On MP3.com: Eye Views: 30-sec album reviews
BNET Business Network:
BNET
TechRepublic
ZDNet

ZDNet Resources

PCI DSS and HIPAA: The Security Standards Share Common Ground
One of the greatest challenges that the electronic transactions industry faces today is the issue of security requirements under various rules and regulations. For most people in the industry, the issue is focused on the specifics of the Payment Card Industry Data Security Standard PCI DSS, but the issue may...
Tags: Security Requirement, Industry, Security Standard, CSRSI, Hipaa, Regulatory Compliance, PCI, Regulations, Security, Healthcare, Government, Human Resources, Policies And Procedures, Storage, Hardware
White papers 2007-08-01
IPsec/VPN Security Policy Engineering: Automatic Generation and Conflict Detection
IPsec is a useful IP layer security protocol which can provide authentication and encryption for end-to-end traffic flow, but configuring IPsec VPN tunnels is notoriously complicated because it has so many options (key exchange, ciphers, authentication etc) to configure. Thus the ultimate solutions to the security requirements are often prone...
Tags: Security Requirement, Tunnel, IPSec, VPNs, Network Security, Security, Networking
White papers 2006-06-01
IPSec/VPN Security Policy Correctness and Assurance
With IPSec/VPN policies being widely deployed, how to correctly specify and configure them is critical in enforcing security requirements. Under current practice, IPSec/VPN policies are usually specified manually by system administrators and thus prone to errors. However, dynamic aspects in the network may interfere with the existing policy set up...
Tags: Security Requirement, IPSec, VPNs, Network Security, Security, Networking
White papers 2006-05-23
Networks on wheels
More and more cars and trucks are equipped with some kinds of wireless networking devices, helping to create applications based on vehicle to vehicle communications. But these types of networks present some new security challenges because of the short contact times between different mobile nodes and of the large size...
Tags: network, security
Blog posts 2006-02-01
10 New Year's resolutions for net admins
Lining up priorities and planning improvements sounds like business as usual for network administrators. But now's the time to take a broad view and see what you want to accomplish over the entire year to come. IT pros are focusing their attention on a variety of concerns...
Tags: Security Requirement, Administrator, Information Technology, Strategy, Security, Management
Download resources 2005-12-20
Security Requirements in Service Oriented Architectures for Ubiquitous Computing
This work presents a detailed analysis of the security requirements for Service Oriented Architecture in mobile computing, still missing in the current literature. The purpose of this work is twofold. First, to provide protocol architects and software engineers with a map of security requirements in ubiquitous computing, through the evaluation...
Tags: Security, Security Requirement, Ubiquitous Computing, SOA, Association For Computing Machinery, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software
White papers 2005-02-20
Johns Hopkins Bloomberg School of Public Health: Discover how a Leading Public Health Authority Adopted a Security Enhancing Remote-Access Solution
The Johns Hopkins Bloomberg School of Public Health Information Systems team required a secure solution that enabled remote desktop access for faculty and staff working remotely. The solution needed to meet the school's security requirements, including HIPAA compliance, and could impose no additional burden on network staff, a requirement that...
Tags: Security, Security Requirement, Team, Public Health, Team Management, Healthcare, Management
Case studies 2004-10-28

Additional Resources

21 months later, Vista is still more secure than XP
Last October, roughly one year after the release to manufacturing of Windows Vista, I did a comparison of how well Windows Vista was living up to its promise of being more secure than its predecessor, Windows XP. My data source was the Microsoft Security Bulletin Search page, where I tallied...
Tags: Security, Microsoft Windows Vista, Microsoft Windows Vista (Longhorn), Microsoft Windows XP, Microsoft Windows, Operating Systems, Software, Ed Bott
Blog posts 2008-07-25
Microsoft joins 'patch DNS now' chant; Apple patch missing
On the heels of the release of weaponized exploit code for the DNS cache poisoning vulnerability, Microsoft has joined the chorus of security pros pleading with DNS server providers to immediately apply patches to protect users from malicious attacks. The Redmond, Wash. security...
Tags: Apple Macintosh, DNS, Vulnerability, Apple Inc., Exploit Code, Microsoft Corp., Attack, Dan Kaminsky, Domain Names, Apple Mac OS X, Networking, Security, Internet, Operating Systems, Software, Apple Mac OS, Ryan Naraine
Blog posts 2008-07-25
Britain moves against illegal file sharing
CBC News out of Canada is reporting that British ISPs are making an aggressive move against illegal file sharing by implementing a program designed to discover copyright violators, who will be sent warning letters and may potentially have their internet connections disconnected. For more on the article,...
Tags: File-sharing, Peer To Peer (P2P), Internet Service Providers (ISPs), Internet, Nathan McFeters
Blog posts 2008-07-25
GMail adds "https:"-only connections but still not by default
Google has added a new "Browser Connection" feature to GMail to allow users to force e-mail sessions to always use the more secure "https:" protocol but, strangely, this is not turned on by default. In the Settings tab, at the very bottom, GMail users can now select...
Tags: Google Inc., Google Gmail, HTTP, E-mail Providers, Cloud Computing, Internet, Ryan Naraine
Blog posts 2008-07-25
How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability
The short answer is being paranoid about tackling a known vulnerability. It's 2001, and Daniel J. Bernstein DJB, author of the then popular djbdns security-aware DNS implementation, is applying basic math principles to raise awareness on what's to turn into the "sky is falling" critical Internet vulnerability in 2008, in...
Tags: DNS, Vulnerability, Anomaly, Attack, OpenDNS, MaraDNS, NSS, Domain Names, Networking, Internet, Dancho Danchev
Blog posts 2008-07-25
Offshore outsourcers likely to beef up security following Bangalore blasts
A series of bombs have exploded in Bangalore and companies that have technology operations in India are likely to need increased security precautions following what appears to be a terrorist attack. According to various reports from Reuters and Rediff.com, nine bomb blasts have rattled Bangalore, which hosts...
Tags: India, Bangalore, Rediff.com India Ltd., Sacchin Uppal, Outsourcing, Business Security, Security, It Operations, Business Operations, Outsourcing & Subcontracting, Larry Dignan
Blog posts 2008-07-25
Heap-based buffer overflow reported in RealNetworks RealPlayer
Update 07/25/2008: Aaron Portnoy of TippingPoint's security research group was kind enough to point out that I'm actually not affected by this, since I've installed the newest version of RealPlayer.  From Aaron's email: Notice the Secunia advisory states it affects RealPlayer 10.5... the latest is 11.x, which now uses...
Tags: Vulnerability, RealNetworks Inc., Buffer-overflow, RealNetworks RealPlayer, Secunia Research, Vendor, Digital Music, Digital Media, Personal Technology, Consumer Electronics, Nathan McFeters
Blog posts 2008-07-25
News to know: 'Spam king' dead; Microsoft's cloud; Dell;
Notable headlines: Ryan Naraine: Escapee 'Spam King' dead in apparent murder-suicide CBS Denver Video: 'Spam King' Inmate Dies Along With Wife, Daughter Mary Jo Foley: Ozzie foreshadows 'Zurich,' Microsoft's elastic cloud Microsoft to get more 'Apple-like' in PC,...
Tags: Larry Dignan
Blog posts 2008-07-25
Escapee 'Spam King' dead in apparent murder-suicide
Escapee 'Spam King' dead in apparent murder-suicideGood riddance to bad rubbish.Too bad he took others with him.Escapee 'Spam King' dead in apparent murder-suicideThis is very sad. There was no reason for him to take other people's lives.Much sadder then you think. Much SadderAs an avid computer enthusiast, owning...
Tags: INTERNET, apparent murder-suicide, Escapee, murder-suicide, Spam King
Discussion threads 2008-07-24
Escapee 'Spam King' dead in apparent murder-suicide
Convicted spammer Eddie Davidson, who escaped from federal prison over the weekend, killed his wife and 3-year-old daughter before killing himself in what is being described as a murder-suicide. Colorado's 9News.com said the tragic end of the man known as the "Spam King" was confirmed by the...
Tags: Prison, Sheriff, Internal Revenue Service, Attorney, Healthcare, Ryan Naraine
Blog posts 2008-07-24
Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soon
Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soonTTLSomething I wish I'd asked during the webcast and which I can't quite get my head around:It was said that setting a long TTL doesn't help because of the way delegation works - has to...
Tags: Domain names, DNS server, TTL, server, Kaminsky
Discussion threads 2008-07-24
Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soon
I listened to the Black Hat webcast today to grab as much info as I could on this subject. The biggest thing that I heard from the whole talk is that the patch fixes things to a reasonable point, but that long-term, there will have to be more work...
Tags: CERT, DNS Server, Server, Kaminsky, Dan, Patches, Domain Names, Security, Internet, Nathan McFeters
Blog posts 2008-07-24
Don't doubt Deputy Dan
Don't doubt Deputy Danfound articleI found this related article Security Snafu Puts Dangerous Internet Flaw into Hackers’ Hands
Tags: Deputy Dan
Discussion threads 2008-07-24
  • << Previous
  • page 1 of 1
  • Next >>
advertisement
advertisement
advertisement
Click Here