Archive for the 'Security' Category

Errata Security: Cyberwar is fiction

Monday, June 7th, 2010

“The conflicts between nation states in cyberspace are nothing like warfare, and the tools hackers use are nothing like weapons. However, this fiction is what is driving national policy, and that worries me a lot. I feel this cluelessness is a bigger d…

Panopticlick | How unique is your browser?

Monday, May 17th, 2010

a project from Electronic Frontier Foundation. Tests your web browser’s signature by checking user-agent string, browser plug-ins, HTT_ACCEPT, etc

[ENG ]Xen vs. KVM security architecture comparison [from forum.opennet.ru - "Qubes - новая безопасная операционная система на базе Linux ..."]

Tuesday, April 13th, 2010

Notes (exert) from Joanna Rutkowska recent paper comparing KVN and XEN architectures from security and design standpoint

robtex- swiss army knife internet network information tool

Thursday, March 18th, 2010

websites that provides a lot of useful info, like RBL (Relay Black Lists ), DNS, AS, BGP, etc

Running 10M nodes linxu network for malware research /Security [LWN.net] artcile /

Friday, March 12th, 2010

Article covers SCALE8x presentation from Ronald Minnich /Scandia Nat. Labs/ about issues involved running large scale networks [ >10M nodes ] . Article contains a lot of useful links, recommended reading.

GreenSQL | Open Source Database Security, SQL Injection Prevention

Tuesday, March 9th, 2010

SQL-proxy/filtering software for MySQL and PostgreSQL databases, used to prevent SQL-injection-like attacks, filter-out dangerous SQL, etc

CCC-TV – 26C3: Here be Dragons (1/3)

Thursday, January 14th, 2010

Video archive for Chaos Communications Congress 2009 (CCC – a well-knows security conference )

Default Password List

Tuesday, January 5th, 2010

default passwords list for various hardware devices

Understanding the TLS Renegotiation Attack – Educated Guesswork

Tuesday, November 10th, 2009

explains Marsh Ray’s attack in details, pls patch to fix the TLS protocol

Electric Alchemy: Cracking Passwords in the Cloud: Breaking PGP on EC2 with EDPR

Wednesday, November 4th, 2009

article tells you that using elcomsoft tools, you can brute-force PGP pass-phrase in ~120 days for ~$9K on 10 EC2 instances.