Internet Security Whitepapers

Software Penetration Testing

Internet Security Whitepapers Penetration Testing

Quality assurance and testing organizations are tasked with the broad objective of assuring that a software application fulfills its functional business requirements. Such testing most often involves running a series of dynamic functional tests to ensure proper implementation of the application’s features. However, because security is not a feature or even a set of features, security testing doesn't directly fit into this paradigm.

SolarWinds Toolset Administrator Guide

Internet Security Whitepapers Scanning Hacking Routers, Cable Modems and Firewalls

The SolarWinds Toolset provides the tools you need as a network engineer or network consultant to get your job done. Toolset includes best-of-breed solutions that work simply and precisely, providing the diagnostic, performance, and bandwidth measurements you want, without extraneous, unnecessary features. SolarWinds was founded by network professionals and continues to design tools for the network professional by listening to and enlisting the help of network professionals. This document contains information for the tools contained in all toolset editions.

SolarWinds Toolset Quick Start Guide

Internet Security Whitepapers Scanning Hacking Routers, Cable Modems and Firewalls

SolarWinds Toolsets contain desktop applications ranging from configuration management, bandwidth and network performance monitoring to discovery and fault management. The size and complexity of your network will determine which Toolset solution that best meets your needs.

Spam Monitor Survey Volume II

Internet Security Whitepapers Spamming

The survey is representative of a cross-section of industry sectors and geographies. The largest groups of respondents were based in the USA (421), UK (398), Australia (148), France (92) and Germany (66). Responses were received from 45 countries in all. Respondents worked in small, medium and large organisations. 38.7 per cent worked in organisations of fewer than 50 people, 18 per cent in organisations of between 50 and 250 people and 30.3 per cent worked in organisations with over 1,000 people. The survey was made up of a total of 50 questions which were put into 3 specific areas: Technology, Education and Legislation.

Spam: A Security Issue

Internet Security Whitepapers Spamming

Spam has become a plague for email users around the world. The sheer volume of spam is annoying as users have to clean their inboxes from these unwanted messages on a daily basis. In addition, the aggressive and often sexually explicit nature of spam is offensive and frustrating to most end users. Spam is clearly a nuisance, but in this white paper, we will demonstrate how spam has evolved into a true security issue for organizations.

Splint Manual

Internet Security Whitepapers Reverse Engineering

Splint is a tool for statically checking C programs for security vulnerabilities and programming mistakes. Splint does many of the traditional lint checks including unused declarations, type inconsistencies, use before definition, unreachable code, ignored return values, execution paths with no return, likely infinite loops, and fall through cases. More powerful checks are made possible by additional information given in source code annotations. Annotations are stylized comments that document assumptions about functions, variables, parameters and types. In addition to the checks specifically enabled by annotations, many of the traditional lint checks are improved by exploiting this additional information.

Spy-Phishing - A New Breed of Blended Threats

Internet Security Whitepapers Phishing

In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power of information exchange and commerce at our fingertips. Networks and systems are continuously evolving to become more robust, thereby maximizing our convenience and productivity – 24 hours a day, seven days a week. Just like any other computer security threat, spy-phishing did not just appear out of nowhere. Instead, it is just another point on the overall threat landscape. In fact, one can trace the progression that led to spy-phishing to a number of specific evolutionary factors in the threat world. This includes the shift in the overall intention of malicious writers, in addition to a number of technological evolutions, including spyware, phishing and pharming.

SQL Injection: Are Your Web Applications Vulnerable?

Internet Security Whitepapers SQL Injection

SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries without stripping potentially harmful characters first. Despite being remarkably simple to protect against, there is an astonishing number of production systems connected to the Internet that are vulnerable to this type of attack. The objective of this paper is to educate the professional security community on the techniques that can be used to take advantage of a web application that is vulnerable to SQL injection, and to make clear the correct mechanisms that should be put in place to protect against SQL injection and input validation problems in general.

Steel Bolt Hacking - The Computerman’s Guide to Lock Picking

Internet Security Whitepapers Physical Security

Steel Bolt Hacking, or Lock Picking as it's most commonly known, is fast becoming a competitive sport among computer people. And it's far more than just picking locks. The 'sport' includes cracking combinations, push button door locks, electric key cards, and just about anything that has a lock to it. Lock picking sports groups are beginning to spring up in the U.S., the fastest growing groups are within the computer industry. Most computer people are fascinated with unlocking codes, bypassing security protocols and finding program vulnerabilities that can be exploited. Picking locks and cracking combinations are no different.

Steganography FAQ

Internet Security Whitepapers Cryptography

Steganography is the practice of hiding private or sensitive information within something that appears to be nothing out of the usual. Steganography is often confused with cryptology because the two are similar in the way that they both are used to protect important information. The difference between the two is that Steganography involves hiding information so it appears that no information is hidden at all. If a person or persons views the object that the information is hidden inside of he or she will have no idea that there is any hidden information, therefore the person will not attempt to decrypt the information.