IT Answers » Secure Coding

What Next?

gailayres — Thu, 18 Apr 2013 17:18:23 +0000

New Answer by Michael Tidmarsh

Template for creating source code security

Arisaquino — Wed, 13 Oct 2010 17:00:50 +0000

Anyone who has a template in creating a source code security policy? Thanks!

managing authorization list

Getitright — Thu, 20 Nov 2008 17:01:54 +0000

a long time ago, I retrieved a CL from this site to manage authorization list. It displayed all the list to an output file and the CL uses the input file to properly balance the users and objects authority. Does anyone have something similar?

Unknown Threats

Czarleo — Sat, 28 Jul 2007 14:24:28 +0000

Apart from honeypots, what are the different methods to find unknown threats which are prevalent? and how to find methods to mitigate them.

PS: all the vulnerabilities are known to all the n/w administrators and then can take measures to mitigate attacks but this doesnt happen..Hackers are at least 10 steps ahead..So how to find methods to find such unknown threats??

Selecting an area within security to start

Secmax — Sun, 24 Jun 2007 16:06:15 +0000

Hi,
I’m studying for an MSc in Information Security from Royal Holloway University of London, I have a B.Engg. degree in computers and a PG Diploma in Networking and Communication as well as the CCSA and CCNA. I’m also studying for the CISSP.

Now, with all these qualifications, could you please tell me which would be the best position for me to apply for in order to get a start, and if I try that position what would my options be when I gain some experience.

Thank you!!

Looking for Antivirus for Win Storage 2003 x64 server

Oksana — Fri, 08 Jun 2007 18:33:16 +0000

Hi,
We are looking for an antivirus software that proven to work well with windows storage 2003 x64 server.
Our current product works just fine on all other 2003 servers, but it brings down this one from time to time.

Thanks,
Oksana

Procedures for a new area.

Millan — Wed, 23 May 2007 22:13:31 +0000

We are a company where we have expirience on network remote administration and now we have open a new area, The area of security. Now I need to start to make new procedures like when a new customer come to us and ask if we can handle the security for his network… I need to know if some one can recommend some standard like ISO, COBIT or something like this in order to make new procedures, questionnaires and all those things.

Thanks a Lot!

computer protection with revert

Dimchik — Thu, 17 May 2007 10:19:38 +0000

I am looking for a solution wich will allow me to revert computers setting back to original each time computer reboots. Basically on reboot computer will earse all files and configurations made in previous session.

Assessing Security Appliances

LeSure — Fri, 23 Feb 2007 16:36:21 +0000

We have several appliances performing specialized tasks in our environment. I’ve been asked to perform an audit of these appliances. Since most of these appliances run a version of Linux/Unix I’ve decided to audit in a two phase process. First looking at the OS/Kernel and then the application.

My question is there an auditing framework for these appliances that ensure that critical areas are not overlooked because of a lack of experience?

Email Delivery Errors

Maryam82 — Sat, 27 Jan 2007 04:47:16 +0000

Hello All,

Someone is having problems sending emails to us which did not exist before. Our email server (Unix based) did not list his domain as spam according to our email technician. Also for troubleshooting purposes i’ve asked him to send to my hotmail account which resulted in the same manor not receiving. After several attempts i received an email both on my hotmail and company accounts, emails sent before were test emails, no attachements. We have no limitation on attachments sent or received. Each company belongs to a different ISP. What could be the problem? What approach should i take to troubleshoot this problem. The following are the error messages he received
—************To Hotmail Account****************—
The attached message had PERMANENT fatal delivery errors!

After one or more unsuccessful delivery attempts the attached message has been removed from the mail queue on this server. The number and frequency of delivery attempts are determined by local configuration parameters.

YOUR MESSAGE WAS NOT DELIVERED TO ONE OR MORE RECIPIENTS!

Failed address: myemail@hotmail.com

: Message contains [1] file attachments
—*******************************************—
—************To Company Account*************—
The attached message had transient non-fatal delivery errors

THIS IS A WARNING MESSAGE ONLY – YOU DO NOT NEED TO RESEND YOUR MESSAGE!

This server is configured to automatically retry delivery at configured intervals. Subsequent attempts to deliver this message are pending.

Failed address: myemail@companydomain

— Session Transcript —
Wed 2007-01-24 11:06:15: Parsing Message
Wed 2007-01-24 11:06:15: From: hisemail@companyemail Wed 2007-01-24 11:06:15:
To: myemail@companydomain Wed 2007-01-24 11:06:15: Subject: FW: :
Egyption Law Wed 2007-01-24 11:06:15: Message-ID:
<002101c73f84$a234f100$3af0e2c3@IMADIDS>
Wed 2007-01-24 11:06:15: MX-record resolution of [companyEmailServer] in progress (DNS Server: 195.226.240.60)…
Wed 2007-01-24 11:06:19: Name server has no records of the requested type for that domain Wed 2007-01-24 11:06:19: Attempting SMTP connection to [companyEmailServer : 25] Wed 2007-01-24 11:06:19: A-record resolution of [companyEmailServer] in progress (DNS Server: 195.226.240.60)…
Wed 2007-01-24 11:06:19: D=companyEmailServer TTL=(106) A=[companyEmailServer] Wed 2007-01-24 11:06:19: Attempting SMTP connection to [companyEmailServer : 25] Wed 2007-01-24 11:06:19: Waiting for socket connection…
Wed 2007-01-24 11:06:19: Socket connection established (195.226.240.60 :
1112 -> companyEmailServer : 25) Wed 2007-01-24 11:06:19: Waiting for protocol initiation…
Wed 2007-01-24 11:06:49: 30 second wait for protocol timeout exceeded.
Wed 2007-01-24 11:06:49: This message is 71 minutes old; it has 0 minutes left in this queue Wed 2007-01-24 11:06:49: Primary queue lifetime exceeded; message placed in retry queue
— End Transcript —
: Message contains [1] file attachments
—*******************************************—

Thank You