LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
How would you rate the importance of default settings in security?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Advisory Watch: May 9th, 2008
Linux Security Week: May 5th, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Host Security
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



Sudo Voodoo  21 April 2008 
Source: Linux Magazine - Posted by Bill Keys   
A Linux system has two kinds of users: ordinary users and the root user. Each ordinary user has a robust set of permissions to manage his or her own files (and files that belong to a group that he or she is a member of), but an ordinary user cannot affect system configuration, start or stop essential services such as the SSH daemon, and cannot reserve a so-called privileged port, or any networking port numbered less than 1,024. The root user, though, is free to access and modify any file, perform any task, and affect the system at will. We have all used sudo some point in using Linux but do you know the importance of sudo to Linux security? This article guides the user through everything a Linux user needs to know about sudo.

Write Comment

 
Using a Pluggable Authentication Module  01 April 2008 
Source: IBM - Posted by Bill Keys   
If you're concerned about protecting world-writeable shared directories such as /tmp or /var/tmp from abuse, a Linux® Pluggable Authentication Module (PAM) can help you. The pam_namespace module creates a separate namespace for users on your system when they login. This separation is enforced by the Linux operating system so that users are protected from several types of security attacks. This article for Linux system administrators lays out the steps to enable namespaces with PAM. Have you heard about PAM? All Linux user's use PAM every time they use Linux. This article does a great job at explaining how PAM helps improve Linux user's security.

Write Comment (1 Comments)

 
Sudo Voodoo  31 March 2008 
Source: Linux-Mag - Posted by Bill Keys   
A Linux system has two kinds of users: ordinary users and the root user. Each ordinary user has a robust set of permissions to manage his or her own files (and files that belong to a group that he or she is a member of), but an ordinary user cannot affect system configuration, start or stop essential services such as the SSH daemon, and cannot reserve a so-called privileged port, or any networking port numbered less than 1,024. The root user, though, is free to access and modify any file, perform any task, and affect the system at will. It's an important to learn how to use sudo securely. This article does a good job at helping users to setup sudo for their systems.

Write Comment

 
Kernel space: authoritative Hooks for Containerization  26 March 2008 
Source: tuxmachines - Posted by Bill Keys   
The containers developers have what would seem to be a relatively straightforward problem: they would like to control access to devices on a per-container basis. Then containers could safely be granted access to specific devices without compromising the overall security of the system - even if a container has a root-capable process which can create new device files. Kernel security is a very importance part of the overall security of ones system. This article goes into one part of kernel security containerization.

Write Comment

 
VMWare's VMSafe: Security Industry Defibrilator  03 March 2008 
Source: Rational Survivability - Posted by Ryan Berens   
VMware and virtualization security is just beginning to heat up. In this article, we get an interesting view into the nature of this debacle. Should it be a surprise that security is going to be such an issue? According to this blogger, far, far from it; virtualization provides such a compelling shift in computing, that being caught "flatfooted" is embarrassing...

For the purpose of this post, I'm going to focus on the security implications of virtualization and simply summarize by suggesting that virtualization up until now has quietly marked a tipping point where we see the disruption stretch security architectures and technologies to their breaking point and in many cases make much of our invested security portfolio redundant and irrelevant. Ouch! Read on...

Write Comment

 
Research into prevalence of Linux Rst-B virus  16 February 2008 
Posted by Administrator   
According to an anlysis of malware in Sophos's Linux honeypots, it has shown that almost 70 percent of the infections are due to this six-year-old malicious program. SophosLabs has made a small detection tool available to help users find out whether they have been infected with this virus.

Write Comment

 
Patching Linux Kernel, Local Root Exploit  13 February 2008 
Source: keneltrap - Posted by Bill Keys   
Patches for a much publicized Linux kernel local root exploit were released today as 2.6.24.2, 2.6.23.16, and 2.6.22.18. The latest bug, labeled as CVE-2008-0600, was introduced by the vmsplice() system call and added into the 2.6 kernel in 2.6.17. It is the third in a series of root exploits surrounding the same system call, the two earlier bugs being CVE-2008-0009 and CVE-2008-0010. Easily obtained exploits exist for both the older CVE-2008-0010 which affected the 2.6.23 and 2.6.24 kernels, and the latest CVE-2008-0600, allowing a local non-root user to gain root permissions. You mostly likely heard about the local root exploit patch which was released a few days ago. Any exploit dealing with the root users can be a serious problem. Have you patched your Linux Kernel yet?

Write Comment (1 Comments)

 
Open Source Tool of the Month: Nmap looks better than ever!  06 February 2008 
Source: Linux.com - Posted by Ryan Berens   
In this review from Linux.com, you get into some of the details on our Open Source tool of the month. The Zenmap front end for Nmap is covered, its new enhancements as well as what to do with the Command Wizard. It also covers some of the basics on port scanners too... Sometimes criticized for helping the bad guys find opening in the cracks of sites on the Internet, their real value is in allowing network security pros -- and those trying to protect their own machines and networks -- to test their own defenses. They can help ordinary users learn more about networking and network security.

Write Comment

 
Anti Tamper Module for Apache  23 January 2008 
Source: DarkNet - Posted by Bill Keys   
AntiTamper is an Apache 2.x module that could be used to prevent some sort of url and cookie tampering.

Specifically, AT could stop a lot of those malicious bots that take advantage from search engines. Moreover, attack techniques like HTTP Response Splitting and session hijacking/fixation will be mitigated. I am interested if anyone has tested out mod_anti_tamper. I like using mod_security but mod_anti_tamper look like it will work well side my side with mod_security increase a web servers security.

Write Comment

 
Gotroot Modsecurity Rules for Apache - Anti-spam and Security  03 January 2008 
Source: DarkNet - Posted by Bill Keys   
ModSecurity is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web server module or standalone, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. Anything which helps Web application to be more secure is a very good thing. Have you implemented ModSecurity on your Apache server?

Write Comment

 
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 10 of 726
    
Partner:

 

Latest Features
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Meet the Anti-Nmap: PSAD
Open Source Tool of February: Nmap!
HowTo: Secure your Ubuntu Apache Web Server
SSH: Best Practices
Yesterday's Edition
sshpass - Non-Interactive SSH Password Authentication
Computer Forensics Procedures, Tools, and Digital Evidence Bags: What They Are and Who Should Use
Firefox Infects Vietnamese Users With Trojan Code
A Guide to Cryptography in PHP

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.