|
Source: Howtoforge - Posted by Bill Keys
|
mod_spamhaus is an Apache module that uses DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.
What to do when you find your site to be spam by attackers using your web forms? This article looks at one way of helping this problem which the Apache module called mod_spamhaus.
Write Comment |
|
|
Source: The Register - Posted by John P. Forman
|
The art of burying invisible malware deep inside a Linux machine is about to go mainstream, thanks to a new open-source rootkit released Thursday by Immunity Inc., a firm that supplies tools for penetration testers. When implemented, Immunity's DR, or Debug Register, makes backdoors and other types of malware extremely difficult to detect or eradicate.
Learn how a new open source rootkit will make it easier to cloak malware on Linux boxes. How do you think Linux intrusion detection systems like rkhunter will deal with this challenge? Read on. Write Comment |
|
|
Source: linsec.ca blog - Posted by Bill Keys
|
A recent post from Russ Coker entitled AppArmor is Dead was tolling the death bells for AppArmor because SUSE decided to include SELinux in their operating system… not as the default, and not as a replacement for AppArmor, but it was included nonetheless. Russ determined that this was the beginning of the end for AppArmor, and I read it with some interest largely because Mandriva has settled on AppArmor as our security solution… largely because it fits with our ideal of making things nice and easy for our users. So of course, a post that seems to bring doom and gloom about our security solution is something we’re interested in reading about because if it’s true, then we’ve invested time and effort into the wrong solution.
This article discusses the debate of AppArmor's future. What do you think will happen to AppArmor? Will SELinux become even more popular as a security framework? Write Comment |
|
|
Source: tuxtraining - Posted by Bill Keys
|
Lets start with some basics…. Our Linux system stores its usernames and passwords in a special file : ‘/etc/password’. The passwords in this file are one way encrypted (hash-ed) through a password encryption function called ‘crypt’ using DES as the encryption algorithm. The good thing about ‘hashing’ is that you can not ‘decrypt’ the hashed passwords because the function used for hashing cannot be reversed (one-way traffic). DES generally uses keys (symmetric key cryptography) in which case things can be either encrypted or decrypted, but for encrypting passwords in Linux, only the ‘hashing’ implementation of DES is used.
How much do you know about Linux passwords? This article goes into detail about how user's passwords are controlled and handled in Linux.Write Comment (4 Comments) |
|
|
Source: ZDNet - Posted by Bill Keys
|
Ubuntu today became the latest Linux vendor to patch a vulnerability in the open source operating system's kernel that could have left the door open for hackers to find their way into users' machines.
In an email sent overnight, the Linux vendor warned users to update all machines running recent versions of Ubuntu, ranging from 6.06, which was released back in mid-2006, to version 8.04, which came out earlier this year. The problem also applied to other versions of Ubuntu such as Kubuntu, Edubuntu and Xubuntu.
I am glad to see Ubuntu letting users know that they should update their kernel's because of a security vulnerability. What do you think? Do you trust your distro to provide you with important computer security information?Write Comment |
|
|
|
<< Start < Prev 1 2 3 Next > End >>
|
| Results 1 - 9 of 737 |