This research paper by David Litchfield from Next Generation Security Software (NGSSoftware), examines the differences between the security posture of Microsoft’s SQL Server and Oracle’s RDBMS based upon security vulnerabilities reported by external security researchers and since fixed by the vendor in question.

You can download it from:

http://www.databasesecurity.com/dbsec/comparison.pdf

Search engines such as Google and Yahoo are crucial to regular use of the Internet. They are also indispensable tools for hackers who can perform information gathering without ever visiting the victim site. In this presentation Security Compass founder Nish Bhalla walks through examples of how search engines could be used to aid hackers. The presentation is structured as follows:

• Web Application Review Methodology

Threat Analysis

Architecture Review

Application Review

• Search Engine Basics
• Google Hacking

…and can be downloaded from:

http://www.securitycompass.com/resources/SecurityCompass-Search Attacks.pdf

or

http://www.ddosed.com/uploads/presentations/SecurityCompass-Search Attacks.pdf

Lars Axeland from TeliaSonera – the largest  telecommunications company in Sweden and Finland - made an interesting presentation on how internet service providers (ISPs) can prevent distributed denial of service (DDoS) attacks  and thus protect their network and their customers. He also briefly introduces TeliaSonera’s DDoS protection service.

The presentation can be downloaded from:

http://www.iis.se/Internetdagarna/2006/21-dos-attacker/LarsAxeland.pdf

or

http://www.ddosed.com/uploads/presentations/LarsAxeland.pdf