Some security experts have dismissed Website seals such as Hacker Safe and ControlScan as more marketing ploy than security, and hackers have fueled the debate by exposing cross-site scripting vulnerabilities on sites proudly emblazoned with seals from Hacker Safe and other security seal providers. (See Hackers Reveal Vulnerable Websites and Are ‘Sealed’ Websites Any Safer?.)
Website Security Seals Get a Boost
November 2nd, 2007 · Comments Off
Tags: · Website security
How to Stop Snarfing and Other Common Switch Hacks
October 15th, 2007 · Comments Off
ARP poisoning, SNMP snarfing, and "fuzzing" are common hacks perpetrated on Ethernet switch gear. Cisco networking expert Jimmy Ray Purser explains how to guard against these hacks.The only thing I enjoy more than seeing my mother-in-law head back to Ohio is hacking Ethernet switches. I do a presentation on hacking switch gear that seems to [...]
Tags: · snarfing, stop snarfing, switch hacks, Website security
Some unanswered website vulnerability questions
October 15th, 2007 · Comments Off
In the industry we discuss at great length the legal risks and ethical responsibilities of the person disclosing an issue, but not enough about the same when it comes to the business itself. I’ve had a hard time getting authoritative answers to some seemingly simple questions, so I figured I’d give the blog a try. [...]
Tags: · Website security
Common Denial of Service Attacks
October 15th, 2007 · Comments Off
Denial of service attacks come in two types: Denial of Service attacks (DoS) and Distributed Denial of Service attacks (DDoS). A DoS attack is ‘an attack in which a third party purposely floods a network or website with traffic in order to prevent legitimate access (“Denial of Service”, 2007)’. A DDoS ‘occurs when multiple [...]
Tags: · DDOS, dos, Website security