|
Source: ITWire - Posted by Bill Keys
|
How can you be sure your network is secure? Before you can patch vulnerabilities you need to discover them. You need to think like a cracker might. You need to hack your own system. This is known as “penetration testing” – a more palatable term to corporations – and the rich tool set of Linux makes it a superb platform for doing this.
Nmap is a simple tool for penetration testing but it does a great job of letting you know what the attackers are seeing. I find my self finding opening in my network that I have never seen before while using this tool. Do you think Nmap can be our only penetration testing tool or should users use other as well?
Write Comment (2 Comments) |
|
Read more...
|
|
|
Source: InfoWorld - Posted by Bill Keys
|
|
On July 26, McAfee will begin offering a new application called Rootkit Detective, designed to detect and remove dangerous rootkit attacks. The software will also help end-users ward off the threats, as well as funnel new intelligence into the company's ongoing research operations. Have you test drove McAfee's Rootkit Detective software? The feature that made me think about trying it out is McAfree says that it has the ability to detect self-cloaking malware attacks that install themselves as kernel modules or drivers. Since any attack that installs them self's in the kernel are very hard for software to detect, I am in interested in how effective they are in finding them. Also, how does this software rank up against other rootkit finders for example, chkrootkit?
Write Comment |
|
Read more...
|
|
|
Source: rsbac.org - Posted by Bill Keys
|
|
Have you heard that Rule Set Based Access Control (RSBAC) 1.3.5 has been released for both
Linux kernels 2.4.34.5 and 2.6.22.1?. How is RSBAC different from other security frameworks like SELinux? One improvement that caught my eye was " Cache for inherited filesystem attribute values ". Seems that this will help increase performance of RSBAC. Check out RSBAC for your self and see how it compares with other Access control security frameworks.
Write Comment |
|
Read more...
|
|
|
Source: ict World - Posted by Bill Keys
|
|
" An increasing number of malware attacks are exploiting software application vulnerabilities." In software development is security a after thought when designing and writing a application? Patching a program after it's release is also just as import as to writing secure code. However, I believe that software developers depends on patching their software too much. In market of making software, vendors need to get the software out the door as fast as possible. So what is the balance between speed of deployment and writing secure code?
Write Comment |
|
Read more...
|
|
|
Source: Dark Reading - Posted by Bill Keys
|
|
Database security is very important because of the data which can be stored on them. "But only 15 percent said that extending security best practices to the database is a "critical priority" for 2007. " What steps should be done to secure a Linux MYSQL database or other's? We hear about SQL Injection but what can be done?
Write Comment |
|
Read more...
|
|
|
|
<< Start < Prev 4 5 6 Next > End >>
|
| Results 37 - 45 of 742 |
