LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: September 19th 2005 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Passwords are key for security," "The Six Dumbest Ideas in Computer Security," and "The Non-Wireless Wireless Network Monitoring System."


Master of Science in Information Security - Earn your Master of Science in Information Security online from Norwich University. Designated a "Center of Excellence", the program offers a solid education in the management of information assurance, and the unique case study method melds theory into practice. Using today's e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

LINUX ADVISORY WATCH - This week, advisories were released for apache, kdelibs, cvs, mod_ssl, tdiary, squid, mozilla, common-lisp, turqstat, slib, umb-scheme, psmisc, gtk, file, subversion, unzip, e2fsprogs, selinux-policy-targeted, firefox, mozilla, vte, xdelta, tvtime, dhcp, gnupg, util-linux, mc, libwnck, pcre, exim, and squid. The distributors include, Debian, Fedora, Gentoo, and Red Hat.

LinuxSecurity.com Feature Extras:

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple.


Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Real-time exploits tracking with Anti-Exploit
  14th, September, 2005

This is a review of the first on-access Anti-Exploit scanner. Anti-Exploit can help IT professionals to discover local attackers before they manage to execute malicious programs.

http://www.linuxsecurity.com/content/view/120381
 
  Users tackle question of Linux vs. Windows on the server
  13th, September, 2005

The battle between Linux and Windows for server-side dominance is continuing to play out in data centers worldwide. While some are drawn to Microsoft due to Windows' ease-of-use, manageability and application availability, others feel that low cost, high stability and the freedom of being able to tweak and analyze source code makes Linux the only choice.

http://www.linuxsecurity.com/content/view/120376
 
  Passwords are key for security
  13th, September, 2005

Security can be a double-edged sword, especially if you buy a used computer. Many people protect their laptops with a password for the BIOS — the “basic input/output system? — that controls a computer when you first turn it on. If you don’t know the BIOS password, you might as well be buying a paperweight. Computer manufactures charge $300 to $500 to remove a BIOS password, often more than the cost of a used laptop.

http://www.linuxsecurity.com/content/view/120375
 
  The Six Dumbest Ideas in Computer Security
  13th, September, 2005

There's lots of innovation going on in security - we're inundated with a steady stream of new stuff and it all sounds like it works just great. Every couple of months I'm invited to a new computer security conference, or I'm asked to write a foreword for a new computer security book. And, thanks to the fact that it's a topic of public concern and a "safe issue" for politicians, we can expect a flood of computer security-related legislation from lawmakers. So: computer security is definitely still a "hot topic." But why are we spending all this time and money and still having problems?

http://www.linuxsecurity.com/content/view/120379
 
  Acoustic Snooping on Typed Information
  14th, September, 2005

Li Zhuang, Feng Zhou, and Doug Tygar have an interesting new paper showing that if you have an audio recording of somebody typing on an ordinary computer keyboard for fifteen minutes or so, you can figure out everything they typed. The idea is that different keys tend to make slightly different sounds, and although you don’t know in advance which keys make which sounds, you can use machine learning to figure that out, assuming that the person is mostly typing English text. (Presumably it would work for other languages too.)

http://www.linuxsecurity.com/content/view/120382
 
  Linux talent scarce as penguins' teeth
  15th, September, 2005

he penguins were on the streets of Kanata yesterday, searching for scarce Linux software developers. In a sign of the recovering technology industry, recruiters from Liquid Computing dressed up as penguins -- the symbol of the popular open-source technology -- in a bid to find 20 more staff. Since raising $14 million U.S. in new capital in May, Liquid has doubled the workforce to 60 full-time and contract employees.

http://www.linuxsecurity.com/content/view/120393
 
  The gloves are off taking the fight to the spammers
  16th, September, 2005

2005 has already seen spammers and virus writers become more shrewd, more malicious, more sophisticated and more hungry for commercial gain. The potential damage that this will inflict on brand reputation, customer relationships, and capacity to run a business will continue to move IT security management further up the boardroom agenda - never has it been so important to get it right.

http://www.linuxsecurity.com/content/view/120398
 
  Hackers work to exploit latest Firefox flaw
  15th, September, 2005

Security researchers claim to have found ways to exploit a serious bug in Firefox and Mozilla Web browsers, a sign that attacks could be on the way. ... Disclosure of a flaw typically starts a race in the security community to exploit it. In the past few days, at least two security researchers have posted messages to popular security mailing lists claiming they have found ways attackers could take advantage of the vulnerability.

http://www.linuxsecurity.com/content/view/120394
 
  The Non-Wireless Wireless Network Monitoring System
  12th, September, 2005

This new Linux-based wireless intrusion detection system is aimed at stopping a network's security from being compromised by detecting the installation of unauthorized access points. The wireless detection system utilizes wireless drones to develop a wireless network solely to detect any wireless signals that emanate from within their workplace. By incorporating a GPS module the location of any intruding device can be pinpointed. A standard web interface allows the administrator to monitor network usage; the system uses e-mail and pop-up alerts to signal possible intrusions of the network.

http://www.linuxsecurity.com/content/view/120359
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Ottawa Linux Symposium: May get by with a little help from its friends
Black Hat 2014: How to crack just about everything
NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22
More Details of Onion/Critroni Crypto Ransomware Emerge
Is there Another NSA Leaker? Updated
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.