General Esm W900
This week, perhaps the most interesting articles include "Web Application Attack and Audit Framework," "Securing SSH Using Denyhosts," and "."

Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.

In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments.

LinuxSecurity.com Feature Extras:

    Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it. with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

Honeypots as Sticky as Ever
25th, August, 2007

Longtime readers of my column know what a honeypot proponent I am. I run several around the world, collecting information on malware and malicious hackers, and I think every company should have one. I find honeypots quit interesting because you can see what attackers are trying to do but, how useful are they? If system administrators implemented strong security measures then are honeypots useful to them? I feel honeypots should only be used for computer security researchers.

w3af - Web Application Attack and Audit Framework
22nd, August, 2007

A pretty cool tool was released a while back called w3af ( Web Application Attack and Audit Framework ), a fully automated auditing and exploiting framework for the web. This framework has been in development for almost a year and has the following features: W3af has the features that you would expect from a application audit tool. I definitely see why we need to use tools like this one since, websites are very vulnerable to attack. However, without a skilled developer fixing the vulnerabilities which the tool is alerting us to then the tool is useless in helping secutity.

news/network-security/w3af-web-application-attack-and-audit-framework-15556
Secure Your Email with Encryption
23rd, August, 2007

Corporate espionage is big business these days. So it makes sense to deploy some kind of encryption system to ensure that prying eyes can