1. Cisco extends NAC security to switches

    Date: 10/18/05 (Security)    Keywords: software, security

    Cisco is adding new security software to all its products including Ethernet switches and wireless gear.

    Source: http://news.zdnet.com/Cisco+extends+NAC+security+to+switches/2100-1009_22-5898169.html?part=rss&tag=feed&subj=zdnn

  2. Oracle fixes bugs with mega patch

    Date: 10/19/05 (Security)    Keywords: security

    Quarterly update includes fixes for a slew of security vulnerabilities in many Oracle products--many of wich carry Oracle's most serious rating.

    Source: http://news.zdnet.com/Oracle+fixes+bugs+with+mega+patch/2100-1009_22-5900784.html?part=rss&tag=feed&subj=zdnn

  3. Microsoft exec: ID cards pose security risk

    Date: 10/19/05 (Security)    Keywords: security

    U.K. government's plans for a mandatory biometric ID card opens British citizens up to "huge potential breaches," security exec warns.

    Source: http://news.zdnet.com/Microsoft+exec%3A+ID+cards+pose+security+risk/2100-1009_22-5900411.html?part=rss&tag=feed&subj=zdnn

  4. Security flaw touches Windows Media Player, IE

    Date: 10/18/05 (Security)    Keywords: browser, security, microsoft

    "Critical" flaw affects Microsoft's media player and browser, including on Windows XP with SP2, a security firm reports.

    Source: http://news.zdnet.com/Security+flaw+touches+Windows+Media+Player%2C+IE/2100-1009_22-5899448.html?part=rss&tag=feed&subj=zdnn

  5. Open Source Java Software Stack (J2EE) Goes Mainframe

    Date: 10/19/05 (Java Web)    Keywords: software, java, security

    Unisys is putting Open Source Java software technologies (J2EE stack) directly on the mainframe using a native Java virtual machine. Why? to improve the scalability, security and transactionlity integrity of J2EE apps; to make it easier for J2EE and mainframe assets to communicate with one another; and to provide n-tier Java/J2EE and mainframe developers a “back door” entry point [...]

    Source: http://blog.taragana.com/index.php/archive/open-source-java-software-stack-j2ee-goes-mainframe/

  6. Netscape update fixes Firefox bugs

    Date: 10/20/05 (Security)    Keywords: software, browser, security, web

    With release 8.0.4, Netscape is now up to date on security patches with the underlying Firefox Web browser software.

    Source: http://news.zdnet.com/Netscape+update+fixes+Firefox+bugs/2100-1009_22-5902868.html?part=rss&tag=feed&subj=zdnn

  7. Kerio to scrap desktop firewall

    Date: 10/20/05 (Security)    Keywords: security

    Company says it can't compete with security suites offered by others and instead will focus on its server-based firewall products.

    Source: http://news.zdnet.com/Kerio+to+scrap+desktop+firewall/2100-1009_22-5903250.html?part=rss&tag=feed&subj=zdnn

  8. E-voting won't be verified until 2006

    Date: 10/22/05 (Security)    Keywords: security

    A federal security-check process will be ready in 2007, not in time for next year's elections, a government report says.

    Source: http://news.zdnet.com/E-voting+won%27t+be+verified+until+2006/2100-1009_22-5907036.html?part=rss&tag=feed&subj=zdnn

  9. Snort exploit published

    Date: 10/26/05 (Security)    Keywords: security

    Security advisory: Published exploit could take advantage of flaw in the open-source intrusion protection system.

    Source: http://news.zdnet.com/Snort+exploit+published/2100-1009_22-5915111.html?part=rss&tag=feed&subj=zdnn

  10. Zotob damage deep but not widespread

    Date: 10/26/05 (Security)    Keywords: security

    Hackers go for gain rather than pain, a study from security firm Cybertrust says.

    Source: http://news.zdnet.com/Zotob+damage+deep+but+not+widespread/2100-1009_22-5915591.html?part=rss&tag=feed&subj=zdnn

  11. Microsoft adds to OneCare security beta

    Date: 10/26/05 (Security)    Keywords: security

    A test version of the subscription security product adds MSN Messenger scanning and better "help" features.

    Source: http://news.zdnet.com/Microsoft+adds+to+OneCare+security+beta/2100-1009_22-5915426.html?part=rss&tag=feed&subj=zdnn

  12. Flaw hunters pick holes in Oracle patches

    Date: 10/27/05 (Security)    Keywords: software, security

    Software maker is coming under increased fire from security researchers who say its patch process is "years behind" other companies.

    Source: http://news.zdnet.com/Flaw+hunters+pick+holes+in+Oracle+patches/2100-1009_22-5916171.html?part=rss&tag=feed&subj=zdnn

  13. Symantec looks to sell more services

    Date: 10/29/05 (Security)    Keywords: security

    New approach to selling services is aimed at getting customers to buy more than just security testing, code review.

    Source: http://news.zdnet.com/Symantec+looks+to+sell+more+services/2100-1009_22-5920597.html?part=rss&tag=feed&subj=zdnn

  14. AIM worm plays nasty new trick

    Date: 10/29/05 (Security)    Keywords: security, spyware

    Pest spreading via America Online's network delivers a cocktail of spyware, security company warns.

    Source: http://news.zdnet.com/AIM+worm+plays+nasty+new+trick/2100-1009_22-5920403.html?part=rss&tag=feed&subj=zdnn

  15. obfuscation and encoding

    Date: 10/29/05 (PHP Community)    Keywords: php, security, web

    i have a case where i'm trying to provide some unsubscribe functionality via a link to a website in an email. i need to encode some information in the url, specifically a user id and a list so i know who they are and which list they are unsubscribing to. Security is of course important, I don't want anyone to be able to just submit with random user ids and lists so i need to encode it with some sort of obfuscation, but also with a checksum or something that would prevent tampering or at least let me know.

    Anyone have any experience with this or ideas? ideally, i'd like to use something readily available in PHP (and also perl if possible since the encrypting part will happen in perl, but presumably i could port easily enough). maybe like generate a url string, such as "user_id=x&list=y", base64 encode it (which also shrinks it and is a plus) and then add a crc byte on the end? then my url would be http://www.example.com/file.php?hash="gobbledygook"

    does anyone know of something in PHP that would do this? if not any suggestions for rolling your own (like algorithms, i don't need actual code probably unless you either have it, know of it on a free site, or really feel like writing it ;-) ) maybe using compression utils with a password? that would i think require recompiling php or using external programs which is doable, but not as desireable. plus if someone guessed the password, they could decrypt, but i suppose that is true for any algorithm that's one way. perhaps using ssl or pgp somehow? having 2 keys, then no one could decrypt it without the private key? that might be overkill. or mhash for hashing, but then might that be easy to crack and can it be computed in perl?

    xposted to php-dev

    Source: http://www.livejournal.com/community/php/360630.html

  16. obfuscation and encoding

    Date: 10/29/05 (PHP Development)    Keywords: php, security, web

    i have a case where i'm trying to provide some unsubscribe functionality via a link to a website in an email. i need to encode some information in the url, specifically a user id and a list so i know who they are and which list they are unsubscribing to. Security is of course important, I don't want anyone to be able to just submit with random user ids and lists so i need to encode it with some sort of obfuscation, but also with a checksum or something that would prevent tampering or at least let me know.

    Anyone have any experience with this or ideas? ideally, i'd like to use something readily available in PHP (and also perl if possible since the encrypting part will happen in perl, but presumably i could port easily enough). maybe like generate a url string, such as "user_id=x&list=y", base64 encode it (which also shrinks it and is a plus) and then add a crc byte on the end? then my url would be http://www.example.com/file.php?hash="gobbledygook"

    does anyone know of something in PHP that would do this? if not any suggestions for rolling your own (like algorithms, i don't need actual code probably unless you either have it, know of it on a free site, or really feel like writing it ;-) ) maybe using compression utils with a password? that would i think require recompiling php or using external programs which is doable, but not as desireable. plus if someone guessed the password, they could decrypt, but i suppose that is true for any algorithm that's one way. perhaps using ssl or pgp somehow? having 2 keys, then no one could decrypt it without the private key? that might be overkill. or mhash for hashing, but then might that be easy to crack and can it be computed in perl?

    xposted to php

    Source: http://www.livejournal.com/community/php_dev/61842.html

  17. Symantec: No end in sight for acquisitions

    Date: 10/31/05 (Security)    Keywords: security

    No plans to get into identity management but more megadeals on the horizon, a top executive at the security giant says.

    Source: http://news.zdnet.com/Symantec%3A+No+end+in+sight+for+acquisitions/2100-1009_22-5924193.html?part=rss&tag=feed&subj=zdnn

  18. Evasion bug bites virus shields

    Date: 11/01/05 (Security)    Keywords: security, virus, antivirus

    Security researcher says an issue in several antivirus products could let malicious files pass undetected, but some in the industry say it's not a flaw.

    Source: http://news.zdnet.com/Evasion+bug+bites+virus+shields/2100-1009_22-5924738.html?part=rss&tag=feed&subj=zdnn

  19. MessageLabs to buy OmniPod for IM security

    Date: 11/02/05 (Security)    Keywords: security

    Acquisition of hosted secure enterprise instant messaging provider is MessageLabs' ticket into the instant messaging security fray.

    Source: http://news.zdnet.com/MessageLabs+to+buy+OmniPod+for+IM+security/2100-1009_22-5927144.html?part=rss&tag=feed&subj=zdnn

  20. Now I'm really screwed.

    Date: 11/02/05 (Web Development)    Keywords: php, mysql, software, html, technology, database, sql, security, apache

    This is a follow up to the post I made before regarding this database connection problem I'm having. (http://www.livejournal.com/community/php/359304.html)

    After receiving responses from people that suggested I install the MS SQL PHP functions, I inquired with my IT contact (we are a large institution and therefore have ridiculous amounts of red tape to deal with) as to whether or not they could be installed.

    This is what I was told:

    We do not support MSSQL odbc connection on our Sun Solaris server running Apache. mssql_connect would require a staff member who knows the technology, purchase of licensed software (which we do not have), and recompiling of Apache that may potentially break other users code. Also, there would be MSSQL security issues if we were to open up or authorize connections to it from our Sun Server, we host a variety of departmental databases on that SQL server, that could be a potentially serious problem if any of our other databases we to be compromised. Sorry for the inconvenience, but that is the story.


    If I can't connect to that database, the entire project that I'm working on is going to be fucked and I have a 11/21 deadline. I need to know two things, if any of you can discern from all of this:

    1. Is it EVER going to be possible for me to connect to that database? Or should I just stop wasting my time and create another for my personal use?

    2. If it is possible, can someone tell me how? :(

    Thanks everyone.

    Cross posted to PHP/MySQL communities.

    Source: http://www.livejournal.com/community/webdev/263959.html

Previous page  ||  Next page


antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home