| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Configuring Apache 2 Server with SSL Support This HOWTO is a step-by-step guide for configuring Apache web server with SSL support. It will cover installing, configuring and troubleshooting Apache 2.0 web server with SSL support. It will also explain how to create a local Certification Authority (CA) and to create a SSL certificate with open-source OpenSSL library to use with the web server.
Emre Celebi,
06/08/2005
|
|
SSL and TLS: A Beginners Guide This practical serves to explain the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, how they can be applied to a web application, and the requirements necessary to create a secure link between a server and a client machine. In addition, a development history of the protocols will be given, and a brief discussion of the impact that secure communications protocols have had on the electronic commerce arena. This paper particularly serves as a resource to those who are new to the information assurance field, and provides an insight to two common protocols used in Internet security. Though SSL and TLS are not the only secure protocols currently in use, they are very common for sites dealing with transactions that could involve sensitive data (ie: passwords, personal and financial information, etc.).
By Holly McKinley, 04/18/2004
|
|
Using SSL with Client Access Express for AS/400 The AS/400 Operating System, OS/400, supports Secure Socket Layer (SSL) since its release of V4R1. It is not until V4R4 and the release of Client Access Express that communication between Client Access for Windows and the AS/400 is secure. Companies that have the Client Access as their communication application with the AS/400, now have the important task of securing these links. As well as those who are planning to use Client Access for this purpose. This paper is meant to help those who are in need of securing a Client Access connection with their AS/400. We will achieve this security with the use of SSL on the link. SSL support on the AS/400 can be used with different applications and in different forms, but this paper will refer only to Client Access for Windows.
By Unknown, 04/04/2004
|
|
Stunnel: SSLing Internet Services Easily This paper provides a method to securely use existing clear-text protocols under SSL without any need to modify the existing software or source code. There are reasons for using Stunnel to add security on a protocol instead of adding SSL capability into a program. One of the major reasons for using Stunnel is that source code may not be available for the program especially if it is a commercial application and the vendor decides not to add SSL to the program or the vendor goes out of business. In extreme cases, the complete source code to the program may not be available. Another reason is that it takes time to add SSL capability to in-house programs. Stunnel could be useful as a "stopgap" measure while SSL is being implemented and tested in the program.
By Wesley Wong, 04/04/2004
|
|
Establishing and Verifying the Stunnel SSL Encryption of Pine IMAP Email Sessions This paper documents one method for establishing and verifying the operation of SSL encryption using Stunnel for Pine IMAP email sessions. Several technologies are introduced, and briefly explained, including IMAP and SSL. Detailed information is given regarding the establishment of SSL functionality using Stunnel. After completing the installation, verification is performed using TCPDUMP to show that encryption is operating.
By Christopher Ursich, 04/03/2004
|
|
SSL Web Proxy - A Secure and Inexpensive Remote Access Implementation Within this paper, I will outline a system that I developed using the proven technology of SSL (Secure Socket Layer), and the combination of stable, secure Open Source software with some custom programming. The objective of this system is to allow external clients without any configuration changes to securely access our internal web applications via the Internet. For my implementation, I was given a set of criteria which are outlined in the following section. With the criteria declared, my objectives set and a vast sea of information via the Internet and the Open Source community before me, I was eager and confident that this journey would be successful. I have included all the paths that my research took me, because each path resulted in a great system. However for one reason or another, the system did not meet all of the criteria. But after many hours of research and development, a system was created that met the criteria and satisfied our needs.
By David E. Culp, 03/28/2004
|
|
SSL - Rumours and Reality: A practical perspective on the value of SSL for protecting web servers Obviously it's important to know who you are connected to before you start exchanging confidential information. SSL addresses this requirement very nicely by means of digital certificates, which I will explain shortly. Secondly, it changes data into an unreadable format while it traverses an untrusted network like the Internet. You may know of this as encryption. This article will discuss the ways in which SSL provides safe, secure Internet transactions, including: how SSL works, why it is an effective weapon against hackers and how it can sometimes help hackers.
By Charl Van Der Walt , 03/22/2004
|
|
Email security - SSL 3.1 / TLS 1.0 deployment Good infrastructure security relies on a layered approach, much like an onion. A good security policy must assume eventual failure of one or more security devices or policies, and therefore will create multiple security compartments. The final layer of security must be designed to protect specific assets, separate of any other layers, and limit the overall damage any one intrusion may cause. In this paper I will address several security policies that concern the secure transmission of email between client(s) and server(s) and transmission between one or more servers. Separate email security issues such as non-repudiation, digital signatures, encryption, intrusion detection, host-firewalls, server security and client security have been successfully addressed in depth by other publications.
By Ian Briggs, 03/10/2004
|
|
Installing and Securing the Apache Webserver with SSL The purpose of this paper is to describe, in detail, how to install and configure the Apache Web Server with SSL (Secure Socket Layer) support. Today more than ever, sensitive data can no longer be trusted to be sent across the Internet in plain text.
By Dale Coddington , 02/18/2004
|
|
An Introduction to OpenSSL, Part 4: The SSL and TLS Protocols This article completes the four-part series on OpenSSL, a library, written in the C programming language, that provides routines for cryptographic primitives utilized in implementing the Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols.
By Holt Sorenson, 02/18/2004
|
|
Page: 1 2 |
