OCTOBER 2002

Inhospitable Hosts
INTRUSION PREVENTION   Attackers may try the door, but intrusion prevention tools won't let them in.
By Mike Bobbitt


Guide to Intrusion Prevention
SIDEBAR   Diverse security technologies deliver the same message: "Keep Out!"
By Pete Lindstrom


Paying for Protection
CASE STUDY   Customers see immediate results, buy time to patch at their leisure.
By Anne Saita


FEATURES

6 Myths About Security Policies
SECURITY POLICIES   Leave your preconceptions behind and write policies that work in the real world.
By Al Berg

Policy Tools
SIDEBAR   
By Andrew Briney

Web Services--Not So Fast
WEB SERVICES   A new era for e-commerce is poised on the fast track, but security raises caution flags.
By Anish Bhimani

WS Alphabet Soup

Web Services Networks



COLUMNS

Toothless Security
NOTE   Many question the value of the White House's National Strategy to Secure Cyberspace because it lacks compliance requirements.
By Andrew Briney

Philippines Now "Safe" From Hackers
ON THE LIGHTER SIDE    A monthly look at the foibles, follies and felons of infosec.
By Lawrence M. Walsh

Low-Rent IDSes
COOL TOOLS     Intrusion detection needn't be an extensive-or expensive-operation. Your PC firewall gets you started.
By Marcus Ranum

Practical IR
JUST THE BASICS   Sooner or later, you'll have a security event. If you fail to plan, you plan to fail.
By Fred Avolio

Evolutionary OS Insecurity
LOGOFF     As the number of Unix-based platforms contract, the number of *nix-oriented attacks will rise.
By Hal Pomeranz



DEPARTMENTS
VIEWPOINT
Readers sound off on budgets, host-based security, policies and CISSP certification.

News & Analysis
Building the Perfect Box
National Strategy for Patching
Slapper: Trend or Exception?
P2P or Not P2P
Training the Next Generation
Spammer Targets (ISC)2
Beyond Common Criteria
Funding
M&A's
On the Move
@work
PROFILE: Phyllis Schneck
By the Numbers
Infosec History


Products
TEST CENTER
Network Security Manager  Intellitactics provides x-ray vision for graphical security event analysis.
By Scott Sidel

HOT PICK
Computer Associates' eTrust 20/20

SOLUTIONS
Profiles of Funk Software's Odyssey Wireless LAN Security Software, ArcSight's ArcSight v1.1, Wavelink's Mobile Manager 5.3 & Wavelink Avalanche 3.0.

SECURE READS
Gerald L. Kovacich's Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program.

Happenings
CALENDAR OF EVENTS
Security events on tap.