Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: February 27th, 2015
Linux Security Week: February 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Host Security
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Clam or Klam? Either Way, It's Easy Linux Protection  10 September 2010 
Source: Tech News World - Posted by Anthony Pell   
Though you're probably less likely to find yourself riddled with malware if you're running Linux rather than Windows, that doesn't mean security software should be ignored entirely. ClamTK -- or KlamAV, depending on which environment you use -- gives your Linux PC an antimalware guard dog that goes beyond the old "security by obscurity" strategy.
NTLM authentication: still broken after all these years  16 August 2010 
Source: The Register UK - Posted by Alex   
A 15-year-old vulnerability in technology used to authenticate users on Windows and Unix networks continues to put the organizations that rely on it at risk, a security researcher said on Thursday.
Role- and Rule-Basing Part 1: Introduction  21 June 2010 
Source: Security Catalyst - Posted by Alex   
At this point in the identity management process it is time to consider what access the company’s job functions should have to begin creating roles and rules. This is the first step in automating provisioning and de-provisioning. Even without automation, creating and managing the roles and rules will make manual provisioning (and auditing!) quite a bit faster and definitely more accurate.
Ubuntu to push latest Firefox to Hardy, Jaunty and Karmic  01 June 2010 
Source: H Security - Posted by Anthony Pell   
According to a posting on the Ubuntu developers mailing list, Ubuntu developers are planning to push the next release of Firefox, 3.6.4, to the current Ubuntu release, Lucid Lynx 10.04, and to older versions such as Hardy (8.04LTS), Jaunty (9.04) and Karmic Koala (9.10). These older versions currently have Firefox 3.0 and xulrunner 1.9 both of which are no longer supported by Mozilla.
New phishing attack exploits tabbed browsing  25 May 2010 
Source: H Security - Posted by Alex   
Aza Raskin, Creative Lead for Mozilla's Firefox, has demonstrated a new phishing attack which exploits tabbed browsing. In the attack, a normal page, with the attack script embedded, is loaded and displays as expected.
UPDATE - New attack bypasses EVERY Windows security product  11 May 2010 
Source: ZDNet Blogs - Posted by Anthony Pell   
Okay, Windows content, but good to convince your boss that even the best efforts of the various security Windows vendors can't protect your desktop users. Are you a Windows user? Do you make sure that your antivirus program is updated regularly? Do you feel safe? You shouldn’t! Read on to find out why.
Setting the record straight on sudo  06 April 2010 
Source: TechRepublic - Posted by Anthony Pell   
I recently read a blog posting that denounced the use of sudo as insecure because of the following (briefly summed up and paraphrased) reasons:

  1. The idea that not using the root account is wrong, using root for everything is fine.
  2. That using sudo for everything provides a false sense of security over performing an action as root directly
  3. That using a user account password to get a root shell is a bad idea
  4. That using a root shell is not dangerous, and that this “grave misunderstanding” came from the idea that running X as root is dangerous
  5. That sudo has very little place in the Enterprise
  6. That relying on sudo is foolish, because it has bugs
  7. That everything should be done from a root shell, and that you should have to know the “uber-secret root password” to get that access
System security? What about your DATA!  05 April 2010 
Source: fewt blog - Posted by Anthony Pell   
What makes this problem worse? Well what about your DATA? Let me start with the statement that there is nothing installed on your Desktop Linux system by default to protect your data from theft or destruction, and there is nothing to protect your computer from harming other computers when you are using Desktop Linux.
German Government Warns Internet Users On Firefox Security Flaw  23 March 2010 
Source: All Headline News - Posted by Anthony Pell   
The German government warned its citizens not to use Internet web browser Firefox because of serious security problems. There is reportedly a security flaw in Mozilla Firefox Version 3.6 that could allow a hacker to take control of someone's computer by launching malicious code.
Thunderbird Secure Connections  18 March 2010 
Source: - Posted by Anthony Pell   
Client configuration can be just as big of problem as the set up for the server. One of the problems is that not all clients, both Linux and Windows, are capable of handling TLS or SMTP AUTH. That is getting better but it is still a problem. One great alternative client is Thunderbird, Icedove if you are on Debian. Here is a step by step approach to setting up the Thunderbird client for TLS and SMTP AUTH.
<< Start < Prev 4 5 6 Next > End >>

Results 31 - 40 of 816


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
D-Link Routers Haunted by Remote Command Injection Bug -
Mozilla Pushes Hot Fix to Remove Superfish Cert From Firefox
The Deadly Game of Cyber Mis-Attribution
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.