SEARCH RESULTS
 
Showing 1-10 of 44 records
 
Expand article

CISA and CISSP Preparation

The Article has images
2008-07-31 13:14:07 by Erik T. Heidt in Art of Information Security
...length or full-length examination It is my feeling that a half-length exam is long enough that fatigue, maintaining focus, and pace are all stressed, as they will be on examination day. This of course requires access to a large set of test questions or sample tests, preferably with explanations of incorrect answers. In addition to commercial...
 
Tags: exam, exam requirements, cissp exam preparation, half-length exam, exam cram series, certification exam, exam preparation materials, preparation materials, cissp
 
 
 
 
Expand article

Serializable XmlDocument

The Article has images
2008-08-19 02:58:00 by keith-brown in Security Briefs
...length of the data written to the stream so far (CopyUpToSeekPointer). So don't go looking in the docs for MemoryStream for this method :) This is obviously not the most efficient way to consume bytes written to a MemoryStream since it copies the data into a new byte array, but it's very convenient in many scenarios Here is...
 
Tags: public class item, public, public void getobjectdata, public static byte, xmldocument, return doc, return, static byte, public class
 
 
 
 
Expand article

Orkut XSS Worm

2007-12-20 16:18:37 by RSnake in ha.ckers.org web application security lab
 
...Length: 98 POST TOKEN=0B57493EBE09C74A3D69298F67635479&signature=Bm1YihIUAe5I%2BAvfFH7v4bjtdrI%3D&Action.join POST request sent by the worm to submit itself to the scrapbook of the victims friends POST /Scrapbook.aspx HTTP/1.1 Host: www.orkut.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127...
 
Tags: orkut, worm, post, community, orkut community, post scrapbook, xss worm, post requests, worm code
 
 
 
 
Expand article

Responsible-ish Disclosure

2008-05-08 20:50:57 by Chris Eng in Zero in a bit
 
...length .text:00405C32 mov [ebp+var 4], 0 .text:00405C39 call operator new(uint); Big values return NULL .text:00405C3E mov ecx, esi ; Memcpy with our length .text:00405C40 mov esi, [ebp+pDestionationAddr] .text:00405C43 mov [ebx+4], eax ; new result is used as dest .text:00405C46 mov edi, eax ; address without checks. .text:00405C48 mov eax,...
 
Tags: text, esi, 00405c1b mov esi, ecx, 00405c31 push esi, 00405c3e mov ecx, recent dos vulnerability, vulnerability, 00405c21 test esi
 
 
 
 
Expand article

Sikhs Can Carry Knives on Airplanes in India

2008-06-10 06:27:16 by schneier in Schneier on Security
 
...length of the 'Kirpan' should not exceed 22.86 CMs (9 inches) and the length of the blade should not exceed 15.24 CMs. (6 inches). It is being reiterated that these instructions should be fully implemented by concerned security personnel so that religious sentiments of the Sikh passengers are not hurt How airport security is supposed to...
 
Tags: sikh passengers, kirpan, board domestic flights, length, carry kirpan, total length, religious sentiments, inches, cms
 
 
 
 
Expand article

Improve Security with "A Layer of Hurt"

2008-07-31 19:13:00 by sdl in The Security Development Lifecycle
 
...Length byte[] fileData = new byte[fileStream.Length fileStream.Read(fileData, 0, (int)len fileStream.Close if FUZZ Malform pain = new Malform fileData = pain.Fuzz(fileData endif In both code examples, Fuzz() mutates the incoming data. In the C++ case, the fuzzing code looks like this void Fuzz( Inout bytecap (*pcbBuf) char *pBuf Inout size t...
 
Tags: layer, code layer, code, decent code coverage, fuzz, void fuzz, ifdef fuzz, code examples, perform fuzz
 
 
 
 
Expand article

Factoring News

2007-06-04 13:00:00 by Burt Kaliski in Speaking of Security, the RSA Blog and Podcast
 
...length used in cryptography - which is the reason that Mersenne numbers are often targeted in factoring research
 
Tags: 1039th mersenne, mersenne, recent blog entry, earthquake metaphor, informative explanation, recent factorization, special form, research, post
 
 
 
 
Expand article

The Cipher on the Wall

2007-05-24 00:00:00 by Ari Juels in Speaking of Security, the RSA Blog and Podcast
 
...length of many RSA keys used in practice today, a short journalistic leap of fancy raises the specter of imperiled retail transactions on the Web. If there is writing on the wall for 1024-bit RSA, though, what's written is in cipher--and it's wholly unclear how long the cryptanalysis will take
 
Tags: wall, 1024-bit rsa, short journalistic leap, recent announcement, retail transactions, wholly unclear, cipher, fancy raises, trade publication
 
 
 
 
Expand article

Article: Analytics Brief: Securing The New Data Center

The Article has images
2008-01-07 05:28:32 by Editor in Security Links
...length report at businessinnovation.cmp.com governance While the tools to create a secure virtualized environment are now showing up, it would be a mistake to think that virtualization security is just about buying a different set of security tools. Greg Shipley, CTO of security research company Neohapsis, offers this advice: Take a hard look...
 
Tags: virtual environment, environment, virtual appliances range, virtual appliances, security, tools, security tools, develop security, security holes
 
 
 
 
Expand article

Changing the SSL cipher order in Internet Explorer 7 on Windows Vista

2007-11-07 05:37:47 by Steve Riley in Steve Riley on Security
 
...lengths first. Why? If longer bit lengths are more secure, shouldn't they be listed first Remember, encryption is the thing that buys you time against Immutable Law #3 . But performing encryption itself takes time. So when choosing an algorithm and a bit length, one important consideration is to ask yourself this question: "How long do I need...
 
Tags: sha, null sha, cbc sha p384, cbc sha, cbc sha p521, shorter bit lengths, bit lengths, cbc sha p256, 256-bit aes