book

Hacking Windows: Eavesdropping on Network Password Exchange

ITworld staff — Mon, 29 Dec 2008 15:19:31 -0500

Password guessing is hard work. Why not just sniff credentials off the wire as users log in to a server and then replay them to gain access? If an attacker is able to eavesdrop on Windows login exchanges, this approach can spare a lot of random guesswork.

Anatomy of a Web Service Contract

ITworld staff — Wed, 17 Dec 2008 15:07:40 -0500

For Web services to succeed as part of SOA, they require balanced, effective technical contracts that enable services to be evolved and repeatedly reused for years to come. Now, a team of industry experts presents the first end-to-end guide to designing and governing Web service contracts.

Cool Ruby script: Check for changed files

ITworld staff — Wed, 10 Dec 2008 10:53:20 -0500

The purpose of this script is to validate a file’s integrity. While it sounds like a humble end use, its applications are broad: If you can’t trust the contents of files on your computer, you can’t trust your computer.

VoIP Still Not Ready For Carrier-Grade Networks

Ari Takanen — Thu, 02 Oct 2008 13:22:42 -0400

After a quick tour of some Really Talented Groups dedicated to fuzzing research, I noticed three things: 1) Most teams are focused on fuzzing VoIP 2) Most if not all VoIP devices still break with fuzzing 3) Most VoIP vendors still do not get it. The tour continues...

Ubuntu for Non-Geeks, 3rd Edition

Sandra Henry-Stocker — Fri, 15 Aug 2008 12:02:55 -0400

Getting your friends and family to try Linux just got a lot easier. With the 3rd edition of Ubuntu for Non-Geeks and a desktop with spiffy visual effects, they might become easy converts!

Book Review-- Hacking: The Art of Exploitation, 2nd Edition

jnaze — Wed, 02 Apr 2008 14:01:14 -0400

Read it if you want a thorough understanding of various hacking techniques, especially if you know enough about programming to put some of what you learn into practice -- not for hacking (we hope), but to use the same skills for vulnerability testing and the same knowledge for protecting your network.