LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
How would you rate the importance of default settings in security?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Advisory Watch: July 18th, 2008
Linux Security Week: July 14th, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
General Security
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



A Report From the Debian Testing Security Team  26 June 2008 
Source: lwn.net - Posted by Bill Keys   
The Debian Testing Security team is very near to providing full security support for the testing distribution. At the time of the last email, two blockers for full security support were present. However, we now are able to process embargoed issues (more on that below), so we are happy to announce that only one blocker remains. The only remaining blocker for full security support at this point is the kernel. We are talking to the kernel security team about providing testing-security support, but at the moment this task lacks manpower. This posting talks about the current state of the Debian Testing Security Team. They are always looking for new people to help out in testing so, check it out.

Write Comment

 
Ruby Creators Warn of Serious Flaws  25 June 2008 
Source: itworld - Posted by Bill Keys   
The Ruby programming language, which has become popular as the basis for web 2.0 sites such as Twitter, contains serious security flaws that could allow attackers to take over an organization's web server, according to the Ruby development team. The "disturbing" flaws, which were disclosed on Friday, could affect nearly any typical Ruby-based web application, according to Thomas Ptacek, founder of security firm Matasano. What do you think about this newly discovered security flaw in the Rudy programming language? As ruby continues to become popular will we see more security vulnerabilities found?

Write Comment (1 Comments)

 
Interview With Mozilla Security Team  24 June 2008 
Source: SecurityFocus - Posted by Bill Keys   
Mozilla released its latest browser, Firefox 3.0, this week. SecurityFocus contributor Federico Biancuzzi tracked down two key members of Mozilla's security team, Window Snyder and Johnathan Nightingale, to learn more about the security features included in this major release.They discussed the protection against phishing and the new malware protection, the new update mechanism for add-ons, Mozilla's security policies and processes, and the hardening of their Javascript implementation. Check out this interview with the Mozilla's Security Team. They talk about the security features they added with their release of Firefox 3.0.

Write Comment

 
Firefox 3 Vulnerability Found  19 June 2008 
Source: linuxworld - Posted by Bill Keys   
Five hours after Mozilla officially released Firefox 3.0, researchers found a vulnerability in the new browser.Tipping Point has verified the bug and reported it to Mozilla, Tipping Point said on Wednesday.Since Mozilla is still working on a fix, the researchers won't share details about the problem. Tipping Point ranked the severity of the vulnerability as high, but said that users would have to click on a link in an e-mail or visit a malicious Web page before being affected. The issue affects users of Firefox 3.0 as well as Firefox 2.0. Wow, that was quick in only five hours a security vulnerability was found. I find it a little strange that a vulnerability was found that is said to effect Firefox 3.0 and Firefox 2.0 was not found earlier. What do you think about this latest released vulnerability to Firefox?

Write Comment (3 Comments)

 
Is Linux the Most Secure OS?  19 June 2008 
Source: Techrepublic.com - Posted by Bill Keys   
Linux-based systems get a lot of press in IT trade publications. A lot of that press relates to its security characteristics. In fact, some claim “Linux is the most secure operating system (OS) of them all.” Such statements are, of course, unsupportable hyperbole; while many Linux distributions may outshine both MS Windows and Apple MacOS X by a significant margin, there’s evidence to suggest that most Linux distributions are not up to the standards of FreeBSD, for instance — let alone OpenBSD, with possibly the best security record of any general-purpose operating system. This article looks at the question of is Linux the most secure OS? What do you think? Sometime I feel that the OS is only as secure as the person using it and setting it up. But one thing is for sure is that the Open Source community gives the user the tools to make their setup as secure as they want it to be.

Write Comment (2 Comments)

 
Analysing Logs in Linux  18 June 2008 
Source: Linux Server Security Secrets and Administration - Posted by Bill Keys   
Part of the security and sysadmins tasks is the log analysis and decision taking. There is plenty of information in http://www.linux.org/apps/all/Administration/Log_Analyzers.html. The tools I recommend is called "Lire", this tool permits the creation of several reporting formats, including html, pdf, xml, between others. It also permits to analyze many log file formats, which include MySQL, Iptables, BIND, Apache, Qmail, Postfix, Syslog and more. Lire is GPL'ed Free Software (and Open Source), built around the idea of extendibility. This article looks at a tool called Lire" for analyzing your logs. I feel looking at your system's logs is an important security practice that users should do. By looking at your log you can find holes in your system which you should plug. Do you think analyzing your log files is a good security practice?

Write Comment

 
The Power of ‘root’ in Linux  12 June 2008 
Source: brajeshwar.com - Posted by Bill Keys   
Let us go a little deep about the access privileges and rights which a root user has on a Linux system. Root is the default name for system administrator in a *NIX system - a super user who can do anything and everything within the operating system. As a result, root login should be used with special care. While working with a root login, we can end up doing a lot of harm to our system as well as the data, accidentally. For any user of Linux it's important to make your root account as tight as possible from attack. This article looks as some of the security issues with root and ways to improve it's security.

Write Comment (2 Comments)

 
Linux Security for Beginners  11 June 2008 
Source: Linux Topia - Posted by Bill Keys   
There is a saying in the security world that the only truly safe computer system is one that is disconnected from the network, switched off and buried six feet under ground. The sentiment may be somewhat true but it is hardly a practical solution to the problems we face today in protecting servers and desktops from outside intrusion. This article show the user the basics of Linux security. It is a great how-to for any Linux user. It looks at the basics like open services and firewalls. Do you have any quick tips for the beginner Linux user how is look to make their computer more secure?

Write Comment

 
Wiping Your Disk Drive Clean  04 June 2008 
Source: Linux.com - Posted by Bill Keys   
Everybody who owns a computer will someday need to dispose of a disk drive. Before you do, it is a good idea to cleanse the drive, so no one can read your sensitive information. Deleting files and reformatting is not sufficient; determined effort can still reveal data from a drive even after it appears to be gone. To do a more thorough job, I suggest using wipe. It's a good security practice to completely formating a drive before getting rid of your old hard drives. This article looks at some best practices in deciding how-to erase a hard drive. It recommends that user use a software called wipe but, do you have any other favorite programs.

Write Comment (2 Comments)

 
PHP, Python, Samba Get Security Tick of Approval  30 May 2008 
Source: ZDNet - Posted by Bill Keys   
The Scan Report on Open Source Software 2008 by vendor Coverity has found the number of defective lines of code in open source software has decreased in the past two years. According to Coverity, which analyses open source software as part of the US Department of Homeland Security's open source software hardening project, fewer lines of defective code means the overall quality and security of the software is improving. This report makes the point that open source security is definitely something to look at. I am glad to see that the open source community is getting attention of it's strength in security.

Write Comment

 
<< Start < Prev 1 2 3 Next > End >>

Results 11 - 20 of 2276
    
Partner:

 

Latest Features
Security Features of Firefox 3.0
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Meet the Anti-Nmap: PSAD
Open Source Tool of February: Nmap!
HowTo: Secure your Ubuntu Apache Web Server
Yesterday's Edition

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.