Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Book Review: Software Security - Building Security In  17 April 2006 
Source: Dana Epp - Posted by Benjamin D. Thomas   
I'm jealous. No seriously. If Cigital is actually ran as depicted in the book Software Security - Building Security In, I have to give kudos to Gary and the gang for making an impressive environment for software security. I'm a fan of Gary's writing. If you are a regular reader, you know I loved both his books on Building Secure Software and Exploiting Software. This latest book is, in my mind at least, a balancing act between the two previous books on the topic. Gary calls it the "Ying and Yang". Which makes total sense, since the book cover is of exactly that, a white hat and a black hat (taken from the other two books), positioned in the chinese ying/yang symbol.

How To Break Web Software  03 April 2006 
Source: EthicalHacker - Posted by Benjamin D. Thomas   
It's as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you're vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there's a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software. Companion CD contains full source code for one testing tool you can modify and extend, free Web security testing tools, and complete code from a flawed Web site designed to give you hands-on practice in identifying security holes. This chapter contains a series of attacks dealing with the concept of state, or the ability to remember information as a user travels from page to page within a site.

Defeating the Hacker  31 March 2006 
Source: - Posted by Benjamin D. Thomas   
Way back in the early 1980s, Robert Schifreen shot to notoriety as one of the hackers who broke into Prince Philip's mailbox on the Prestel service. It was this case that, after the Law Lords ruled that the forgery laws did not cover typing a user name and password into a computer screen, instigated the drafting and passage of the Computer Misuse Act in 1984. Schifreen has spent the intervening years being a respectable computer journalist, and his specialty -- as you might expect -- is security. Defeating the Hacker: A Non-Technical Guide to IT Security is the result of years of writing, research and speaking at conferences on security topics.
IPCop-OpenVPN HOWTO  30 March 2006 
Source: Thinkhole - Posted by Eric Lubow   
I’m a huge fan of IPCop. It’s a great firewall distro that makes administration a snap using a slick web interface. My goal was to use IPCop and an easy-to-use VPN client to allow access to my LAN while away from home. I ended up going with the ZERINA OpenVPN addon for IPCop and the OpenVPN GUI for Windows. If you’ve ever wanted full, secure, encrypted access to your LAN from any remote location, here is your guide.

Linux Dictionary  19 March 2006 
Source: SWP - Posted by Eric Lubow   
(SWP) Sun Wah-PearL Linux Training and Development Centre has an ambitious aim to promote the use of Linux and related Open Source Software (OSS) and Standards. The vendor independent positioning of SWP has been very well perceived by the market. Throughout the last couple of years, SWP becomes the top leading OSS training and service provider in Hong Kong. And in fact we are leading the market direction in some ways.

Essential PHP Security  14 February 2006 
Source: - Posted by Benjamin D. Thomas   
Given the remarkable popularity of PHP for developing dynamic Web sites, as well as the ever-increasing need for security on those same sites, one would think that there would be great demand for — and comparable supply of — books that explain how to create secure sites using PHP. However, such is not the case, and even the most extensive general purpose PHP books may only devote a single chapter to this critical topic, if that much. Essential PHP Security, written by PHP expert Chris Shiflett, aims to fill the gap.

The Art of Intrusion  27 January 2006 
Source: - Posted by Benjamin D. Thomas   
Book review I'm not that keen on the word “hacker? in the modern, pejorative sense (I remember when it meant a good UNIX programmer) and I'm generally not that that impressed by hackers either - mostly they're not particularly clever and just got lucky. So, I came to this book in a not very positive frame of mind; except I do think that the famous Kevin Mitnick was unfairly demonised, and I'm not sure how much actual damage he did in the end. Although unauthorised intrusion into production systems is always bad, what chance is there they were tested for resilience during the sorts of things intruders do, for example.

Pre-Review: Penetration Tester's Open Source Toolkit  23 December 2005 
Source: TaoSecurity - Posted by Benjamin D. Thomas   
Today I received a copy of the new Syngress book Penetration Tester's Open Source Toolkit by Johnny Long, Chris Hurley, SensePost, Mark Wolfgang, Mike Petruzzi, et al. This book appears unnecessarily massive; it's probably 1/2 thicker than my first book, but at 704 pages it's nearly 100 pages shorter than Tao. I think Syngress used thicker, "softer" paper, if that makes sense to anyone.

O3 Magazine  24 November 2005 
Source: O3 - Posted by Benjamin D. Thomas   
O3 magazine is a free magazine distributed electronically in PDF format. O3 is published on a monthly basis. The focus of O3 is on the use of Free and Open Source (FOSS) software in Enterprise Data Networking environments. Some articles in O3 will introduce open source solutions, while some are designed to demonstrate how to integrate open source solutions with leading Enterprise Data Networking hardware from a wide variety of vendors.

(IN)SECURE Magazine Issue 4 is Available  28 October 2005 
Source: Insecure Magazine - Posted by Benjamin D. Thomas   
The fourth issue of (IN)SECURE, a free digital security magazine published in PDF format, has been released.

Welcome to yet another issue of (IN)SECURE. The book contest we held in the previous issue was a great success and here are the winners: Dominic White, Dr. Gary Hinson, Ronaldo Vasconcellos, Joey Ortiz, Adrian St. Onge and Frantisek Holop. To all of you that sent us insightful comments we thank you, (IN)SECURE will grow to be better because of it. Expect more contests in the future and keep that feedback running, there’s always place for us to improve. If you’re interested in writing for (IN)SECURE feel free to contact us, we take a look at all submissions and ideas.

<< Start < Prev 4 5 6 Next > End >>

Results 51 - 60 of 444


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.