Red Hat Security Blog: May 2013 archives

  • Outside-in Vulnerability Assessment for Secure Software Development

    Outside-in vulnerability assessment for secure software development is a process for identifying and eliminating some of the most dangerous and potentially exploitable weaknesses in your existing products and projects. Some well-known secure software development methodologies have their security practices grouped into phases, from training to response. However, you may have your main product already within the response phase, whereas its development was not done practicing secure software...
    Posted 2013-05-22T13:00:46+00:00 - 0
  • Battling open resolvers

    A recent blog by ISC discussed Is Your Open DNS Resolver Part of a Criminal Conspiracy? The problem is that open recursive DNS servers can be used by attackers to attack victims as part of distributed denial of service (DDOS) attacks. This type of attack is generally known as a DNS amplification attack. Due to the nature of the DNS protocol, a very small request can be sent as a UDP packet, and since UDP is not a stateful protocol, the sender information can be faked. The open DNS resolver will...
    Posted 2013-05-08T13:00:22+00:00 - 0