Domain: securityfocus.org
Stories and comments across the archive that link to securityfocus.org.
Stories · 5
-
Microsofts "Honeymonkey" Project
g0bshiTe writes "Ever hear the saying, 'given enough time a room full of monkeys could type out Shakespeare'? Well Microsoft seems to be taking this saying to heart, and taking a cue from the Honeynet project, they have created what they have dubbed 'honeymonkeys.' Security Focus has an article which describes this honeymonkey network, which is little more than a network of virtual Windows XP boxes in various patch states. These boxes are setup to crawl the seedier side of the web in search of vulnerabilities not bieng reported, and are being actively exploited in an attempt to further secure their product. Sounds like a decent idea from the Redmond crew to me." -
SSH Vulnerability and the Future of SSL
iamchris writes "Growing complacent in regards to security is dangerous. I've become more and more dependant on the SSL-type tools for my security... ssh itself, ssl for my web content, scp, sftp, etc... We all know nothing is 100% secure (or if you don't, God help you). An article on Security Focus cites a vulnerability with SSH and passwords. We usually type them in letter-by-letter. A lot of information can be gleaned from the timing of the keystrokes and some (relatively simple) packet decoding. Is there a better alternative to SSL based tools (Perhaps TLS)? Is there anything that can be done with the clients help with the small packet issue?" -
SSH Vulnerability and the Future of SSL
iamchris writes "Growing complacent in regards to security is dangerous. I've become more and more dependant on the SSL-type tools for my security... ssh itself, ssl for my web content, scp, sftp, etc... We all know nothing is 100% secure (or if you don't, God help you). An article on Security Focus cites a vulnerability with SSH and passwords. We usually type them in letter-by-letter. A lot of information can be gleaned from the timing of the keystrokes and some (relatively simple) packet decoding. Is there a better alternative to SSL based tools (Perhaps TLS)? Is there anything that can be done with the clients help with the small packet issue?" -
Saving Our Video Game Heritage
felis_panthera writes: "SecurityFocus has a great article on the preservation of the old arcade games like Arkanoid and Pac Man through the MAME program. MAME, which stands for Multiple Arcade Machine Emulator, is an emulator for the old, stand up arcade games. This story has SecurityFocus's Kevin Poulsen chatting with a few people involved in the project." -
Saving Our Video Game Heritage
felis_panthera writes: "SecurityFocus has a great article on the preservation of the old arcade games like Arkanoid and Pac Man through the MAME program. MAME, which stands for Multiple Arcade Machine Emulator, is an emulator for the old, stand up arcade games. This story has SecurityFocus's Kevin Poulsen chatting with a few people involved in the project."