Information Security Archives

BioPassword: Two-Factor Authentication The Easy Way

For anyone those who hasn’t heard about it, there’s a really cool…

Security: How To Monitor Your Network Connections

One of the most important concepts in computer security is “knowing thy…

Stop Freaking Out When People Use “Hacker” To Mean Computer Criminal

People who use the word “hacker” when they’re referring to computer…

A Hacker Is A Criminal

A Hacker is a bad guy—someone trying to break into computers with the intent…

Hostfind: Another Lame Tool

Only this one is more lamerer. This will take a list of words from a list you…

DMZs: NATing vs. Using Public Addresses

Here’s a snip from a forum question that I’m getting ready to write…

Information Security: The End Of The Wild West

[ Aug 2, 2006 ] If you’re an information security administrator/analyst…

China Illustrates How Not To Do Firewall Filtering

Someone’s noticed a very interesting fact about firewall filtering that…

How To Advance In InfoSec: Don’t Study, Do.

I’ve been thinking a lot about how to get to the next level in my field…

Without A Castle

As a consultant, the one thing I really miss is the feeling of owning a network…

Information Security is Not a Permanent Cashcow

I’ve been saying for years that the time of the mediocre security professional…

Security: Identification, Authentication, and Authorization

Many grapple with the concept of authentication in information security. What…

Markus Ranum: An Idealist To A Fault

Markus Ranum is a highly-respected (for good reason) information security professional…

Good DRM

I will, in the course of my information security career, become well versed on…

A Thought On Identity Theft

As we all know, tons of people are having their identities stolen — the…

A Browser Security Idea

One of the comments “How To Fix The Internet” article that’s…

Lame Online Password Logic

I’m getting so tired of sites that don’t allow for the use of long,…

CISSP vs. GSEC

With my recent attainment of the GSEC credential, I’ve had some discussions…

The Infosec Trinity

Well, I just passed the final exam for the GIAC GSEC credential from SANS, and…

Windows Security Analogy

Here’s an analogy for the Windows users trying to fight malware. Imagine…

Network Intrusion Prevention Systems

Anyone keeping track of the security vendor/technology hype knows that IPS has…

CSRF is Wicked

I’ve been studying web security again recently and decided to do a POC of…