Dennis Fisher

A security researcher has developed a new attack for a well-known flaw in the TCP protocol that allows an attacker to effectively shut down targeted routers and terminate existing TCP sessions at will. The scenario has many security experts worried, given the ubiquity of TCP and the fact that theres an attack tool already circulating […]

NetScreen Technologies has introduced its ISG 2000, a multifunction security appliance based on the companys latest ASIC. The box supports intrusion detection and prevention technologies. The ISG 2000 can handle 2G bps of firewall throughput and 1G bps of IP Security VPN traffic. The box has enough processing power to handle 10,000 simultaneous VPN tunnels […]

NEW YORK—Software security is in a sorry state right now and vendors, the government and industry organizations need to pull together to make some major changes in the near future, the countrys top cyber-security official said Monday. In a keynote speech at the Information Security Decisions conference here, Amit Yoran, director of the National Cyber […]

The computer industry and the federal government alike need to greatly improve their efforts to reduce the vulnerability of the nations networks, beginning with a major shift in the way software and hardware are built and sold, according to a federal report due out this week. The report, written by a task force from the […]

If the recent compromises of Unix and Linux machines at supercomputing centers and research universities around the country do nothing else, they should prove once and for all that there is nothing new under the sun. /zimages/5/28571.gifClick here to read more about the recent attacks. To veterans of the security world, or of the high-tech […]

Cisco Systems Inc. on Tuesday released a new protocol for authentication in an effort to help protect customers from security deficiencies in existing protocols, chiefly one developed years ago by Cisco. Known as EAP-FAST (Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling), the new protocol differs from Ciscos LEAP (Lightweight Extensible Authentication Protocol) in that it […]

In the interest of spreading the security message to as wide an audience as possible, a group of volunteer security professionals has compiled one of the largest, most complete and most freely accessible databases of vulnerabilities on the Internet. Open Source Vulnerability Database, or OSVDB, is meant to serve as a central collection point for […]

NetScreen Technologies Inc. on Monday unveiled its new ISG 2000, a multifunction security appliance based on the newest version of the companys ASIC. The box also includes support for intrusion-detection and prevention technologies. The introduction of the new appliance makes clear that officials at NetScreen, which was acquired earlier this year by Juniper Networks Inc., […]

Even as it puts finishing touches on major security upgrades for Windows XP due later this spring, Microsoft Corp. is preparing a similarly extensive set of security improvements for Windows Server 2003. The updates, a continuation of the Redmond, Wash., companys efforts to enhance the security and reliability of its products, will give Windows Server […]

Microsoft Corp. officials on Thursday said the company is investigating the leak of a piece of code that is capable of generating activation keys for Windows Server 2003. The tool, known as a key generator, can be used to produce the random alphanumeric keys that are needed to activate the software upon installation. The arrival […]