Get a unique insight into the way hackers use the latest exploits

All systems engineers and IT managers that have any responsibilty in their companys security systems should keep themselves updated with the latest exploits and techniques used by hackers.

We are listing below the sites that I use and keep an eye on to ensure the systems that are important to my network and customers are not affected.

astalavista.net
Currently down, but coming back soon - Was always great for discussions and info on the latest exploits.

milw0rm.com
A searchable library of exploits in just about anything searchable by OS - check it out to ensure your business systems aren’t affected.

digitalmunition.com
Another site that lists security advisories - see how insecure Apple OSX is here…..

xssed.com
A cross site scripting resource database with lists of vulnerable websites, also has information on defending against XSS attacks.

secumania.org
Basically a security news site that also has lists of the latest exploits and vulnerabilities.

It’s always a good idea to try to get into the heads of the people who are trying to attack corporate networks. Keeping an eye on these sites gives you an insight into the minds and motivations of these people.

Service-Driven Networks for Next Generation Technology

AT&T's Synaptic Hosting is the operator's next-generation utility-computing service with managed networking, security, and storage for business. The new service combines technology acquired from applications service provider USinternetworking with five "super IDCs," or internet data centers (IDCs), across the U.S., Europe, and Asia. Customers receive managed servers, LAN, security, storage, designated account support, and enterprise-class service level agreements.

One the of first announced customers for the AT&T Synaptic Hosting Service is the U.S. Olympic Committee (USOC), which has powered the teamusa.org Website with AT&T Synaptic Hosting. Given the buildup of Website activity leading up to and during the Beijing Olympic games and the subsequent fall-off in activity in the months following the games' conclusion, the flexibility enabled by the utility computing model was ideal for the USOC.

Network operators around the world face tremendous challenges and opportunities as they transform themselves from traditional telcos of the 20th century to the next-generation communications providers of the 21st century. As network services and network traffic migrate from TDM, voice-to-packets, and IP, network operators have no choice but to transform themselves or decline and, ultimately, fail in this new and highly competitive environment. As network operators, the network must play a primary role in this telecom industry transition. Clearly, this explains the unveiling of various network operator NGN initiatives around the world over the past couple of years. At the network level, key requirements for operators to realize this

vision of the future include:
• End-to-end connection and resource management
• Ubiquitous connectivity between networks
• IP-aware transport
• Increased service awareness in access and metro
• Service-aware data, control, and management planes
• High availability
• Network flexibility
• On-demand connection abilities

Despite much talk about NGNs, the industry is still in the early stages of this transformation. We will see a great deal of change over the next decade and beyond. The winning network operators will be those able to successfully embrace today's data/IP growth applications, adapt quickly to deliver the as-yet unknown applications that will drive revenue growth in the future, and build the bridge between legacy TDM and packets, as long as TDM continues to exist in the network.

WPA Security Encryption can be Penetrated

Encryption WPA (Wi-Fi Protected Access) should be tough right? However, Japanese scientists had only takes 60 seconds to penetrate the WPA encryption used in wireless router. Note this time brought down the previous record for 15 minutes. Toshihiro Ohigashi from Hiroshima University and Masakatu Morii of Kobe University will reveal how they do over at a conference in Hiroshima 25 September next. This inroad is not given full control of Wi-Fi connection, but allows the reading and spoofing packets.

But the ease of penetrate WPA encryption TKIP (Temporal Key Integrity Protocol) to make that anyone who cares about security should start thinking to move to WPA2 with AES encryption (Advanced Encryption Standard) which is more secure. The attack was carried out on a PC and Wi-Fi Access Point that were located far enough away so that the two devices see each other indirectly. Computer attacks carried out between them by acting as a relay using the correct checksum to trick the network. The good news, until now WPA2 with AES encryption newer remain safe from attacks by hackers.

Welcome to the blog of ICT Consortium

Here the place to discuss about new technologies, standards, technical issues of ICT