster infected hosts, 180K slammer infected hosts, and 55K CodeRedII hosts. We discover through detailed analysis how critical flaws and side effects in the targeting behavior lead to a significant bias for certain destination address blocks. In particular, we demonstrate three previously unexplored biases: a severely restricted initial random seed forcing infection attempts to certain blocks; flaws in the parameters of a random number generator making certain hosts cycle through limited target addresses; and the widespread use of private address space dramatically changing the targeting distribution of certain worms. A direct consequence of these biases is that certain blocks are subjected to far more infection attempts than others. We discuss the implication of these hotspots on worm simulation and modeling, placement of blackhole sensors, worm detection and quarantine.
|
00:51 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
NetworkWorld Executive Guide, una col·lecció de notícies, proves de productes i anàlisis publicades per la revista NetworkWorld sobre virtualment tots els temes de seguretat informàtica, des de la gestió de les actualitzacions fins als serveis de gestió de la seguretat. Molt aconsellable.
|
00:40 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
[NetworkWorldFusion] Security in new Opera browser fights phishing. Presentat l'Opera 8, amb funcions especials per detectar els atacs phishing.
The desktop browser gives extra information about the identity of Web sites, automatically activating an information field that gives a level of security from 1 to 3 and listing the certificate owner of the site when the user visits a secure Web site. The browser can also identify the origins of pop-up Web sites, Sivertsen said.
"The security field lets regular people check the identity of the site, which the URL matches with the security certificate," Sivertsen said. "With phishing attacks, Web site spoofing and other forms of online fraud becoming more common, we've seen a great need for this technology."
Sobre l'Opera 8 avui a la vaca he vist que si es baixen més d'un milió de còpies en quatre dies el president de l'empresa anirà nedant des de Noruega als Estats Units.
|
00:29 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
 Easy Integrity Check és un sistema per a la verificació de la integritat dels fitxers, pensat com un sistema de detecció d'intrusions en detectar la modificació no autoritzada de determinats fitxers, fàcil d'utilitzar i de configurar. Per a sistemes Unix.
|
00:05 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
© Copyright 2003-2005 Xavier Caballe.  . Si no s'indica expressament el contrari, el material publicat en aquest weblog es distribueix d'acord amb la llicència Creative Commons. El contingut és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.
|
|
Enregistrament de la 
