Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Writing Syslog Messages To MySQL  06 September 2006 
Source: Security Docs - Posted by Eric Lubow   
In this paper, I describe how to write syslog messages to a MySQL database. Having syslog messages in a database is often handy, especially when you intend to set up a front-end for viewing them. This paper describes an approach with rsyslogd, an alternative enhanced syslog daemon natively supporting MySQL. I describe the components needed to be installed and how to configure them.

(IN)SECURE Magazine issue 8 has been released  04 September 2006 
Source: - Posted by Benjamin D. Thomas   
Hello everyone, welcome to issue 8 of (IN)SECURE. We’re happy to report that our subscriber list is growing strong. This, combined with the e-mails and quality article submissions, is a clear indication that the security community has embraced this concept and found it to be a valuable resource.

This issue is packed full with material for every knowledge level and will especially be of interest to those that want to know more about the inner workings of the Payment Card Industry since we got two articles related to the topic.

Security Engineering - The Book  01 September 2006 
Source: Ross Anderson - Posted by Eric Lubow   
In this section of the book, I cover the basics of security engineering technology. The first chapter sets out to define the subject matter by giving an overview of the secure distributed systems found in four environments: a bank, an air force base, a hospital, and the home. The second chapter is on security protocols, which lie at the heart of the subject: they specify how the players in a system—whether people, computers, or other electronic devices—communicate with each other. The third, on passwords and similar mechanisms, looks in more detail at a particularly simple kind of security protocol that is widely used to authenticate people to computers, and provides the foundation on which many secure systems are built.

Security Engineering (The Book)  01 September 2006 
Source: Ross Anderson - Posted by Benjamin D. Thomas   
My goal in making the book freely available is twofold. First, I want to reach the widest possible audience, especially among poor students. Second, I am a pragmatic libertarian on free culture and free software issues; I think that many publishers (especially of music and software) are too defensive of copyright. I don't expect to lose money by making this book available for free: more people will read it, and those of you who find it useful will hopefully buy a copy. After all, a proper book is half the size and weight of 300-odd sheets of laser-printed paper in a ring binder. (My colleague David MacKay found that putting his book on coding theory online actually helped its sales. Book publishers are getting the message faster than the music or software folks.)

10 Steps To Fortify The Security Of Your MySQL Installation  18 August 2006 
Source: HNS - Posted by LogError   
For those who wish to enhance or fortify the security of the MySQL installation that following technical 10 steps are a good start.
The Mosquito Secure Remote Execution Framework  15 August 2006 
Posted by Benjamin D. Thomas   
MOSREF is a exploitation architecture utilizing the power of the MOSVM virtual machine and Mosquito Lisp to make penetration testing, exploit development, and general systems security tasks more efficient.

While MOSREF has been developed primarily as a platform for exploitation and penetration-testing, MOSREF and the underlying MOSVM virtual machine technology can be used for a variety of security-related and non-security-related tasks. Moreover, the platform is licensed under the GNU LGPL, and is redistributable and modifiable under the terms of that license. <>P

Continuous data protection: Increasing backup frequency  20 July 2006 
Source: - Posted by Efren J. Belizario   
Backup and recovery operations are the focus of business continuity and data protection plans and often the main source of anxiety for IT departments. Few businesses are fully satisfied with their backup and recovery solutions. Not only must data be protected from complete site failures, such as those resulting from natural disasters, data must also be protected from corruption or data loss, such as that resulting from a computer virus or human error.

Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints  05 July 2006 
Source: IETF - Posted by Eric Lubow   
This document describes a method of verifying Secure Shell (SSH) host keys using Domain Name System Security (DNSSEC). The document defines a new DNS resource record that contains a standard SSH key fingerprint.

PHP Security By Example  30 June 2006 
Source: Brain Bulb - Posted by Eric Lubow   
Nice flash presentation that will provide you with a good foundation on how to make your PHP apps more secure.

Innocent Code: A Security Wake-up Call for Web Programmers  26 June 2006 
Source: - Posted by Benjamin D. Thomas   
Finally, an entertaining programmer's book on security! Innocent Code will show you how common programming errors make a web site open to attacks, even with both firewalls and encryption in place. You, the programmer, play a major role when it comes to the security of a web site. With lots of real-life examples, this book will show you why.

<< Start < Prev 4 5 6 Next > End >>

Results 31 - 40 of 444


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.