June 2009
Java Web services: Axis2 WS-Security encryption
Get an introduction to the principles of public key cryptography, then see how WS-Security applies them for signing and encrypting SOAP messages using public-private key pairs in combination with secret keys. Includes example code using Axis2 and Rampart.
May 2009
UNIX network analysis
You can find out a lot about your network by using a variety of different tools. Understanding the layout of your network, and where packets are going, and what people are doing is important. This tutorial examines techniques for monitoring the traffic and content of your UNIX network and how to read and diagnose problems on your network.
Step through Securing your Grails application
Grails provides all the basic building blocks you need to put together a secure Web application. Setting up an authentication infrastructure answers the question, "Who are you?" Get a hands-on lesson in enabling logins, limiting activity based on whether or not the User is logged in, and how to add in some authorization based on the User's role.
April 2009
Kerberos master-slave KDC network security with LDAP
This article provides a step-by-step guide to configure and manage the Kerberos master-slave KDC with an LDAP master-replica setup, along with the adequate examples to make sure that everything runs smoohtly.
Best practices in securing a Web Server
Securing a Web Server and your hosted applications is indeed a daunting task, but it's not an impossible one. As a public resource, a Web Server is like "bloody shark bait" for some. But it doesn't have to be: Learn to guard against the serious threats to your public Web Servers with a heavy dose of prevention.
December 2008
Web developer can't afford to ignore Web 2.0 Spam
Real Web 2.0 means harnessing the power of social groups to improve information systems. This will invariably attract nasty people who look for the crackes to take advantage of you and me. Part 1 of this series shows you how to assess visitor behavior and control workflow to reduce Web 2.0 spam.
September 2008
Seven habits for writing secure PHP applications
When it comes to security, remember that in addition to actual platform and operating system security issues, you need to ensure that you write your application to be secure. These seven habits for writing more secure PHP Web applications will help you avoid becoming an easy victim of malicious attacks. Like many habits, they may seem awkward at first, but they become more natural as time goes on.
August 2008
How to squash seven lesser-known system attacks
Too often, businesses and enterprises focus on the dangers that get the most press and forget that there are plenty of other ways they can be hurt. This article outlines some of the lesser-known attacks that a business can face and points out ways to defend against them.
1
(8 marks)
