Timothy Dyck

With an executable only 196KB IN size, Marius Milners Network Stumbler wireless sniffer packs a lot of punch into a tiny package. “Its really helpful for administrators trying to lock down their sites,” Milner told me at NetWorld+Interop in Las Vegas earlier this month, when he was attending eWeek and PC Magazines i3 (Innovation In […]

Two specifications propose to fill the security gaps in SOAP: SAML, from OASIS, and WS-Security, from IBM, Microsoft Corp. and VeriSign Inc. Neither of these standards has been widely adopted, but they are leading contenders for modeling how Web services security will eventually happen, and Web services adopters should be investigating them now. Security Assertion […]

Last week, Udi Manber, Yahoos chief scientist, described the kinds of attacks that any Web site offering Web services or other kinds of dynamic content can expect to face. Manber presented his talk, “Exploits of Large-Scale Web Services and Counter-measures,” at the 2002 IEEE Symposium on Security and Privacy, in Oakland (go to www.ieee-security.org/TC/SP02/sp02prelimprogram.html for […]

App Scanning Helps Secure Weak Spots”> Strong security means closing every possible entry point for system crackers, and the weak links for many organizations are custom-built Web applications. Two just-released updates to application vulnerability scanners from Sanctum Inc. and SPI Dynamics Inc. will help developers trying to build secure applications. Custom application security is a […]

After Lancopes StealthWatch G1 intrusion detection appliance won eWeek and PC Magazines i3 Awards Security category at NetWorld+Interop, I met with the original author of the software, Lancope Chairman John Copeland, to see the technology for myself. New in StealthWatch 2.0, which started shipping last month, is the ability to set alarm policies that allow […]

Conventional wisdom says that looking for trouble isnt a good idea. When it comes to IT security, however, finding system troubles before anyone else does is the name of the game. In this special section, eWeek Labs examines the state of the art in security vulnerability detection from several angles. Its cheapest—and most effective—to fix […]

Its something that unites all computer users—the moment when your software stops you cold with messages that dont make sense, windows that extend off the screen or buttons that dont seem to do anything. The Interface Hall of Shame, at www.iarchitect.com/mshame.htm, is a roll call of the moronic things programmers and designers have inflicted on […]

App Servers Mature Web application servers have reached a significant level of maturity: The market is changing at a slower pace, and theres much more of a focus on keeping the servers running well in production environments and squeezing more value out of existing investments. In addition, application server vendors are increasingly turning to specialized […]

Sun Microsystems Inc.s Java compatibility testing programs have done much to level the Java application server playing field. The standards are always moving forward, and keeping up is important, but Java 2 Enterprise Edition certification isnt given on a sliding scale—products either pass the compatibility test suite or they dont. As a result, application server […]

LAS VEGAS–At the NetWorld+Interop trade show here, eWEEK and PC Magazine announced the winners of their joint Innovation in Infrastructure Awards program. New approaches to network security and new ways to consolidate or better utilize existing equipment were two themes among first-place entries. The Enterprise Hardware winner, Neoteris Inc.s Instant Virtual Extranet, provides an application-level […]