Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Review: Linux Firewalls - Security is at the forefront of everyone's mind and a firewall can be an integral part of your Linux defense. But is Michael's Rash's "Linux Firewalls," the newest release from NoStarchPress, up for the challenge? Eckie S. here at Linuxsecurity.com gives you the low-down on this newest addition to the Linux security resource library and how it's one of the best ways to crack down on attacks to your Linux network.
State of Linux Security Survey - It is customary for communities of every sphere to stand up occasionally, and take a good, long look at what’s going on in the world around them. For us here at Linuxsecurity.com, we felt it was a great opportunity to put it all together.
Since 1996, Linuxsecurity.com has been bringing open source news, HOW-TOs, Feature stories and more to the open source community with comprehensive coverage. As one of the veterans in this area, we’d like to see you chime in. With so much going on in Linux and security, what does the community really care about?
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community v3.0.17 Now Available (Oct 9)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.17 (Version 3.0, Release 17). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce.
Just how much is security, especially in high-demand Government sectors, going to be driven and how is SELinux going to play a part?
This is a very interesting analysis on how SELinux has the opportunity to be so effective at locking down a system, it could devalue the current break up of security solutions.
Interest in multi-level security in the intelligence and Defense agencies seems to be high right now, because it would allow analysts to access networks of multiple security levels with one machine. Now (so we hear) analysts may have two or three PCs in their office, one for each security level.
The case he makes is that SELinux has the potential to negate these different levels and systems. Could SELinux have that kind of effect or are high-demand users still going to expect multiple systems?
Know Your Enemy: Behind the Scenes of Malicious Web Servers (Nov 8)
In our recent KYE paper on malicious web servers, we identified several hundred malicious web servers. These servers launched, so-called drive by downloads, that allowed them to gain complete control of the client machine without the consent or notice of the user, who merely visited the malicious web server with his (vulnerable) web browser. In our study, we analyzed a large number of web servers with our client honeypot Capture-HPC, which allowed us to assess whether a server was malicious, then inspect the exploit code that was sent to the client and the potential malware downloaded. However, many questions remained unanswered:
It's a good idea to keep up with the latest security research. This article talks about what researchers learned by implementing a web server honeypot. Do you think honeypots are a good way for learning about the latest security threats?
This document describes how to set up a chrooted SSH/SFTP environment on Fedora 7. The chrooted users will be jailed in a specific directory where they can't break out. They will be able to access their jail via SSH and SFTP.
Do feel using a chroot environment helps in protecting your Linux box? It can protect your system by having chrooted users unable to effect anything thing else expect for their own environment. Have you used chroot for security, if so do you use it every time you add a new user?
Red Hat working on JBoss security certification (Nov 7)
In the world of security certifications, the Common Criteria is one of the strongest ways that a company can look to gain business from Government agencies. It acts as a great way to gain international business as well.
And as of Thursday, the Red Hat announced that they will be seeking the same certification (but different level) for their Java software, JBOSS.
What are you thoughts on the effectiveness of Common Criteria certifications on actual security, versus as a business and marketing tool?
Who’s on first? Wireless network security with Linux (Nov 6)
As hardware gets cheaper, faster and smaller, our information will continue to be subjected to previously untested standards of mobility and susceptibility.
So, that in mind, where exactly does Linux fit into the mobile security landscape? Well, ITWire gives us a look by going through on:
how to build monitoring in from the onset along with some great open-source tools.
A good overview on wireless security in general, and with some great detail on SSID problems, DOS attacks and solutions like EtherApe.
Syslog is a clear-text protocol. That means anyone with a sniffer can have a peek at your data. In some environments, this is no problem at all. In others, it is a huge setback, probably even preventing deployment of syslog solutions. Thankfully, there is an easy way to encrypt syslog communication. I will describe one approach in this paper.
Do you use Syslog? Have you thought about encrypting the logs which are being forwarded over the network? Protecting your logs is an important security practice.
