Dennis Fisher

Web security needs are beginning to attract the attention of larger vendors that are combining elements of traditional access control with new protection for legacy and mainframe applications. Computer Associates International Inc., for instance, is readying eTrust Web Access Control, the companys biggest foray yet into Web security and the beginning of a shift in […]

Tripwire Inc. on Monday unveiled a new version of its Tripwire for Network Devices security software, which now includes a Web-based management interface and the ability to output reports with XML data. Version 2.5 of the monitoring software also includes the Product Resource Center, which enables customers to download “device kits” to help them monitor […]

Thanks to several high-profile vulnerabilities and an overall increase in the number of flaws, open-source software has taken over Microsoft Corp.s position at the bottom of the security heap. A recent research note from two analysts at the Aberdeen Group calls open-source software and Linux distributions the “2002 poster children for security problems.” Of the […]

There are three serious flaws in the popular RealOne and RealPlayer media players that allow an attacker to run code on remote users machines. Real Networks Inc. issued a patch for these flaws, but it was subsequently found to not fix the problem and was supposed to be removed from the companys Web site. However, […]

A back door in the operating system that runs on some of Alcatel Internetworking Inc.s LAN switches enables an attacker to gain complete control of the switch. The problem affects the Alcatel OmniSwitch 7700 and 7800 running version 5.1.1 of the Alcatel Operating System. The back door is actually a Telnet server that Alcatel installed […]

While many agencies are still licking their wounds from once again failing their annual information security test, the Department of Defense and the National Security Agency on Thursday will announce a new partnership that could go a long way toward shoring up the security of the governments networks. The new agreement is a joint research […]

There is a serious security flaw in a technology included in many versions of Windows and Internet Explorer that enables an attacker to gain complete control of vulnerable Web servers or client machines. The flaw lies in the Microsoft Data Access Components, a collection of components used to provide database connectivity on Windows. The MDAC […]

In the hopes of making its security bulletins more readable, Microsoft Corp. on Tuesday announced that it has revised the guidelines it uses to rate the severity of the security vulnerabilities in its products. The company will also establish a separate mailing list for end users who dont want or need all of the technical […]

Sun Microsystems Inc. on Monday will announce a new Linux-based security appliance featuring Check Point Software Technologies Ltd.s VPN and firewall software. The announcement will be made at the Comdex Fall 2002 show in Las Vegas. The new LX50 VPN/Firewall appliance will run a hardened version of Linux and Check Points FireWall-1 and VPN-1 software. […]

Security vendors this week will introduce products that move beyond basic encryption and virtual private networking to incorporate technologies to help prevent intrusions and unauthorized connections. AirDefense Inc. is rolling out its new ActiveDefense appliance, which includes functionality that can block intrusion attempts and trap attackers onto a phony, dead-end WLAN connection. Known as AirBlock […]