SAML is the Security Assertion Markup Language. SAML is a derivative of XML which is designed for the exchange of authentication and authorization data. The purpose of SAML is to enable Single Sign-On for web applications. SAML utilizes TLS to ensure the confidentiality of authentication and authorization data during transit. SAML Standards SAML is defined by the Organization for the Advancement of Structured Information Standards (OASIS). saml-conformance-2.0-os Conformance Requirements saml-core-2.0-os Assertions and Protocols saml-bindings-2.0-os Bindings saml-profiles-2.0-os Profiles saml-metadata-2.0-os Metadata saml-authn-context-2.0-os Authentication Context saml-sec-consider-2.0-os Security and Privacy Considerations saml-glossary-2.0-os SAML Glossary Read More

A TCP sequence prediction attack is an attempt to hijack an existing TCP session by injecting packets which pretend to come from one computer involved in the TCP session. The TCP Sequence Prediction Attack TCP is a reliable connection-oriented layer 4 (Transport Layer) protocol. Packet transfer between hosts is accomplished by the layers below layer 4 and TCP takes responsibility to making certain the packets are delivered to higher layers in the protocol stack in the correct order. To accomplish this reordering task, TCP uses the sequence number field. To Read More

RFC 2829 – Authentication Methods for LDAP defines the basic threats to an LDAP directory service: Unauthorized access to data via data-fetching operations, Unauthorized access to reusable client authentication information by monitoring others' access, Unauthorized access to data by monitoring others' access, Unauthorized modification of data, Unauthorized modification of configuration, Unauthorized or excessive use of resources (denial of service), and Spoofing of directory: Tricking a client into believing that information came from the directory when in fact it did not, either by modifying data in transit or misdirecting the client's Read More

Free firewalls have become very common and represent an excellent alternative to commercial firewall packages. Most of these firewalls run under some form of Linux, FreeBSD, or OpenBSD. Many of these free firewalls are front-ends for the lower-level firewall packages which ship with these operating systems, such as pf (Packet Filter), ipf (IPFilter), ipfw (IPFirewall), and iptables. Free firewall packages which you can download include: Firestarter Firesarter is a free firewall tool for Linux machines. Whether you simply want to protect your personal workstation or you have a network of Read More

IKE (Internet Key Exchange) is a key exchange mode for ISAKMP. IKE is used to securely exchange encryption keys as part of building a VPN tunnel. IKE supports the following encryption algorithms: DES-CBC IDEA-CBC Blowfish-CBC RC5-R16-B64-CBC 3DES-CBC CAST-CBC IKE supports the following hash algorithms: MD5 SHA Tiger IKE supports the following authentication methods: Pre-shared key DSS signatures RSA signatures Encryption with RSA Revised encryption with RSA IKE utilizes the Diffie-Hellman asymmetric cipher for key exchange. IKE is fully documented in RFC 2409: The Internet Key Exchange (IKE).

Cyber warfare refers to a massively coordinated digital assault on a government by another, or by large groups of citizens. Estonia was subject to this kind of attack in 2006. The conflict apparently stemmed from a decision by the Estonian government to move a Soviet-era monument to another location, an action resented and protested against by many of the country's ethnic Russian citizens. Although the conflict had seemingly been resolved by mid-April, Estonia internet security experts were still wary about a cyber-assault. How the Estonian Cyber-Attack was Carried Out Cyber-attacks Read More

DMZ is short for DeMilitarized Zone. In military jargon, a DMZ is an area of land that serves as a buffer between two enemies. The most well known DMZ in the world is the DMZ that protects South Korea from North Korea. In network security jargon, a DMZ is a network that serves as a buffer between a secure protected internal network and the insecure Internet. A DMZ usually contains servers which provide services to users from the Internet, such as web, ftp, email (SMTP, POP3 and IMAP4), and DNS Read More

"Malicious botnets", networks of "zombie" computers controlled and commanded by outsiders with nefarious intentions ranging from Directed Denial of Service (DDoS) attacks to simple spamming and ad insertions are considered by Internet security experts as the major threat in the coming months and years. The Federal Bureau of Investigation (FBI) has recently announced that it has identified at least one million 'captive' computers in the United States. At the same time, various Internet security experts believe that there are anywhere from three to 35 million bots operating in the world-wide Read More

A personal firewall is a firewall-like software application which runs on a users PC. Traditional software-based firewalls run as the only application on stand-alone computers which have been hardened to protect against hackers. Personal firewalls run on PC’s along with all of the other applications required by the PC user. Traditional firewalls protect entire networks. Personal firewalls are normally designed to protect only the PC upon which they are installed. Because they run on the same computer as the other applications, personal firewalls have more information available to them than Read More

Network Attacks Review A network attack occurs when an attacker or hacker uses certain methods or technologies to maliciously attempt to compromise the security of a network. Hackers attack corporate networks to use data for financial gain or for industrial espionage, to illegally use user accounts and privileges, to run code to damage and corrupt data, to steal data and software, to prevent legitimate authorized users from accessing network services, and for a number of other reasons. External attacks are performed by individuals who are external to the target network Read More