29 September 2012
Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition
Cryptographic techniques have applications far beyond the obvious uses of encoding and decoding information. For Internet developers who need to know about capabilities, such as digital signatures, that depend on cryptographic techniques, there's no better overview than Applied Cryptography, the definitive book on the subject. Bruce Schneier covers general classes of cryptographic protocols and then specific techniques, detailing the inner workings of real-world cryptographic algorithms including the Data Encryption Standard and RSA public-key cryptosystems.
Bruce Schneier's Applied Cryptography is an excellent book for anyone interested in cryptology from an amateur level to actually being involved in the development of new encryption mechanisms. Schneier's book begins with a simple discussion of what is cryptography, and then he proceeds through the history of various encryption algorithms and their functioning. The last portion of the book contains C code for several public-domain encryption algorithms.
The book includes source-code listings and extensive advice on the practical aspects of cryptography implementation, such as the importance of generating truly random numbers and of keeping keys secure.
23 September 2012
Global IT-related Risk Framework
ISACA released Risk IT, the first global IT-related risk framework to provide a comprehensive view of the business risks associated with IT initiatives.
Risk IT provides a single, comprehensive view of IT-related business risks, which can cost companies millions annually in lost revenues and opportunities.
Risk IT complements and extends COBIT and Val IT, but also is highly effective as standalone guidance. A key aspect is that all enterprises using IT, whether one-person shops or multinational conglomerates, can benefit from Risk IT. It can also be customized for any type of enterprise in any geographic location.
16 September 2012
Ethical Hacker Job Description
An Ethical Hacker performs network and application-based security vulnerability assessments and penetration tests in accordance with industry-accepted methods and protocols.
14 September 2012
Linux Firewalls
Linux Firewalls, authored by Michael Rash and published by No Starch Press, covers five main topics:
- traditional packet filtering with iptables
- port scan detection
- snort rule translation
- port knocking
- log visualization
10 September 2012
WiKID Strong Authentication System
The WiKID Strong Authentication System consists of three parts: the WiKID server, the WiKID token client and a network client (such as a VPN, website or other service requesting authentication). Application & API support exists for the following and more:
03 September 2012
Hackers != Crackers
It really pisses me off that when I discuss online with friends or colleagues and mention that I consider myself a happy hacker, then all of a sudden I’m some kind of wannabe corporate criminal mastermind. They seem to equate “hacker” with “cracker”. Just because of some over hyped stories, hackers have to endure snide remarks and are stereo-typed as crackers.
To quote the seminal teachings of How To Become A Hacker by Eric Steven Raymond:
To quote the seminal teachings of How To Become A Hacker by Eric Steven Raymond:
These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn’t make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end.
Subscribe to:
Posts (Atom)