LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
How would you rate the importance of default settings in security?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Advisory Watch: May 16th, 2008
Linux Security Week: May 13th, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Vendors/Products
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



Creating Packet Traces of Nessus Scans  11 September 2007 
Source: Tenable Network Security - Posted by Eckie Silapaswang   
There's a lot of magic that goes on behind the scenes when you do a full Nessus vulernability scan. However, how are you exactly trust that report about your OpenSSH server being vulnerable? Is it just relying on version numbers and not considering patches? The Nessue 3 Unix scanners allow you to save packet dumps of your scans in libpcap compatible files, allowing you to view them under TCPDUMP or Wireshark for your convenience. Now you can go into greater analysis of what exactly was used to scan your server rather than a text message of "scanned". Read on for even more benefits to saving the packet data of your scans!

Write Comment

 
Financially Motivated Malware Thrives  07 September 2007 
Source: Network World - Posted by Eckie Silapaswang   
There are now people who create programs that make it easier for other people to create programs that make money. Don't worry, you read that right. This article reports on the business of making commercial malware / spamming software. For just around $200, you yourself can have programs that exploit Firefox, Internet Explorer, and Quicktime in an effort to spread your spam as quickly and easily as possible. There are now concentrated efforts in coding these shiny, plug and play spam generators. Have we gotten to the point of "if you can't beat 'em, join 'em"?

Write Comment

 
RenaissanceCore IDS Seeks to take Intrusion Detection to the Next Level  05 September 2007 
Source: Blue GNU - Posted by Eckie Silapaswang   
This open source company attempts to bring their open source IDS solutions to the table. The article provides a personal insight into the beginnings and directions of the project, bringing out an interesting point of the catch-22 of open source projects: no community -> no credibility -> no community. Sure one of the biggest concerns with the IDS are false positives - however, which IDS doesn't have that concern? Why not check out the article and see if you would want to contribute to the community there. Better yet, do you have any ideas of how to get out of the catch-22?

Write Comment (1 Comments)

 
How to Break Forensics Software  10 August 2007 
Source: The Inquirer - Posted by Eckie Silapaswang   
Those of you familiar with CSI (or have surely heard of it) are all too familiar with the process they use to catch the criminals - scientific analysis, forensics, gadgetry, and smarmy head investigators. Reoccurring themes include DNA analysis or other types of human-related evidence. However, in the information world, catching a criminal after the crime is in another league of its own. This article presents an account of a recent DefCon presentation which focused on breaking the actual forensics software used to analyze compromised systems. The most interesting line in the article referred to the weaknesses in one of the most popular forensics tools - "Most of these can and will be fixed in the near future, but at least one is a design flaw, not a bug.". Read on to find out how your forensics tools are only as good as the makers of them, and how it can result in a perfect getaway.

Write Comment

 
Security Firm Automates Generating Attack Code  10 August 2007 
Source: Network World - Posted by Eckie Silapaswang   
Better scripting languages calls for better automation which results in better automated exploit tools. Security firm Immunity has its own tool that automates the creation of attack code, supposedly cutting the development time in half. Unveiled at DefCon, this tool has made its rounds at the conference and sparked a buzz with its emphasis on capitalizing on zero-day flaws, making sure exploits can be developed as soon as possible.

Write Comment (1 Comments)

 
Quick Review: EnGarde  08 August 2007 
Source: www.polishlinux.org - Posted by Ryan   
A site for reviews and Linux, Piotr over at Polishlinux.org took a chance to review EnGarde Community for servers. A nice, quick overview of install, configuration, and how to test EnGarde from one computer. The site itself is a great resource for understanding how to compare, assess and choose the best distribution for you. SO make sure to check out their Distro chooser,a great little quiz that takes your preferences and recommends the best distro based on your answers. A nice resource as well.

Check it out!

Write Comment

 
Xandros Bundles NoMachine Thin-Client Server  19 July 2007 
Source: Linux-Watch - Posted by Eckie Silapaswang   
Let's just imagine for once that you ARE a Photoshop wizard or some other GUI intensive app expert. Better yet, you're the sysadmin responsible for all those Microsoft Word / Photoshop heavy desktops on your network. One day your boss asks you "What happens if the building is closed due to bad weather / construction / St. Patrick's Day Parade? Can we enable remote access for our web design whiz kids?" With the recent release of Xandros Server 2.0, this is all possible.

"The companies claim that this extended Xandros-NoMachine alliance provides enhanced capabilities for secure and rapid access to graphical applications, running on any operating system across any network connection."

Tell the whiz kid's who somehow "can't make it into work" that she could now work from home effeciently, utilizing her broadband connection to connect to the Xandros Server rather than connecting to deviantArt.

Write Comment

 
Simulating Cisco and Linux Networks  11 July 2007 
Source: Nirlog.com - Posted by Eckie Silapaswang   
I'm a big fan of virtualization software. The main benefits come from having a pristine duplicate testing environment in every case, ease of portability, as well as (lack of?) hardware costs. These are essential features in anyone's network analysis toolbox and helps to expose any vulnerabilities in architecture. Read on for some interesting virtualization schemes for Cisco routers and Linux networks and start hammering away at your "what if?"s rather than theorizing them.

Write Comment

 
Vendors Admit More Cooperation Needed on Security  30 June 2007 
Source: ComputerWeekly.com - Posted by Bill Keys   
"The security chiefs of several large infrastructure and software vendors said they are doing all they can do to embed security into their products, but they agreed that more work must be done to improve security between their platforms." How well does the open source community spread security issues? Does Redhat and Novel work together to improve security? One of the best ways to improve security is to have all players share their patches to fix vulnerabilities fast.

Write Comment

 
Now Window's Users can benefit from Linux Security Applications  19 June 2007 
How secure is Linux? It is so secure it is now being used to protect Microsoft Windows. Adrian Kingsley-Hughes gives a first hand review of the 'Yoggie Pico Pro'. The Yoggie, no relation to a the baseball player, is an embedded computer the size of a USB drive that plugs right into a computer USB port. The little gadget then allows the user to run 13 security applications that won't bog down his normal computing experience. Its a must have for any one that has a laptop and likes to plug into public networks.

Write Comment

 
<< Start < Prev 1 2 3 Next > End >>

Results 21 - 30 of 820
    
Partner:

 

Latest Features
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Meet the Anti-Nmap: PSAD
Open Source Tool of February: Nmap!
HowTo: Secure your Ubuntu Apache Web Server
SSH: Best Practices
Yesterday's Edition
Strong passwords no panacea as SSH Brute-Force Attacks Rise
Tools circulate that crack Debian, Ubuntu keys

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.