Niederländische Spione ausspioniert
Dezember 03, 2002. Die Überwachungsausrüstung des niederländischen Geheimdienstes und rund die Hälfte der Ausrüstung der dortigen Polizei ist unsicher. Informationen über abgehörte Telefonate oder Internetverbindungen können über Hintertüren nach außen dringen, nämlich nach Israel, berichtet die niederländische c't und beruft sich dabei auf informierte Kreise im niederländischen Geheimdienst.
(...) [Quelle: heise online]
Bastille's Beale: How to avoid security problems, Linux vs. Windows security
November 04, 2002. If it's not the Slapper worm, it's the Mighty worm -- if you're watching the technology press recently, you might think Linux is plagued with security problems lately. And then there's the never-ending Linux vs. Microsoft security debate, revived by Newsfactor a couple of weeks ago.
We went to Jay Beale with our questions about the current state of Linux security. He's a security consultant specializing in host lockdown, network security and security audits. Jay also serves as lead developer of the Bastille project, which creates a hardening script for Linux and HP-UX, is a member of the Honeynet Project, and is a core participant in the Center for Internet Security.
(...) [Quelle: By Grant Gross, NewsForge]
"We are the worst security risk" - sys admins confess
October 28, 2002. More than half of all senior IT managers (58 per cent) think that their own IT departments offer the largest threat to IT security.
(...) [Quelle: By John Leyden, The Register]
The Twenty Most Critical Internet Security Vulnerabilities (Updated) - The Experts' Consensus
October 17, 2002. The majority of the successful attacks on operating systems come from only a few software vulnerabilities. This can be attributed to the fact that attackers are opportunistic, take the easiest and most convenient route, and exploit the best-known flaws with the most effective and widely available attack tools. They count on organizations not fixing the problems, and they often attack indiscriminately, scanning the Internet for any vulnerable systems.
(...) [Quelle: SANS Institute / FBI]
IT-Sicherheit in der Bank: Realisierung der Anforderungen gem. § 25 a KWG an die Datenverarbeitung
August 2001. Aus dem Einsatz neuer Technologien im EDV-Bereich, insbesondere durch den zunehmenden Einsatz von Personalcomputern (PC) und PC-Netzwerken, ergaben sich für die Banken neue Aufgaben und Risiken. Die unmittelbare Verantwortung für den sicheren Einsatz der EDV, für den früher in erster Linie sogenannte Servicerechenzentren zuständig waren, wurde zunehmend auch in die Primärbanken verlagert.
(...) [Quelle: FORUM für Informationstechnologie GmbH]
I Can See you Behind Layer 2...
September 14, 2000. The majority of the successful attacks on operating systems come from only a few software vulnerabilities. This can be attributed to the fact that attackers are opportunistic, take the easiest and most convenient route, and exploit the best-known flaws with the most effective and widely available attack tools. They count on organizations not fixing the problems, and they often attack indiscriminately, scanning the Internet for any vulnerable systems.
(...) [Quelle: SANS Institute]
