Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: February 4th, 2008
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Phishers use DNS Tricks to Direct Users to Bad Sites," "Bruce Schneier at LinuxConf AU," and "Celebrity Advice on Keeping Your Linux Desktop Security."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
OS Tool of February: Nmap! - This February, the team at Linuxsecurity.com has chosen NMAP as the OS Security Tool of the Month!
In January, we chose GnuPG in part because it had just celebrated its 10th anniversary. Well, it wasn't alone. As of this past December Nmap ("Network Mapper"), the free and open source utility for network exploration and auditing, celebrated its 10th Anniversary as well! And because of its popularity, chances are very good that you've already used NMAP for quite some time. Even if you have, it's always good to take a look at how it all got started and what it's all about...
HowTo: Secure your Ubuntu Apache Web Server - Setting up a web server with Apache on a Linux distribution is a very quick process, however to make it a secure setup takes some work. This article will show you how to make your Apache web server more secure from an attack by effectively using Access control and authentication strategies.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
Phishers use DNS Tricks to Direct Users to Bad Sites (Feb 1)
San Francisco - The latest information on phishing indicates that fraudsters are increasingly using malicious software to direct users to their deceptive sites. The Anti-Phishing Working Group (APWG) said in a new report Thursday that it saw a sharp rise in November in malware that directs users to DNS servers controlled by phishers.
DNS servers play a crucial role in locating Web sites. The servers translate a domain name into an IP address, enabling a Web site to be located and accessed through a browser.
What can be done to increase DNS security? With how visible DNS servers are and how important they are to the internet can we ever fully protect them from miss use?
Linux.conf.au kicked off its main proceedings in Melbourne on Wednesday morning with a stark message from security guru Bruce Schneier: "When security companies give you cost justifications, they're complete bull@#&&."
And so begins what is, as always, a great piece of commentary on the overall nature of security and the problems that are derived from the gap between perceived security and real security. Read on....
Celebrity Advice on Keeping Your Linux Desktop Secure (Jan 28)
What do Linus Torvalds, Ted Ts'o, Fyodor (creater of NMAP) and Andrew Morton have in common? They are all celebrity's in the world of Linux, and just like everyone else, they have to worry about security too. But each one has something different to say on their security.
Torvalds: "My firewall rules are also pretty anal. I basically try to not let anything in. Not even SSH; when I'm traveling, I simply cannot log into my normal machines. And I don't..."
Ts'o: "...has been running Linux on his desktop without a firewall for years."
Morton: "I rely upon a little Netgear router not having any bugs in it, and everything behind that router is just out-of-the-box distro code with various security features disabled when they start to irritate me."
Fyodor: "Update your software frequently. Most modern distributions make it easy to install updates (including security patches) for packages installed on your system..."
