Access FREE Brocade Resources on File Data Management:
Free Resource Guide:
Essentials Guide to Reducing the Costs & Complexity of File Data Management
Improve Enterprise File Management with File Area Networks
Yankee Group Report:
Consolidate Branch-Office Infrastructure Optimizes Information Management & Protection
Overcome Your Data Storage Challenge with Better Storage Policies
Storage News
Security News
Networking News 

Be a Commerce Partner
Cheap Airline Tickets
CRM Software
Corporate Gifts
Send Files Up To 10GB
Server Racks
Cheap Cameras
Auto Insurance Quote
Cheap Plasma TVs
Register Domain Name
Web Design
Desktop Computers
Computer Memory
Phone Systems
Web Hosting
Internet Lists
Internet News
Internet Resources
Linux/Open Source
Personal Technology
Small Business
Windows Technology
xSP Resources
Corporate Info
Tech Jobs
E-mail Offers

Whitepaper: Top Five Instant Messaging Security Risks for 2006
Though widely adopted, IM is generally unprotected and unmonitored in consumer and enterprise environments, leaving it vulnerable to attacks and exploits. These attacks have grown exponentially over the past three years, increasing the need for real-time threat response for IM and peer-to-peer (P2P) applications. >>
Whitepaper: E-Mail Discovery–Worst Case Scenarios Versus Best Practices
Searching through volumes of back-up tapes for requested e-mails is costly and time-consuming, with no guarantee that all the requested records will be recoverable. Veritas Enterprise Vault, now from Symantec, enables organizations to implement automated, policy-based archiving of e-mail and related files to a fully indexed, searchable online archive. >>
Article: Message Retention and Archiving Boost Data Collection, Discovery, and Corporate Governance Initiatives
Internal policies, industry regulations, & the impending risk of litigation involving the discovery of e-mail should have businesses thinking about a messaging retention & archiving solution sooner than later. Learn how one of the largest general contractors in CA solved the problem. >>
Whitepaper: Best Practices for Instant Messaging Archiving & Compliance
Many organizations have adopted IM as a core component of their messaging infrastructure with upwards of 85 percent of all organizations citing IM use. As usage spreads within organizations, the need for the enforcement of corporate policies has increased. >>
Whitepaper: Using Backup and Archiving Technology to Meet Compliance Objectives
Along with an increasing amount of information to store, enterprises are subject to a number of data retention requirements. Backup and archiving solutions can help address these challenges. They will even help you remain flexible for future developments and changes, such as the next generation of regulations and policies that are sure to come along. >>
For more whitepapers, webcasts, articles, and resources on data archiving and storage management, click here.

Related Articles
AntiOnline Spotlight: Physical Security and Your Datacenter
AntiOnline Spotlight: Rootkits Lie in Wait
AntiOnline Spotlight: Network Printers Share Secrets
Security Products
 Campus Manager (Bradford Networks)
 Informant (RippleTech, Inc)
 AppRadar (Application Security, Inc)
 SecurSurf (SecurStar GmbH)
 PrivacyPost (Privacy Networks)
 Install-Block (Bash Software)

Security features

Whitepaper: Improve Enterprise File Management w/ File Area Networks. Discover how a FAN based on Brocade Tapestry File Services provides a flexible, intelligent platform to effectively manage your file data.

AntiOnline Spotlight: What You Don't Know...
October 14, 2005
By Enterprise IT Planet Staff

DeCSS anyone?

For a while, the mere mention of it seemed like an open invitation for men in black, noiseless helicopters to land on your roof, haul you out to the curb and whisk you away in a nondescript van strangely lacking in license plates and windows in the back.

Security researchers (we'll call them whitehats) still feel a chill when discussing newly discovered security threats and exploits in public venues. Ciscogate (the DEFCON/Cisco flap) is another example of how a seemingly well-intentioned act turned into high drama.

The whole episode ultimately required some impassioned lawyering for the central figure, Michael Lynn. To read some of the harrowing details, here is an article by the attorney that represented him, Jennifer Granick, in Wired and an interview she granted Search Security.

Who wants to deal with that?

It's little wonder, then, that so many opt to go underground and stay there. But that begs the question; are we harming the IT community in general by keeping potentially meaningful security talk out of the general public's eye?

Some say that in cases like DeCSS and Ciscogate, the ability for movie studios to combat pirates and banks to be able to trust their routers trump a hacker's curiosity. Let's not forget the impending legal quagmire if your discovery circumvents some very important protections.

Others argue that keeping such information private is an exercise in futility since the ill-intentioned ones (those would be blackhats) already have easy access to the information they require. Plus, the ability to discuss weaknesses in encryption schemes and other exploits openly can lead to stronger, more hack-resistant software and systems down the road.

No matter which side of the fence you sit on, this is one debate worth engaging in. If nothing else, it brings to the surface the ethical undercurrents that are tugging at today's attitudes toward information security.

Which side of the issue are you being pulled into?

Note: Any opinions expressed below are solely those of the individual posters on the AntiOnline forums.

Spotlight Thread:
Self Preservation

A plea for some advice on how not to get "negged" sparks a fierce debate.

Alright, a friend and I both have spare boxes. Were setting up a VPN connection and starting to get into some war games with each other for bragging rites (war games as in exploiting each others machines, bragging, then explaining how it was done). This is all being done internally and we both know the other person is doing this. Now my question to you gurus and other board members is; if I were to ask some security related questions from an offensive perspective would I get negged for it?

MsMittens believes that disclosure ultimately serves the greater good.

Personally, I see nothing wrong with doing wargames and encourage you to do so. I like the suggestion that Aspman has put forward -- it would be interesting to see what you discovered worked and didn't work as well as what things you would do to improve the wargames experience.

I'm a firm believer in full disclosure in that you should understand how an attack feels and how it is done if are to better defend against it (much like an immune system knowing what a germ is like -- our society is too germ-free these days). A lot of it, however, does boil down to some responsibility. Those lovely words, "If you choose to do this for illegal reasons, you're on your own," are ones that you may need to pepper your posts with.

Egaladeist feels that such knowledge may benefit those with less-than-honorable things in mind.

The problem is, as rowdy mentioned, that any information posted on the forums can be used by OTHER people as well; people who may not have the same intentions as yourself.

My advice is to make yourself known then invite people to a conference room where you can discuss this matter in private.

catch feels that when put in the proper context, security questions need not set off alarms.

The only people who neg for asking penetration testing/wargame questions are self-important [contemptible people] who haven't a clue themselves and just wish to play thought police. These same people tend to have little concept of what actual legal considerations exist.

If all you're looking for is packaged exploits for the latest vulnerabilities, you are at the wrong site. If you wish to have a conversation about methods and considerations then you'll find a few people here with worthwhile insight, but until you know who is who, take everything with a grain of salt.

Ask intelligent questions (gotta be smarter than Google) and you shouldn't have too much trouble.

Remember it is only illegal if you outline an illegal activity in your post.

Your turn. When it comes to computer security, do you speak freely or hold your tongue?

Security Features Archives

Join IT Research Panel and Get Paid: Influence the direction of IT research by taking brief online surveys. Join now!
Whitepaper: Building an Intelligent Infrastructure for SAP
WEBCAST: The Role of Security in IT Service Management. Get invaluable insight. Sign up now!
Webcast: Safe Email Practices. Nov.12th, 2pmEDT, 11amPST. Is email extinction near? Separate the hype from reality.
Windows Genuine Software: Counterfeit software puts you at risk. Make sure your software is genuine.

JupiterWeb networks:

Search JupiterWeb:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterWeb

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Web Hosting | Newsletters | Tech Jobs | Shopping | E-mail Offers