Archive for December, 2011

A Textbook Buffer Overflow: A Look at the FreeBSD telnetd Code

11 years
by in Security Development

Wow, I feel real sorry for the FreeBSD guys having to announce a remotely exploitable vulnerability in their Telnet Daemon on Christmas Eve! Let’s just hope that nobody uses Telnet anymore. (more…)

VPNs: Setting up your own IPSEC VPN

11 years
by in Security

This is the second part of a two part article about setting up your own VPN services. In the first article I talked about how to set up an SSL-based VPN server. While SSL-based VPNs are very useful and require no inherit support from the OS, they’re only as good as the supported clients. If there isn’t a client for your device, you’re out of luck. (more…)

Book Review: The CERT Oracle Secure Coding Standard for Java

11 years
by in Reviews

About the Book

The CERT Oracle Secure Coding Standard for Java is a huge compilation of best practices for coding bug-free and secure Java applications. The book is broken up into chapters which focus on a specific area of programming or design. Each chapter is then further broken up into individual sections that represent best practices. Each best practice is given a unique identifier along with an example or examples of non-compliant and compliant code. The book weighs in at around 700 pages and can be read front to back or used as a reference for any particular topic. (more…)

Go to Top