THE ZOOM QUILT
a collaborative art project.

Schneier on Security: The Legacy of DES
The Data Encryption Standard, or DES, was a mid-'70s brainchild of the National Bureau of Standards: the first modern, public, freely available encryption algorithm. For over two decades, DES was the workhorse of commercial cryptography.

O'Reilly Network: Google Your Desktop
Google your desktop and the rest of your file system, mailbox, and instant messenger conversations--even your browser cache.

SecurityFocus HOME Infocus: Detecting Worms and Abnormal Activities with NetFlow, Part 1 and Part 2
Enterprise networks are facing ever-increasing security threats from worms, port scans, DDoS, and network misuse, and thus effective monitoring approaches to quickly detect these activities are greatly needed. Firewall and intrusion detection systems (IDS) are the most common ways to detect these activities, but additional technology such as NetFlow can be a valuable enhancement.

ACM Queue - Not Your Father's PBX?
Integrating VoIP into the enterprise could mean the end of telecom business-as-usual.

SecurityFocus HOME Infocus: Defeating Honeypots : Network issues, Part 1
To delude attackers and improve security within large computer networks, security researchers and engineers deploy honeypots. As this growing activity becomes a new trend in the whitehat community, the blackhats study how to defeat these same security tools. Though not everyone agrees on the power of honeypots, they are effective and are being deployed as tools -- and blackhats are already working to find ways to exploit and avoid them. The cyber battle continues.

Fighting Spam Proxies in a University Environment
Spam is a huge annoyance for everyone. Fighting spam is difficult enough, but when spammers team up with hackers to produce ultra-sneaky Trojan horses that turn end-user computers into one stop proxies that allow spammers and hackers to hide their digital tracks, they’ve gone too far. This case study documents steps that one University has taken to shut down these proxies before they are used for serious evil.

OpenVPN and the SSL VPN Revolution
True SSL VPNs are beginning to appear in the market. One of the best, and definitely the least expensive, is the open source SSL VPN, OpenVPN.
IPSec VPNs are either too expensive or too difficult to use securely. IPSec is dense and contains too many options to be configured and administered securely by non-expert personnel. It also operates in kernel space providing the opportunity for catastrophic failure. OpenVPN rejects the complexity of IPSec by using the battle tested SSL/TLS protocol and cryptographic libraries to provide equal or better function in a simpler package. OpenVPN also operates in user-space increasing security and stability.
Many of the products that claim to be SSL VPNs are actually just SSL gateways operating under the guise of a true VPN. Many of these products open the unsuspecting user to serious security issues. OpenVPN is the first real SSL VPN to provide the same function and security as its IPSec predecessors.