Home - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Advisory Watch: March 6th, 2010

Linux Advisory Watch: February 26th, 2010

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Estonian DDoS revenge worm crafter jailed

11 March 2010

Source: The Register UK - Posted by Alex
An Estonian virus writer has been jailed for two and a half years for creating a Windows worm family that launched denial of service attacks on the websites of a local insurance firm and ISP.

Password cracker 100 times faster with an SSD

11 March 2010

Source: H Security - Posted by Alex

The security specialist Objectif Sécurité has optimised its rainbow tables – a common tool used to crack password hashes – to make use of SSDs. The result is, according to Objectif Sécurité's Philippe Oechslin, an acceleration by a factor of 100 when compared to their old 8GB Rainbow Tables for XP hashes. A web form takes the XP-hashes and cracks them for free with the new, ten times larger tables.

Schneier: Fight for privacy or kiss it good-bye

11 March 2010

Source: Network World - Posted by Alex
If the public wants online privacy it had better fight now for laws to protect it because businesses won't and individuals don't have the clout, security expert Bruce Schneier told RSA Conference.

Hackers aren't as sneaky as you think

10 March 2010

Source: InfoWorld - Posted by Alex
Two weeks ago, I essentially claimed that nearly every company I know is hacked -- and in many cases, thoroughly hacked. Although there's a bit of hyperbole in that statement, it isn't that far from reality. That statement, however, has led some readers to believe detecting hackers and preventing attacks is impossible. Nothing could be further from the truth.

What Are the Most Overrated Security Technologies?

10 March 2010

Source: CSO Online - Posted by anthony
The security community has grown to depend on some basic technologies in the fight against cyber thieves, such as antivirus software and firewalls. But are practitioners clinging to tools that outlived their usefulness long ago? Were those tools ever really useful to begin with?

Building a UNIX/Linux Incident response / Forensic Disk

10 March 2010

Source: SANS - Posted by anthony

There are many Linux distributions readily available. This however should not stop you creating your own version of a UNIX forensic tools disc. Whether you are on Solaris, HP-UX or any other variety of UNIX it is simple to create a forensic tools CD that can go between systems. The added benefit of this method is that the tools do not need to be left on the production server. This in itself could be a security risk and the ability to unmount the CD and take it with you increases security.

Multiple Apache Web Server Flaws Patched

09 March 2010

Source: ServerWatch - Posted by Alex
The Apache HTTP Web Server is the most widely deployed Web server on the Internet today, which means that vulnerabilities in the open source server can have a devastating impact. That also makes security updates like the new 2.2.15 release critical, since it addresses several security vulnerabilities in Apache's flagship HTTP Web server.