The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

Is Mandatory Access Control Too Much Security For Enterprise's Linux?

	Yes, too difficult to configure and manage.
	No. You can never have enough security.
	Yes. Standard Linux security settings work for us.
	No. Industry demands will demand SELinux.
	Don't know.

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

Emily Ratliff: OS Security

DanWalsh LiveJournal

Security Bloggers Network

Latest Newsletters

Linux Advisory Watch: September 5th, 2008

Linux Security Week: September 1st, 2008

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Hacks From Pax: PHP Web Application Security

08 August 2005

User Rating:

How can I rate this item?

Source: Pax Dickinson - Posted by Pax Dickinson

Today on Hacks From Pax we'll be discussing PHP web application security. PHP is a great language for rapidly developing web applications, and is very friendly to beginning programmers, but some of its design can make it difficult to write web apps that are properly secure. We'll discuss some of the main security "gotchas" when developing PHP web applications, from proper user input sanitization to avoiding SQL injection vulnerabilities.

Write Comment

Network Intrusion Prevention Systems â€“ When Theyâ€™re Valuable, and When Theyâ€™re Not

25 July 2005

User Rating:

How can I rate this item?

Source: Daniel Miessler - Posted by Pax Dickinson

Anyone keeping track of the security vendor/technology hype knows that IPS has quickly replaced IDS as the â€œnext big thingâ€?. Depending on who you are, you may chalk this up to yet another infosec fad, or you could be of the opinion that IPS is actually making good on the promises that IDS never lived up to. I think it can be both â€“ depending on your situation.

Write Comment (2 Comments)

Hacks From Pax: Network Server Monitoring With Nmap

18 July 2005

User Rating:

How can I rate this item?

Source: Pax Dickinson - Posted by Pax Dickinson

Hi, and welcome back to another edition of Hacks From Pax. Today we'll discuss hardening Linux servers by scanning for unnecessarily open network ports, and we'll show you how to automate port scanning so you can easily monitor your network for vulnerabilities.

Write Comment (4 Comments)

Pull the Plug Revisited: An Interview Five Years Later

05 July 2005

User Rating:

How can I rate this item?

Source: PullthePlug.org - Posted by Benjamin D. Thomas

Five years after our original interview with Brian Gemberling, founder of PullthePlug.org, we catch up with Daniel Alvarez and the rest of the site's administrative management. Its structured management and focus on the community will ensure many years of continued success. You're asking, what is pull the plug? Read more to find out...

Write Comment

Hacks From Pax: Linux File & Directory Permissions Mistakes

27 June 2005

User Rating:

How can I rate this item?

Source: Pax Dickinson - Posted by Pax Dickinson

Greetings, gentle reader, and welcome to linuxsecurity.com and our new recurring series of articles on security related mistakes and how to avoid them. I'm your host, Pax Dickinson, and today we'll be reviewing basic Linux file and directory permissions and how to avoid some common pitfalls in their use, in this episode of Hacks From Pax.

Write Comment (7 Comments)

More...