It's been more than a week since Debian patched a massive security hole in the library the operating system uses to create cryptographic keys for securing email, websites and administrative servers. Now the hard work begins, as legions of admins are saddled with the odious task of regenerating keys too numerous for anyone to estimate.
What do you think is the state of computer security after the OpenSSL flaw was found and patched?
Conduct your audit on an exact copy of your production environment. You don't need to duplicate the hardware, but you want to make sure the software versions are as close as possible. The PHP configuration must match exactly, as specified in the php.ini file, the Apache directives in .htaccess files, or httpd.conf. You need a separate environment because you will display and log errors that might reveal sensitive passwords and other information. Also, you will try to break the security of the site, which is something you want to avoid with live applications.
Preforming security audits on you our PHP application is an important skill to have. This article will show you this in great detail, where any PHP developer can increase their web application security.
The decision to deploy proprietary, rather than open source security solutions (OSS), is often influenced by some commonly held perceptions.
Many IT professionals can’t seem to shake off the belief that OSS is inherently risky unreliable and complex. I am going to examine the most common of these perceptions to highlight how the facts are very often the exact opposite to what people believe.
This article looks at myths that people think about open source security. It brings up some good points. What do you think is the state of open source security?
Source: Infosecwriters.com - Posted by Eckie Silapaswang
Computer forensics is the application of computer investigation and analysis techniques to determine potential legal evidence. Since computers are vulnerable to attack by some criminals, computer forensics is very important. Understanding computer forensic procedures will help to capture vital information which can be used to prosecute an intruder that compromises a computer or network. Also, deciding on the specific tools for computers or other equipment that is needed to correctly analyze evidence is crucial. These tools are very useful but bigger companies that handle more equipment and information might benefit from something that can combine all these tools into one application.
This article provides a .pdf file delving into the inner workings of computer forensics. Give it a read and see if you can solve a crime today (or maybe later)!
Ensuring that users are safe, secure, and protected while they browse the Web is one of the greatest challenges facing browser makers. Browser security involves a delicate balance between protecting the user from the dangers that exist on the Web and overly restricting the user’s freedom to go where she wants and see what she wants while surfing.
One of my favorite new Firefox 3 security features is the Site Identification button. This button replaces and builds upon the ubiquitous “padlock” icon that has for so long been the primary security indicator used in browsers. Firefox 2, for example, indicates that the connection to a site is encrypted by changing the background color of the location bar and displaying a padlock icon.
This article brings up interesting points about the 'padlock' icon, its true meaning, as well as the enhanced features of Firefox 3 which can show more in-depth detail about a particular site. Not only that, but it presents the information in a clearer, more concise manner - just the way we like it!
Source: esecurityplanet.com - Posted by Eckie Silapaswang
About a year ago, we took a look at the growing trend toward open-source security and highlighted 10 of the best apps available. Since then, the area has continued to mature, and now we're back highlighting 75 of the most frequently downloaded open-source security applications.
We all love lists, especially if they have to do with something we care actually care about! See if your "weapon of choice" made this particular list!
Source: http://kerneltrap.org/Linux/Ksplice_Rebootless_Linux_Kernel_Security_Updates - Posted by Bill Keys
"I've put together an automatic system for applying kernel security patches to the Linux kernel without rebooting it, and I wanted to share this system with the community in case others find it useful or interesting," said Jeff Arnold, announcing ksplice. He explained, "the system takes as input a kernel security patch (which can be a unified diff taken directly from Linus' GIT tree) and the source code corresponding to the running kernel, and it automatically creates a set of kernel modules to perform the update. The running kernel does not need to have been customized in advance in any way."
What do you think about ksplice? It sound like a great improvement for Linux security. I am interested in how well it works. Will in work for all security updates?
A break-in can happen to any system administrator. Find out how to use Autopsy and Sleuthkit to hit the ground running on your first forensics project.
There are certain aspects to system administration that you can learn only from experience. Computer forensics (among other things the ability to piece together clues from a system to determine how an intruder broke in) can take years or even decades to master. If you have never conducted a forensics analysis on a computer, you might not even know exactly where to start. In this guide, I cover how to use the set of forensics tools in Sleuthkit with its Web front end, Autopsy, to organize your first forensics case.
Computer forensics is a important skill for an Linux administrator. This article looks into what you need to know to investigate if your network have been attacked.
Source: The Register - Posted by Eckie Silapaswang
In a first for a major company, Microsoft has publicly pledged not to sue or press charges against ethical hackers who responsibly find security flaws in its online services.
The promise, extended Saturday at the ToorCon security conference in Seattle, is a bold and significant move. While researchers are generally free to attack legally acquired software running on their own hardware, they can face severe penalties for probing websites that run on servers belonging to others. In some cases, organizations have pursued legal action against researchers who did nothing more than discover and responsibly report serious online vulnerabilities.
Although not exactly Linux-centric, according to this article Microsoft is at least making an effort to take a more "open source" approach to security. Read on for an interesting account of the security conference and let us know what you think about this topic!
HDIV (HTTP Data Integrity Validator) is a Java Web Application Security Framework. HDIV extends web applications’ behaviour by adding Security functionalities, maintaining the API and the framework specification. This implies that we can use HDIV in applications developed in Struts 1.x, Struts 2.x, Spring MVC and JSTL in a transparent way to the programmer and without adding any complexity to the application development. It is possible to use HDIV in applications that don’t use Struts 1.x, Struts 2.x, Spring MVC or JSTL, but in this case it is necessary to modify the application (JSP pages).
What do you think is the state of Java Web security is. If you do any Java Web development you might want to take a look at HDIV (HTTP Data Integrity Validator). This article gives the reader information on what this Security Framework can do.
