Security researchers develop DoS attack filter

Tuesday, October 6th, 2009

Researchers have come up with host-based security software that blocks distributed denial-of-service attacks (DDoS) without swamping the memory and CPU of the host machines. The filtering, called identity-based privacy-protected access control (IPCAF), can also prevent session hijacking, dictionary attacks and man-in-the-middle attacks, say researchers at Auburn University in their paper, "Modeling ...

SSL trick certificate published

Wednesday, September 30th, 2009

On the Noisebridge hacker mailing list, security specialist Jacob Appelbaum has published an SSL certificate and pertinent private key that together allow web servers to avoid triggering an alert in vulnerable browsers - irrespective of the domain for which the certificate is submitted. Phishers, for example, could use the certificate ...

Exploit published for SMB2 vulnerability in Windows

Tuesday, September 29th, 2009

A fully functional exploit for the security vulnerability in the SMB2 protocol implementation has been published. It can be used to discover and attack vulnerable Windows machines remotely. By integrating the exploit into the Metasploit exploit toolkit, attackers have access to a wide range of attack options, ranging from issuing ...

Use ants to fight worms

Monday, September 28th, 2009

To combat worms, Trojans and other malware, a team of security researchers wants to use ants. Not the actual live insects, of course, but computer programs modelled to act like ants in the way they roam a network and search for anomalies. "Ants aren't intelligent," says Glenn Fink, a senior research ...

LogMeIn can control some PCs, even when off

Sunday, September 20th, 2009

During a recent talk with LogMeIn CEO Michael Simon, I learned about the company's new LogMeIn Central dashboard for IT managers, designed to help them keep tabs on thousands of computers at a time. I also heard about the new version of virtual network service Hamachi, which makes it a competitor ...