EnGarde Secure Linux: Why not give it a try?
EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
LinuxSecurity.com Feature Extras:
EnGarde Secure Community 3.0.5 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.5 (Version 3.0, Release 5). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.
pgp Key Signing Observations: Overlooked Social and Technical Considerations - While there are several sources of technical information on using pgp in general, and key signing in particular, this article emphasizes social aspects of key signing that are too often ignored, misleading or incorrect in the technical literature. There are also technical issues pointed out where I believe other documentation to be lacking. It is important to acknowledge and address social aspects in a system such as pgp, because the weakest link in the system is the human that is using it. The algorithms, protocols and applications used as part of a pgp system are relatively difficult to compromise or 'break', but the human user can often be easily fooled. Since the human is the weak link in this chain, attention must be paid to actions and decisions of that human; users must be aware of the pitfalls and know how to avoid them.
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Strengthen Security with an Effective Security Awareness Program | ||
12th, April, 2006
Awareness programs shouldn't be confused with training. Training deals with developing specific skill sets. The objective of awareness programs is to focus the attention of employees on maintaining the confidentiality, integrity, and availability of information assets. It allows them to recognize IT security concerns and respond appropriately (Wilson and Hash, 2003). |
||
| SearchSecurity.com's Intrusion Defense School | ||
14th, April, 2006
Your organization's ability to fend off spyware, viruses and increasingly savvier attacks hinges on the strength and cohesion of your intrusion defense strategy. Intrusion Defense School puts the pieces of intrusion defense -- antivirus, antispyware, IDS/IPS, etc. -- in perspective to help you implement a strategy that meets your organization's needs. |
||
| The weakest link in the security chain? You | ||
13th, April, 2006
Human error was responsible for nearly 60 per cent of information security breaches last year, a new study has found. According to the fourth annual CompTIA (Computing Technology Industry Association) study on information security and the workforce, released on Tuesday, this figure is significantly higher than the number in 2004, when 47 per cent of security breaches were blamed on human error alone. Despite the prominent role that human behaviour plays in information security breaches, just 29 per cent of the 574 organisations worldwide that participated in the survey said security training is a must for employees. Only 36 per cent of organisations offer security awareness training, the study found. |
||
| THC-IPV6 Attack Toolkit | ||
10th, April, 2006
A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. This code was inspired when I got into touch with IPv6, learned more and more about it - and then found no tools to play (read: "hack") around with. First I tried to implement things with libnet, but then found out that the ipv6 implementation is only partial - and sucks. I tried to add the missing code, but well, it was not so easy, hence I saved my time and quickly wrote my own library. |
||
| Security problems in Cisco devices | ||
11th, April, 2006
Cisco has published two security advisories to warn of problems in several of its devices. Products affected are Cisco ONS 15000 Series Common Control Cards, Cisco Transport Controller (CTC) and Cisco 11500 Content Services Switch. |
||
| Intro Build your own gateway firewall | ||
11th, April, 2006
Learn how to build your own gateway firewall using FreeBSD and old PC parts. The firewall will consist of the PF firewall, Snort IDS, various IPS applications, Squid proxy, and some intuitive web interfaces for auditing. The cost of this project should be between free and $200 depending on your resourcefulness. I built mine for free using spare parts that were stockpiled in personal storage and parts that the USMC was throwing away, but you can build one from used and/or new parts for dirt cheap. |
||
| DNS Cache Poisoning - The Next Generation | ||
11th, April, 2006
The old problem of DNS cache poisoning has again reared its ugly head. While some would argue that the domain name system protocol is inherently vulnerable to this style of attack due to the weakness of 16-bit transaction IDs, we cannot ignore the immediate threat while waiting for something better to come along. There are new attacks, which make DNS cache poisoning trivial to execute against a large number of nameservers running today. The purpose of this article is to shed light on these new attacks and recommend ways to defend against them. news/network-security/dns-cache-poisoning-the-next-generation-46564 |
||
| Hacking Network Printers | ||
11th, April, 2006
Hack a printer you say, what kind of toner have you been smoking, Irongeek? Well, I'm here to tell you, there’s more that can be done with a printer to compromise network security than one might realize. In the olden days a printer may not have been much of a concern other than the threat from folks dumpster diving for hard copies of the documents that were printed from it, but many modern printers come network aware with embedded Operating Systems, storage and full IP stacks. This article will attempt to point out some of the more interesting things that can be done with a network based printer to make it reveal information about its users, owners and the network it's part of. |
||
| The Enemy Inside | ||
13th, April, 2006
For many years external security threats received more attention than internal security threats, but the focus has changed. While viruses, worms, Trojans and DoS are serious, attacks perpetrated by people with trusted insider status†| ||
