Security on your mind?
Protect your home and business networks with the free, community version of EnGarde Secure Linux. Don't rely only on a firewall to protect your network, because firewalls can be bypassed. EnGarde Secure Linux is a security-focused Linux distribution made to protect your users and their data.
The security experts at Guardian Digital fortify every download of EnGarde Secure Linux with eight essential types of open source packages. Then we configure those packages to provide maximum security for tasks such as serving dynamic websites, high availability mail, transport, network intrusion detection, and more. The result for you is high security, easy administration, and automatic updates.
The Community edition of EnGarde Secure Linux is completely free and open source. Updates are also freely available when you register with the Guardian Digital Secure Network.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
LinuxSecurity.com Feature Extras:
EnGarde Secure Linux v3.0.7 Now Available - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.7 (Version 3.0, Release 7). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, several updated packages, and several new packages available for installation.
pgp Key Signing Observations: Overlooked Social and Technical Considerations - While there are several sources of technical information on using pgp in general, and key signing in particular, this article emphasizes social aspects of key signing that are too often ignored, misleading or incorrect in the technical literature. There are also technical issues pointed out where I believe other documentation to be lacking. It is important to acknowledge and address social aspects in a system such as pgp, because the weakest link in the system is the human that is using it. The algorithms, protocols and applications used as part of a pgp system are relatively difficult to compromise or 'break', but the human user can often be easily fooled. Since the human is the weak link in this chain, attention must be paid to actions and decisions of that human; users must be aware of the pitfalls and know how to avoid them.
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| U. Washington Crypto Course Now Online for Free | ||
5th, June, 2006
"Who wants to pay for Stanford's Crypto Course, when University of Washington has made the whole Cryptography Course available online for free. Yes, all the presentations, videos (mp3, WMV), homework, quizzes etc. are available online. The material seems pretty decent, and is intended for an advanced audience." |
||
| Cleaning up data breach costs 15x more than encryption | ||
7th, June, 2006
Protecting customer records is a magnitude less expensive than paying for cleanup after a data breach or massive records loss, a research company said Tuesday. Gartner analyst Avivah Litan said in a research note that data protection is cheaper than a data breach. She recently testified on identity theft at a Senate hearing held after the Department of Veterans Affairs lost 26.5 million vet identities. |
||
| A Comparison of SNMP v1, v2 and v3 | ||
5th, June, 2006
During its development history, the communities of researchers, developers, implementers and users of the DARPA/DoD TCP/IP protocol suite have experimented with a wide range of protocols in a variety of different networking environments. The Internet has grown, especially in the last few years, as a result of the widespread availability of software and hardware supporting this system. The scaling of the size and scope of the Internet and increased use of its technology in commercial applications has underscored for researchers, developers and vendors the need for a common network management framework within which TCP/IP products can be made to work. |
||
| Disaster Practice | ||
4th, June, 2006
When the British government wanted to test the resiliency of its financial institutions, it commissioned "an afternoon from hell". The buildup started on a Monday morning last November. First, there was a failure in the clearing systems used to transfer money between banks after routine systems maintenance. Then, terrorists staged a series of bomb attacks around Britain, causing hundreds of casualties in London and considerable damage to major financial centres. Around the same time, malicious hackers tried their best to break into the banks' systems. All in all, 'twas was a bad day. The disaster recovery simulation was organized by the Tripartite Authorities, a group comprising the Financial Services Authority, the UK Treasury Department and the Bank of England. |
||
| May's Security Streams | ||
5th, June, 2006
Here's May's summary of all the security streams during the month. This is perhaps among the few posts in which I can actually say something about the blog, the individual behind it, and its purpose, which is to - question, provoke, and inform on the big picture. After all, "I want to know God's thoughts... all the rest are details", one of my favorite Albert Einstein's quotes. The way we often talk about a false feeling of security, we can easily talk about a false feeling of blogging, and false feeling of existence altogether. It is often assumed that the more you talk, the more you know, which is exactly the opposite, those that talk know nothing, those that don't, they do. There's nothing wrong with that of refering to yourself, as enriching yourself through past experience helps you preserve your own unique existence, and go further. Awakening the full potential within a living entity is a milestone, while self preservation may limit the very development of a spirit -- or too much techno thrillers recently? :) |
||
| (IN)SECURE Magazine Issue 7 Has Been Released | ||
9th, June, 2006
(IN)SECURE Magazine is a free digital security magazine in PDF format. In this issue you can read about SSH port forwarding, server monitoring with munin and monit, compliance vs. awareness, and much more. Get your copy today! |
||
| Abandon E-mail! | ||
5th, June, 2006
Back in 1972, by some accounts, a new form of communication known as e-mail was born. It was a practical implementation of electronic messaging that was first seen on local timeshare computers in the 1960s. I can only imagine how much fun and revolutionary it must have been to use e-mail in those early years, to have been at the bleeding edge of the curve. Almost ten years later, in November 1981, Jonathan Postel published RFC 788 (later deprecated by RFC 821, also by Postel, and RFC 822 by David Crocker), thereby inventing the foundations of the Simple Mail Transport Protocol (SMTP) - a proposal that would revolutionize e-mail again. Since that time, e-mail has become as important an invention to the world as the telegraph and the telephone, and it has long been synonymous with the Internet itself. |
||
| Building a heterogeneous home network for Linux and Mac OS X | ||
8th, June, 2006
You can find plenty of information online about building heterogeneous networks involving Windows, but relatively little about connecting Macs with Linux PCs in a home or small office network. Mac OS X's Unix base, however, means there are plenty of good options for networking a Mac with a Linux PC, despite the relative lack of documentation. In this article, I'll discuss how to set up Mac-Linux printer and file sharing using NFS and SSH. |
||
| Security Without Firewalls: Sensible Or Silly? | ||
6th, June, 2006
For years, infosec experts have called the firewall a critical ingredient to security, whether it's in a large enterprise or on a home PC. But the San Diego Supercomputer Center (SDSC) has defied that logic with what some would consider surprising success. Abe Singer, computer security manager for the SDSC's Security Technologies Group, explained how companies can maintain strong firewall-free security at the 2006 USENIX Annual Technical Conference Thursday. He has also produced a presentation (.pdf) on the subject. |
||
| Standards In Desktop Firewall Policies | ||
7th, June, 2006
The idea of a common desktop firewall policy in any size organization is a very good thing. It makes responses to external or internal situations such as virus outbreaks or network-oriented propagation of viruses more predictable. In addition to providing a level of protection against port scanning, attacks or software vulnerabilities, it can provide the organizations local security team a baseline or starting point in dealing with such events. The purpose of this article is to discuss the need for a desktop firewall policy within an organization, determine how it should be formed, and provide an example of one along with the security benefits it provides an organization. |
||
| Users hit by multi-browser threat | ||
8th, June, 2006
Security vendors have warned of a flaw that affects an unusually broad cross-section of browsers -- Internet Explorer, Firefox and the Mozilla suite on Windows, Linux and Mac OS X -- and could be used to hoover up files from vulnerable systems. The problem is in the way the browsers implement scripting -- JavaScript in Firefox and Active Scripting in IE. Both browsers have a design error in which a script can cancel certain keystroke events when users are entering text. |
||
| UTM - Preparing for New Generation of Security Threats | ||
6th, June, 2006
Securing networks has rapidly taken center stage among most enterprises as the threat from increasingly sophisticated attacks becomes more complex and costly to manage. According to the research group IDC, enterprises worldwide spent an estimated $32.6Bn in 2005 on network security but are still faced with an ever-changing landscape of new security threats. Traditional network defense solutions such as firewalls and intrusion prevention devices must be supplemented by secure content management devices in order to block the full range of sophisticated attacks including viruses, spyware, spam and phishing. |
||
| Social Engineering, The USB Way | ||
7th, June, 2006
We recently got hired by a credit union to assess the security of its network. The client asked that we really push hard on the social engineering button. In the past, they'd had problems with employees sharing passwords and giving up information easily. Leveraging our effort in the report was a way to drive the message home to the employees. The client also indicated that USB drives were a concern, since they were an easy way for employees to steal information, as well as bring in potential vulnerabilities such as viruses and Trojans. Several other clients have raised the same concern, yet few have done much to protect themselves from a rogue USB drive plugging into their network. I wanted to see if we could tempt someone into plugging one into their employer's network. |
||
| Researchers eye machines to analyze malware | ||
8th, June, 2006
The reverse engineer--better known amongst security researchers by his nom de plume, Halvar Flake-- created an automated system for classifying software into groups, a process he believes for which machines are much better suited. Research using the system has underscore the sometimes-arbitrary decisions humans make in classifying malicious programs, he said. |
||
| The top five ways to prevent IP spoofing | ||
9th, June, 2006
The term "spoofing" is generally regarded as slang, but refers to the act of fooling -- that is, presenting a false truth in a credible way. There are several different types of spoofing that occur, but most relevant to networking is the IP spoof. Most types of spoofing have a common theme: a nefarious user transmits packets with an IP address, indicating that the packets are originating from another trusted machine. |
||
| How To Analyze HijackThis Logs | ||
5th, June, 2006
HijackThis is a free tool developed by Merijn Bellekom, a student in The Netherlands. Spyware removal software such as Adaware or Spybot S&D do a good job of detecting and removing most spyware programs, but some spyware and browser hijackers are too insidious for even these great anti-spyware utilities. HijackThis is written specifically to detect and remove browser hijacks, or software that takes over your web browser, alters your defaut home page and search engine and other malicious things. |
||
| How-To: Back-up your blog (Linux) | ||
7th, June, 2006
Bad things happen. If you've ever worried that the over caffeinated tech might spill his latte down your web server, then today's How-To will help you out. Forgetting to back up your blog (or your website) is something that isn't a big deal until you need it -- like backing up anything, really. But your blog's files and databased aren't really so simply accessible as the files on your PC, so today we're showing you how to automatically back up your blog (or website) with some freely available tools that will use a minimum amount of your precious bandwidth. |
||
| EnGarde Secure Community 3.0.7 | ||
6th, June, 2006
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.7 (Version 3.0, Release 7). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, several updated packages, and several new packages available for installation. |
||
| Symantec to Port Veritas Storage Software to IBM Linux Platform | ||
8th, June, 2006
Software security and storage specialist Symantec June 7 announced an agreement with IBM to port its Veritas Cluster Server, Veritas Storage Foundation family and NetBackup recovery technology to IBM's Linux on POWER platform, opening a new door to the open-source enterprise storage market. |
||
| Announcement: RSBAC 1.2.7 | ||
9th, June, 2006
The RSBAC team is happy to announce that RSBAC 1.2.7 has just been released for both kernels 2.4.32 and 2.6.16. |
||
| Non-standard Incident Prediction | ||
5th, June, 2006
We are all familiar with the use of firewall logs, intrusion detection alerts, antivirus warnings, and watching for "funny" entries in our system logs as ways to indicate that somebody on the Internet is up to no good. But those traditional detection systems don't do any good against attacks that are not oriented on one of the traditional seven layers of the OSI model. |
||
| The Enterprise Gets Googled | ||
5th, June, 2006
On February 14, 2006, many Google e-mail users received an unexpected Valentine's Day present. When they logged in to their accounts, there it was: instant messaging, fully integrated with their e-mail system. Gmail users could now chat in the same browser window as their inbox. Just as with e-mail, the system would save a transcript of every chat and, better yet, the text of archived transcripts would be searchable. There was nothing to download, nothing to install. |
||
| Spyware infections spreading, security expert says | ||
5th, June, 2006
Spyware programs are increasing in number and growing in sophistication to avoid detection, making it harder to guard against infections and more costly to repair their damage, according to a security expert whose company tracks them on a regular basis. |
||
| Open source consortium addresses security | ||
5th, June, 2006
The Open Web Application Security Project (OWASP) has announced the availability of a process guide that it hopes will help a broad range of developers incorporate security into the software application development lifecycle (SDLC). |
||
| Fundamentals of Storage Media Sanitation | ||
6th, June, 2006
One of the most fundamental principles of information security is that it’s all about the data. Data in transit or at rest is the primary focus of administrative, physical, and technical safeguards. Security professionals are doing better every day when it comes to protecting information in static production environments. But what happens when magnetic, optical, or semiconductor media is repurposed or retired? In this paper, I define media sanitation and how it fits into an overall security program. Next, I examine how attackers can extract information from electronic media†| ||
