The decision to deploy proprietary, rather than open source security solutions (OSS), is often influenced by some commonly held perceptions.
Many IT professionals can’t seem to shake off the belief that OSS is inherently risky unreliable and complex. I am going to examine the most common of these perceptions to highlight how the facts are very often the exact opposite to what people believe.
This article looks at myths that people think about open source security. It brings up some good points. What do you think is the state of open source security?
Source: Infosecwriters.com - Posted by Eckie Silapaswang
Computer forensics is the application of computer investigation and analysis techniques to determine potential legal evidence. Since computers are vulnerable to attack by some criminals, computer forensics is very important. Understanding computer forensic procedures will help to capture vital information which can be used to prosecute an intruder that compromises a computer or network. Also, deciding on the specific tools for computers or other equipment that is needed to correctly analyze evidence is crucial. These tools are very useful but bigger companies that handle more equipment and information might benefit from something that can combine all these tools into one application.
This article provides a .pdf file delving into the inner workings of computer forensics. Give it a read and see if you can solve a crime today (or maybe later)!
Ensuring that users are safe, secure, and protected while they browse the Web is one of the greatest challenges facing browser makers. Browser security involves a delicate balance between protecting the user from the dangers that exist on the Web and overly restricting the user’s freedom to go where she wants and see what she wants while surfing.
One of my favorite new Firefox 3 security features is the Site Identification button. This button replaces and builds upon the ubiquitous “padlock” icon that has for so long been the primary security indicator used in browsers. Firefox 2, for example, indicates that the connection to a site is encrypted by changing the background color of the location bar and displaying a padlock icon.
This article brings up interesting points about the 'padlock' icon, its true meaning, as well as the enhanced features of Firefox 3 which can show more in-depth detail about a particular site. Not only that, but it presents the information in a clearer, more concise manner - just the way we like it!
Source: esecurityplanet.com - Posted by Eckie Silapaswang
About a year ago, we took a look at the growing trend toward open-source security and highlighted 10 of the best apps available. Since then, the area has continued to mature, and now we're back highlighting 75 of the most frequently downloaded open-source security applications.
We all love lists, especially if they have to do with something we care actually care about! See if your "weapon of choice" made this particular list!
Source: http://kerneltrap.org/Linux/Ksplice_Rebootless_Linux_Kernel_Security_Updates - Posted by Bill Keys
"I've put together an automatic system for applying kernel security patches to the Linux kernel without rebooting it, and I wanted to share this system with the community in case others find it useful or interesting," said Jeff Arnold, announcing ksplice. He explained, "the system takes as input a kernel security patch (which can be a unified diff taken directly from Linus' GIT tree) and the source code corresponding to the running kernel, and it automatically creates a set of kernel modules to perform the update. The running kernel does not need to have been customized in advance in any way."
What do you think about ksplice? It sound like a great improvement for Linux security. I am interested in how well it works. Will in work for all security updates?
A break-in can happen to any system administrator. Find out how to use Autopsy and Sleuthkit to hit the ground running on your first forensics project.
There are certain aspects to system administration that you can learn only from experience. Computer forensics (among other things the ability to piece together clues from a system to determine how an intruder broke in) can take years or even decades to master. If you have never conducted a forensics analysis on a computer, you might not even know exactly where to start. In this guide, I cover how to use the set of forensics tools in Sleuthkit with its Web front end, Autopsy, to organize your first forensics case.
Computer forensics is a important skill for an Linux administrator. This article looks into what you need to know to investigate if your network have been attacked.
Source: The Register - Posted by Eckie Silapaswang
In a first for a major company, Microsoft has publicly pledged not to sue or press charges against ethical hackers who responsibly find security flaws in its online services.
The promise, extended Saturday at the ToorCon security conference in Seattle, is a bold and significant move. While researchers are generally free to attack legally acquired software running on their own hardware, they can face severe penalties for probing websites that run on servers belonging to others. In some cases, organizations have pursued legal action against researchers who did nothing more than discover and responsibly report serious online vulnerabilities.
Although not exactly Linux-centric, according to this article Microsoft is at least making an effort to take a more "open source" approach to security. Read on for an interesting account of the security conference and let us know what you think about this topic!
HDIV (HTTP Data Integrity Validator) is a Java Web Application Security Framework. HDIV extends web applications’ behaviour by adding Security functionalities, maintaining the API and the framework specification. This implies that we can use HDIV in applications developed in Struts 1.x, Struts 2.x, Spring MVC and JSTL in a transparent way to the programmer and without adding any complexity to the application development. It is possible to use HDIV in applications that don’t use Struts 1.x, Struts 2.x, Spring MVC or JSTL, but in this case it is necessary to modify the application (JSP pages).
What do you think is the state of Java Web security is. If you do any Java Web development you might want to take a look at HDIV (HTTP Data Integrity Validator). This article gives the reader information on what this Security Framework can do.
Perhaps someday it will be considered discrimination against a sentient, but these days a way to distinguish between programs and humans is required for many web-based applications. Keeping spambots from posting comments in weblogs or other bots from signing up for a web service are two of the most common applications for separating humans and bots. As has often been the case in the past, though, when the stakes are high enough, attackers will find ways to circumvent barriers like this.
How secure to you think Captcha on you website is? Do you think it can be improved?
This article goes into detail on some of the security issues with Captcha technologies.
Source: The Register - Posted by Eckie Silapaswang
Researches have unearthed what they say is the biggest botnet ever. It comprises over 400,000 infected machines, more than twice the size of Storm, which was previously believed to be the largest zombie network.
Machines from at least 50 Fortune 500 companies have been observed to be running the malicious software that's at the heart of "Kraken," the botnet that security firm Damballa has been tracking for the last few weeks. So far, only about 20 percent of the anti-virus products out there are detecting the malware. Just as a con artist might throw off detectives by changing his hair color or other physical characteristics, Kraken's ability to morph its code base has allowed it to evade the majority of malware detectors.
Only twenty percent of all AVs currently out there have any ability to counter this surge of malware and spam. What suggestions or ideas do you have to counter morphing code in botnets?
