Linux Security Updates: OpenSSL Validation and AVG Antivirus on Ubuntu

The BOSSIES, or Best of Open Source Software awards, are a yearly ranking of some of the highest ranked open source tools and projects. In this year's Security category, they included many, but not all, of the best tools. And although they didn't, it is, as always a great overview of what's going on in the industry. Standard winners include Snort for Intrusion detection, Nessus for scanning, ClamAV for Anti-virus, other old-timers, and a couple of new comers. But what about the manual?

When the Open Source Software Institute (OSSI) sought Federal Information Processing Standards (FIPS) 140-2 validation for its OpenSSL toolkit last year, it was anything but smooth sailing. OSSI has just submitted a new OpenSSL update for FIPS validation but, according to Executive Director John Weathersby, things are bound to go much more smoothly this time around. OpenSSL, allows programs to securely exchange data over a network. The reason that it took so long was they had complaints about the validity of the code base. Another part of this article which should be noted is government agencies are starting to consider using OpenSSL as a data exchange solution. Have you tested out the new OpenSSL update yet?

news/cryptography/all-systems-go-for-validation-of-updated-openssl-module

This tutorial shows how you can install and use AVG Antivirus on an Ubuntu Feisty Fawn desktop. Although there aren't many Linux viruses out there, this can be useful if you often exchange files with Windows users - it can help you to not pass on any Windows viruses (that don't do any harm to Linux systems) to Windows users. When I think about virus scanning for desktops I think about a windows machine not a Linux machine. But as Linux and particularly Ubunutu becomes increasingly more popular so too we will see more viruses targeting Linux. However it's good to know that we have opensource virus scanners that we can use. Do you use a virus scanner on your Linux machine?

news/network-security/virus-protection-with-avg-antivirus-on-ubuntu

There are now people who create programs that make it easier for other people to create programs that make money. Don't worry, you read that right. This article reports on the business of making commercial malware / spamming software. For just around $200, you yourself can have programs that exploit Firefox, Internet Explorer, and Quicktime in an effort to spread your spam as quickly and easily as possible. There are now concentrated efforts in coding these shiny, plug and play spam generators. Have we gotten to the point of "if you can't beat 'em, join 'em"?

news/vendors-products/financially-motivated-malware-thrives

There's a lot of magic that goes on behind the scenes when you do a full Nessus vulernability scan. However, how are you exactly trust that report about your OpenSSH server being vulnerable? Is it just relying on version numbers and not considering patches? The Nessue 3 Unix scanners allow you to save packet dumps of your scans in libpcap compatible files, allowing you to view them under TCPDUMP or Wireshark for your convenience. Now you can go into greater analysis of what exactly was used to scan your server rather than a text message of "scanned". Read on for even more benefits to saving the packet data of your scans!

news/vendors-products/creating-packet-traces-of-nessus-scans

There are two ways to allow / restrict system login to specific user groups only. The simplest method is to use a PAM module called pam_listfile.so. Another option is to use login access control table. Locking down system login access is very important task if you need a secure system. Restricting access is very important to security. This article explains how to use the pam_listfile.so to restrict access to only certain groups. My question is it possible to take this one step further and state which groups can login to which services like ftp or ssh using PAM?

When I started using GNU/Linux eight years ago, I was dumbfounded to encounter Debian users who started their day by upgrading their entire system. Yet now, with the updaters that sit in the notification trays of recent GNOME and KDE-based distributions, I realize that these daily upgraders were not daredevils, but pioneers in the idea that all upgrades are desirable. On my Linux desktop I have my updater automatically install updates. One reason I do so is to keep the installed packages up-to-date with the latest security patches. This article started to make me think about if I should be checking the updates before downloading and installing them. Do you have automatic updates configured?

Tresys have released new versions of SLIDE (announcement) and SETools (announcement). The new SLIDE release (v1.2) includes a network configuration GUI, usability improvements and bugfixes, while the new version of SETools (v3.3.1) is a minor bugfix release. I have recently tested out SLIDE a SELinux development plug-in for Eclipse. I found that the plug-in gives the user at lot of information about the policy which is being developed on. After using it I have been thinking about doing all myy SELinux development on SLIDE instead of vi. What tools do you use for your policy hacking?

KaiGai Koehi has announced the first release of SE-PostgreSQL, with RPMS available for Fedora 7, and documentation in Japanese and English. Security-Enhanced PostgreSQL (SE-PostgreSQL) is a security extension built into PostgreSQL. I am happy to see projects like this one. I wonder if other projects are going to pop up similar to this one?