LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
Is Mandatory Access Control Too Much Security For Enterprise's Linux?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Advisory Watch: September 5th, 2008
Linux Security Week: September 1st, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Host Security
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



Open Source Release Takes Linux Rootkits Mainstream  05 September 2008 
Source: The Register - Posted by John P. Forman   
The art of burying invisible malware deep inside a Linux machine is about to go mainstream, thanks to a new open-source rootkit released Thursday by Immunity Inc., a firm that supplies tools for penetration testers. When implemented, Immunity's DR, or Debug Register, makes backdoors and other types of malware extremely difficult to detect or eradicate. Learn how a new open source rootkit will make it easier to cloak malware on Linux boxes. How do you think Linux intrusion detection systems like rkhunter will deal with this challenge? Read on.

Write Comment

 
Responds to Allegations That AppArmor is Dying  05 September 2008 
Source: linsec.ca blog - Posted by Bill Keys   
A recent post from Russ Coker entitled AppArmor is Dead was tolling the death bells for AppArmor because SUSE decided to include SELinux in their operating system… not as the default, and not as a replacement for AppArmor, but it was included nonetheless. Russ determined that this was the beginning of the end for AppArmor, and I read it with some interest largely because Mandriva has settled on AppArmor as our security solution… largely because it fits with our ideal of making things nice and easy for our users. So of course, a post that seems to bring doom and gloom about our security solution is something we’re interested in reading about because if it’s true, then we’ve invested time and effort into the wrong solution. This article discusses the debate of AppArmor's future. What do you think will happen to AppArmor? Will SELinux become even more popular as a security framework?

Write Comment

 
Linux Password Policies  02 September 2008 
Source: tuxtraining - Posted by Bill Keys   
Lets start with some basics…. Our Linux system stores its usernames and passwords in a special file : ‘/etc/password’. The passwords in this file are one way encrypted (hash-ed) through a password encryption function called ‘crypt’ using DES as the encryption algorithm. The good thing about ‘hashing’ is that you can not ‘decrypt’ the hashed passwords because the function used for hashing cannot be reversed (one-way traffic). DES generally uses keys (symmetric key cryptography) in which case things can be either encrypted or decrypted, but for encrypting passwords in Linux, only the ‘hashing’ implementation of DES is used. How much do you know about Linux passwords? This article goes into detail about how user's passwords are controlled and handled in Linux.

Write Comment (4 Comments)

 
Ubuntu Issues Security Patch For Kernel Flaw  26 August 2008 
Source: ZDNet - Posted by Bill Keys   
Ubuntu today became the latest Linux vendor to patch a vulnerability in the open source operating system's kernel that could have left the door open for hackers to find their way into users' machines. In an email sent overnight, the Linux vendor warned users to update all machines running recent versions of Ubuntu, ranging from 6.06, which was released back in mid-2006, to version 8.04, which came out earlier this year. The problem also applied to other versions of Ubuntu such as Kubuntu, Edubuntu and Xubuntu. I am glad to see Ubuntu letting users know that they should update their kernel's because of a security vulnerability. What do you think? Do you trust your distro to provide you with important computer security information?

Write Comment

 
Kernel space: Virus Scanning API Spawns Security Debate  15 August 2008 
Source: LinuxWorld - Posted by Bill Keys   
The TALPA malware scanning API was covered in LWN in December, 2007. Several months later, TALPA is back - in the form of a patch set posted by a Red Hat employee. The resulting discussion has certainly not been what the TALPA developers would have hoped for; it is, instead, a good example of how a potentially useful idea can be set back by poor execution and presentation to the kernel community. Have you heard about the kernel space virus scanning API? This article discusses the debate over it within the kernel development community.

Write Comment

 
Security Guide for VMware ESX: Helpful But Has Holes  22 July 2008 
Source: linuxworld - Posted by Bill Keys   
With security becoming ever more important, I've been reviewing the various guides available to harden the VMware Virtual Infrastructure. So far the results have been disappointing, though I've looked at the CISecurity VMware ESX Benchmark and the VMware VI3 Hardening Guidelines. Now for the US Government's Defense Information Systems Agency's Security Technical Implementation Guide (STIG)-a long-awaited document that all levels of the U.S. government will follow to harden and protect their VMware VI3 installations. At first look at VM security you might think it's just like securing any hardware install OS. However, VM security come with it's own set of challenges. This likes at the security issues with hardening VMware ESX.

Write Comment (2 Comments)

 
Disabling Root On Linux or Unix  09 July 2008 
Source: Linux Shell Account - Posted by Bill Keys   
Loosely following up on a few previous posts regarding securing Linux and Unix and even more fun with Unix and Linux security, today we're going to look at something vaguely security-related, and also vaguely scary ;) It has to do with the root account (or user id 0) and security hardening. I've got nothing against either, so this won't be an insane diatribe, but (especially, no offense to Ubuntu) with more Linux distro's coming straight out-of-the-box with root disabled, I see the issue of security and the root user get a little confused. A lot ;) Any Ubuntu user knows that the root account is disabled by default because of security concerns. But if we have strong passwords and firewalls do we really need to disable the root account?

Write Comment

 
Test Your Environment's Security With BackTrack  16 June 2008 
Source: Linux.com - Posted by Bill Keys   
In the field of penetration testing, BackTrack is today's premier Linux distribution. Designed for, created by, and used by security professionals around the globe, BackTrack is the result of a merger between two earlier, competing distributions -- WHAX and Auditor Security Collection. The most recent beta version was released on June 10.

BackTrack 3.0 beta (BT3) is showing up in a lot of places these days. There was a presentation in February at ShmooCon, an annual hacker convention. At this year's National Collegiate Cyber Defense Competition (NCCDC), it was the distro of choice for the Red Team -- the attackers -- made up of experienced security professionals. Have you heard about the penetration tool called BackTrack? This article looks at ways to get started using BackTrack.

Write Comment

 
Tips for Your Users: Passwords You Can Live With  13 June 2008 
Source: EnterpriseNetworkingPlanet - Posted by Bill Keys   
If you haven't already heard, you should be writing down your passwords. Good password security practices don't dictate that you must remember everything. Why would you want to, and what is the best way to do this securely? These, and other important questions will be answered in this article. Having strong passwords is an basic but important security practice. This article looks at how users can use strong passwords with little effort.

Write Comment

 
VMware Security Update Fixes Multiple Code Execution Vulnerabilities  06 June 2008 
Source: FrSIRT - Posted by Bill Keys   
Multiple vulnerabilities have been identified in various VMware products, which could be exploited by local or remote attackers to bypass security restrictions, cause a denial of service or compromise a vulnerable system.The first issue is caused by an input validation error in the "HGFS.sys" driver, which could allow local attackers to execute arbitrary code on the guest system. The second vulnerability is caused by an untrusted library path error in "vmware-authd", which could be exploited by local unprivileged attackers to execute arbitrary code on the Linux host system. Have you heard about the news that vulnerabilities have been found in some of VMware's software. This started to make me think what is the state of virtualization security? Do you think it's just as secure as a host installed on physical hardware?

Write Comment (3 Comments)

 
<< Start < Prev 1 2 3 Next > End >>

Results 1 - 10 of 736
    
Partner:

 

Latest Features
Review: Hacking Exposed Linux, Third Edition
Security Features of Firefox 3.0
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Meet the Anti-Nmap: PSAD
Open Source Tool of February: Nmap!
Yesterday's Edition
Responds to Allegations That AppArmor is Dying
SELinux Memory Protections are Your Friend
Open Source Release Takes Linux Rootkits Mainstream

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.