PUBLIC MARKS from solrac with tag security

The IBM AIX operating system provides a highly scalable IT infrastructure for client workloads. Learn about the latest version, AIX 7.1, an open standards-based UNIX operating system, that includes significant new capabilities for virtualization, security features, availability features, and manageability.

Database security is the single biggest concern with today's Web-based applications. Without control, you risk exposing sensitive information about your company or, worse yet, your valuable customers. In this article, learn about security measures you can take to protect your PostgreSQL database. Be sure to download the sample code listings used in this article.

Get an introduction to the principles of public key cryptography, then see how WS-Security applies them for signing and encrypting SOAP messages using public-private key pairs in combination with secret keys. Includes example code using Axis2 and Rampart.

Look in detail at how the HybridCloud application authenticates itself to cloud services, how Google Apps uses OAuth and how Force.com cloud services require built-in testing to avoid inadvertent Denial-of-Service (DoS) attacks.

Some of the more nefarious Steganography tactics include hiding information for illegal reasons. In fact, organizations such as Al-Qaeda and others are known to use this process to hide information in harmless images hosted on Web sites. Learn whats at stake and how to detect and thwart Steganography techniques and blunt its effectiveness.

You can find out a lot about your network by using a variety of different tools. Understanding the layout of your network, and where packets are going, and what people are doing is important. This tutorial examines techniques for monitoring the traffic and content of your UNIX network and how to read and diagnose problems on your network.

Grails provides all the basic building blocks you need to put together a secure Web application. Setting up an authentication infrastructure answers the question, "Who are you?" Get a hands-on lesson in enabling logins, limiting activity based on whether or not the User is logged in, and how to add in some authorization based on the User's role.

This article provides a step-by-step guide to configure and manage the Kerberos master-slave KDC with an LDAP master-replica setup, along with the adequate examples to make sure that everything runs smoohtly.

Securing a Web Server and your hosted applications is indeed a daunting task, but it's not an impossible one. As a public resource, a Web Server is like "bloody shark bait" for some. But it doesn't have to be: Learn to guard against the serious threats to your public Web Servers with a heavy dose of prevention.

AIX V6.1 has introduced a secure flavor of FTP (and ftpd) based on OpenSSL, using Transport Layer Security (TLS) to encrypt both the command and the data channels of file transfer. This article coveres the various aspects of the secure FTP setup, which includes the complete FTP service configuration on the server side, as well as the client side.

UNIX's method of handling file systems and volumes provides you with an opportunity to improve your systems' security and performance. This article addresses the issue of why you should split up your disk data into multiple volumes for optimized performance and security.

A common response when someone first hears about containers is "How do I create a secure container?" This article answers that question by showing you how to use Linux Security Modules (LSM) to improve the security of containers. In particular, it shows you how to specify a security goal and meet it with both the Smack and SELinux security modules.

Never underestimate or lose respect for those looking to do you harm: You do so at your own peril. Today, more and more applications are being hosted on the Internet. As organizations have moved their applications to this environment, the threats have increased 100-fold. To avoid becoming a victim, understand what you face, how attacks are carried out, and how you can employ proper defensive measures. A little research and understanding can go a long way.

Real Web 2.0 means harnessing the power of social groups to improve information systems. This will invariably attract nasty people who look for the crackes to take advantage of you and me. Part 1 of this series shows you how to assess visitor behavior and control workflow to reduce Web 2.0 spam.

When it comes to security, remember that in addition to actual platform and operating system security issues, you need to ensure that you write your application to be secure. These seven habits for writing more secure PHP Web applications will help you avoid becoming an easy victim of malicious attacks. Like many habits, they may seem awkward at first, but they become more natural as time goes on.

Too often, businesses and enterprises focus on the dangers that get the most press and forget that there are plenty of other ways they can be hurt. This article outlines some of the lesser-known attacks that a business can face and points out ways to defend against them.