EnGarde Secure Linux: Why not give it a try?
EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
ARC: A Synchronous Stream Cipher from Hash Functions
By: Angelo P. E. Rosiello and Roberto Carrozzo
Abstract
We consider a simple and secure way to realize synchronous stream cipher from iterated hash functions. It is similar the OFB mode where underlying block algorithm replaced with keyed function, adopting secret suffixx method[20]. analyzed key, keystream necessary properties assume function for be considered secure. Motivated by our analysis conjecture that most effcient break proposed or through exhaustive search keyspace K of bits, requires O(2k) operations. Keywords : cipher, keystream, one-time pad cryptosystem, function. >
1.1 Algorithm Requirements
The algorithm should have a flat keyspace allowing any random bit string to be a possible key.
The algorithm should make easier the key-management for software implementations.
The typed password should not become directly the key, else the actual keyspace is limited to keys constructed with the 95 characters of printable ASCII.
The algorithm should be easily modifiable satisfying minimum or maximum requirements.
Moreover, according to basic engineering software theories, the algorithm does not have to bind developers with static u se of pre-defined logical block functions, but it is important to let wide alternatives during the implementation of the software[13, 17].
The algorithm should be simple to code, otherwise programmers could make implementation mistakes if the structure is too complicated[13].
1.2 Areas of Application
Nowadays encrypting information has become a 'must', which means that a good crypto algorithm must give to the community the possibility to manage safe data.
Practical applications pertain to:
- Bulk Encryption: data files or a continuous data stream (e.g. important
information saved on hardisks such as databases or any kind of secret document);
- Data Transmission: a lot of communication mediums need a secure way to crypt
exchanged information (e.g. Internet packets, wireless connections, radio
signals, etc.);
- Small Encryption: banks and commercial companies need secure encryption methodologies to interact with customers by small encryption technologies. Definitely, a good algorithm should be suitable for lots of disparate situations.
Read Full Paper
/images/stories/arc-hash.pdf
LinuxSecurity.com Feature Extras:
EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New gpdf packages fix several vulnerabilities | ||
| 27th, February, 2006
Updated package. advisories/debian/debian-new-gpdf-packages-fix-several-vulnerabilities |
||
| Debian: New pdftohtml packages fix several vulnerabilities | ||
| 28th, February, 2006
Updated package. advisories/debian/debian-new-pdftohtml-packages-fix-several-vulnerabilities |
||
| Debian: New tutos package fixes several vulnerabilities | ||
| 2nd, March, 2006
Updated package. advisories/debian/debian-new-tutos-package-fixes-several-vulnerabilities |
||
| Debian: new bmv packages fix arbitrary code execution | ||
| 2nd, March, 2006
Updated package. advisories/debian/debian-new-bmv-packages-fix-arbitrary-code-execution |
||
| Debian: New xpdf packages fix several problems | ||
| 2nd, March, 2006
Updated package. advisories/debian/debian-new-xpdf-packages-fix-several-problems |
||
| Fedora | ||
| Fedora Core 4 Update: module-init-tools-3.2-0.pre9.0.FC4.4 | ||
| 23rd, February, 2006
This module-init-tools adds a stub /etc/modprobe.conf.dist which is included by older /etc/modprobe.conf config files. This avoids the printing of a warning Matrox framebuffer modules are also not autoloaded with this version. advisories/fedora/fedora-core-4-update-module-init-tools-32-0pre90fc44-11-07-00-121727 |
||
| Fedora Core 4 Update: udev-071-0.FC4.3 | ||
| 23rd, February, 2006
Updated package. advisories/fedora/fedora-core-4-update-udev-071-0fc43-11-08-00-121728 |
||
| Fedora Core 4 Update: gnupg-1.4.2.1-3 | ||
| 24th, February, 2006
The previous update, to version 1.4.2.1, could produce errors when gpg attempted to read certain keyrings produced by earlier versions of GnuPG. This update includes a fix for that bug. advisories/fedora/fedora-core-4-update-gnupg-1421-3-11-17-00-121740 |
||
| Fedora Core 4 Update: gawk-3.1.4-5.4 | ||
| 24th, February, 2006
Updated package. advisories/fedora/fedora-core-4-update-gawk-314-54-11-17-00-121741 |
||
| Fedora Core 4 Update: util-linux-2.12p-9.14 | ||
| 27th, February, 2006
Updated package. advisories/fedora/fedora-core-4-update-util-linux-212p-914-11-44-00-121759 |
||
| Fedora Core 4 Update: dhcp-3.0.2-34.FC4 | ||
| 1st, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-dhcp-302-34fc4-17-15-00-121787 |
||
| Fedora Core 4 Update: system-config-netboot-0.1.38-2_FC4 | ||
| 1st, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-system-config-netboot-0138-2fc4-17-16-00-121788 |
||
| Fedora Core 4 Update: xterm-208-2.FC4 | ||
| 1st, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-xterm-208-2fc4-17-17-00-121789 |
||
| Gentoo | ||
| Gentoo: GraphicsMagick Format string vulnerability | ||
| 26th, February, 2006
A vulnerability in GraphicsMagick allows attackers to crash the application and potentially execute arbitrary code. |
||
| Gentoo: noweb Insecure temporary file creation | ||
| 26th, February, 2006
noweb is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files. |
||
| Mandriva | ||
| Mandriva: Updated metamail packages fix vulnerability | ||
| 23rd, February, 2006
Ulf Harnhammar discovered a buffer overflow vulnerability in the way that metamail handles certain mail messages. An attacker could create a carefully-crafted message that, when parsed via metamail, could execute arbitrary code with the privileges of the user running metamail. |
||
| Mandriva: Updated mplayer packages fix integer overflow vulnerabilities | ||
| 24th, February, 2006
Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. The updated packages have been patched to prevent this problem. |
||
| Mandriva: Updated squirrelmail packages fix vulnerabilities | ||
| 27th, February, 2006
Webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS. (CVE-2006-0188) |
||
| Mandriva: Updated unzip packages fix vulnerabilities | ||
| 28th, February, 2006
A buffer overflow was foiund in how unzip handles file name arguments. If a user could tricked into processing a specially crafted, excessively long file name with unzip, an attacker could execute arbitrary code with the user's privileges. |
||
| Mandriva: Updated gettext packages fix temporary file vulnerabilities | ||
| 28th, February, 2006
The Trustix developers discovered temporary file vulnerabilities in the autopoint and gettextize scripts, part of GNU gettext. These scripts insecurely created temporary files which could allow a malicious user to overwrite another user's files via a symlink attack. The updated packages have been patched to address this issue. |
||
| Red Hat | ||
| RedHat: Moderate: tar security update | ||
| 1st, March, 2006
An updated tar package that fixes a buffer overflow bug is now available for Red Hat Enterprise Linux 4. This update has been rated as having Moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-tar-security-update-30717 |
||
| SuSE | ||
| SuSE: Subject: [suse-security-announce] SuSE Security Announcement: heimdal (SUSE-SA:2006:010) | ||
| 24th, February, 2006
Updated package. |
||
| SuSE: Subject: [suse-security-announce] SuSE Security Announcement: heimdal (SUSE-SA:2006:011) | ||
| 24th, February, 2006
Updated package. |
||
| SuSE: kernel various security problems | ||
| 27th, February, 2006
Updated package. |
||
| SuSE: gpg,liby2util signature checking | ||
| 1st, March, 2006
Updated package. |
||
