openssl Resources on ZDNet

ZDNet Resources

Using the openssl command-line program: OpenSSL can be used to create, request, sign, and revoke certificates and can also be used to perform other cryptographic operations such as creating hashes for files, testing SSL connections, and more.; Tags: OpenSSL, Vincent Danen, Ssl/Tls, Authentication/Encryption, Network Security, Security, Networking; Download resources 2008-04-30
Fixes are in for openssl: Fixes are in for OpenSSLOpen Serial Specail Layer and technologyThe fixes I could do would be to include a number, no one could guess it. Like a number between 1 and 10.Then it would make it more secure and hacker proof.; Tags: SSL/TLS, OpenSSL; Discussion threads 2004-03-17

Additional Resources

New tool cracks most enterprise wireless LANs: New tool cracks most enterprise wireless LANsThat's why I don't use these methods for securityYou have to consider wireless networks as inherently insecure, whether you use wep, wpa or any of this complicated key crap. They were asking for wireless acces here at my corp for a long time and...; Tags: PRODUCTIVITY, Modems, Wi-Fi, Network security, Cable, Exe, enterprise Wireless LAN, wireless, tool, RADIUS; Discussion threads 2008-03-06
Microsoft's Michael Howard: Sure we have security problems, but we're fixing em: Microsoft's Michael Howard: Sure we have security problems, but we're fixing emWorst in IT historyMicrosoft is the worst kid in class and should be ashamed of what they've accomplished. No other platform comes even close to the abysmal security in Windows, to even try to compare it with the alternatives...; Tags: Operating systems, security, Microsoft Corp., Microsoft Windows, Michael Howard; Discussion threads 2008-02-22
Text Encrypter (dmg): Text Encrypter is a powerful text encryption program that may be used to encrypt blocks of arbitrary text or files. Text Encrypter uses OpenSSL and RC-4 (128-bit) encryption technology, which is the method primarily used on most secure Web sites. Encrypted files will have the .crypt suffix appended to the...; Tags: Sequence, Text Encrypter, Ssl/Tls, Security; Software downloads 2008-02-20

Security metrics: Is there a better way?: Security metrics: Is there a better way?Open Source vs. Closed SourceUnfortunately, the biggest problem here is open source vs. closed source. Here's the deal, it's easier to find bugs in open source apps, as you can see the source. On top of that, closed source (Windows) often means...; Tags: Web servers, Operating systems, Microsoft Corp., server, vulnerability, security, Microsoft Windows, Web server, software; Discussion threads 2008-01-25
First iPhone Trojan in the wild: First iPhone Trojan in the wildSo let me get this straight...So let me get this straight, first you have to jail break the iPhone, then you have to download the program, then you have install it onto the iPhone. It also doesn't hurt the iPhone in any way, but...; Tags: Spyware, Spyware, adware & malware, Viruses and worms, SECURITY, Cyberthreats, Microsoft Windows Mobile, trojan horse, Apple iPhone, iPhone Trojan; Discussion threads 2008-01-08
Google ships open-source security fuzzer: Google's security team has released a fuzz testing tool that was used internally to find multiple vulnerabilities in Internet-critical software products. The fuzzer, called Flayer, is an analysis and flow alteration tool that has been used to find errors in real software. In the past...; Tags: Security, Google Inc., Open Source, Ryan Naraine; Blog posts 2007-09-18
How to implement SSL or TLS secure communications: How to implement SSL or TLS secure communicationsInformative post - Thanks GeorgeThanksWhy not a free certificate?Why did you not mention that it's possible to get a free certificate from CACert.org? It seems that many individuals and small businesses could benefit.ot the right area for securitySecurity at this level has...; Tags: Quality, SSL/TLS, Network security, Operating systems, certification, SSL, Linux, TLS; Discussion threads 2007-07-20
JBoss takes Exadel tools to Eclipse open source: JBoss.org and Red Hat this week took a significant step toward finalizing Red Hat Developer Studio with the introduction of the Exadel Eclipse plug-ins under open source.Tony Baer has a good write-up on this.Exadel contributed the plug-ins, along with Ajax4sf and RichFaces, to Red Hat last March with the goal...; Tags: Software Infrastructure, Software Development, SOA, Open Source, JBoss, IDEs, Enterprise Java, Eclipse, Developer Tools, Agile Development; Blog posts 2007-06-27
XAMPP (6): Many people know from their own experience that it's not easy to install an Apache web server and it gets harder if you want to add MySQL, PHP and Perl. XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really very easy to install...; Tags: Perl, MySQL, PHP, Apache Software Foundation, XAMPP, Open Source, Scripting Languages, Software/Web Development, Web Development; Software downloads 2007-06-27
The CDDL example: The CDDL exampleNow, if we could just replace the GPL with this (or the FreeBSD licence)...then maybe development would extend from the community to the commercial much further (with respect to Linux etc).Communism, sorry, socialism never worked in Mother Russia and it sure doesn't do a damn thing for open...; Tags: OPEN SOURCE, Sun Microsystems Inc., convergence, CDDL, GPL, LGPL; Discussion threads 2007-05-31
S-IMessenger (exe): With S-IMessenger you can be sure that all your communication is secure. S-IMessenger is capable of using TLSV1 , SSLV3, SSLV2 (not recommended) protocols. For all the TLS/SSL communication, S-IMessenger uses the industry standard tool-kit OpenSSL. Besides all the communication that takes place between the client & the server being...; Tags: Communication, S-IMessenger, Ssl/Tls, Network Security, Authentication/Encryption, Security, Networking; Software downloads 2007-05-24
U.S. government's NOAA site hacked by pill pushing spammers: U.S. government's NOAA site hacked by pill pushing spammersproves a pointSo you can't just slap on a non-MS OS and be safe? Who knew? ;)All hail the admins!This is what ZDNET runs1064824 about.com.com CNET Networks, Inc, 235 Second Street, San Francisco, 94105, United States August 2005 Apache/2 Linux18625 adlog.com.com CNET Networks, Inc, 235 Second Street,...; Tags: Linux, OPEN SOURCE, Spam, UNIX, Operating systems, Servers, NOAA, U.S. Government, Second Street; Discussion threads 2007-03-05
Another nail in the AACS coffin: A hacker has put another nail in the coffin of the HD encryption scheme AACS - the device key for WinDVD 8 has been found.[poll=94]A hacker going under the pseudonym of ATARI Vampire has discovered the device key for WinDVD 8 and posted their findings on the Doom9 forum. ...; Tags: DRM, HD-DVD, Blu-ray; Blog posts 2007-02-25
Think 'Patch Tuesday' is just for Microsoft? Think again!: Multiple Cisco vulnerabilities affecting IPS functionality in routers, PIX/ASA/FWSM firewalls, Switches. Multiple Cisco vulnerabilities affecting SIP/FTP/HTTP inspection in PIX/ASA products. While the patches are available, most Cisco devices are rarely if ever patched. For example, here is a long list of issues within the last three months...; Tags: VoIP, Browsers, Desktop, Vista, Hardware, Networking, Mobile/Wireless, Security; Blog posts 2007-02-16
Interview with Mike Melanson, lead engineer on the Linux Flash Player team: Mike Melanson, the lead engineer on Adobe's Flash Player team, and one of the talented people behind the Linux Flash Player agreed to do an email interview with me about Linux and Flash. You can keep up to date on development for the Linux player over on the teams blog...; Tags: Linux; Blog posts 2006-08-29
LightCA (zip): A simple Certification Authority. You can create the certification authority key pair, other certificates, requests and revocations lists. This program needs the openssl package for Windows, downloadable at this address.; Tags: Microsoft Windows, Operating Systems, Software; Software downloads 2006-08-07
Cache-Collision Timing Attacks Against AES: This paper describes several novel timing attacks against the common table-driven software implementation of the AES cipher. The authors define a general attack strategy using a simplified model of the cache to predict timing variation due to cache-collisions in the sequence of lookups performed by the encryption. The attacks presented...; Tags: AES, Attack, Network Security, Security, Networking; White papers 2006-07-11
SQLcrypto. (zip): About SQLcrypto SQLcrypto is a suite of cryptographic extended procedures written in C/C++ language. It provides an affordable and effective security solution for your database server. It currently supports industrially recognizable symmetric ciphers and hash algorithms. Ciphers include AES, Blowfish, CAST5, Triple DES, DESX, IDEA, RC4, and RC5. Message digestion...; Tags: Algorithm, About SQLcrypto SQLcrypto, Engineering, Storage, Databases, Security, Hardware, Enterprise Software, Software, Data Management; Software downloads 2006-05-19