Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: October 6th, 2008
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Protect Your Network With pfSense Firewall/Router," "Simplify System Security With the Uncomplicated Firewall," and "Setting Up Your Own Certificate Authority with GnoMint."
Norwich University's Master of Science in Information Assurance
(MSIA) program, designated by the National Security Agency as providing academically excellent education in Information Assurance, provides you with the skills to manage and lead an organization-wide information security program and the tools to fluently communicate the intricacies of information security at an executive level.
Learn more
LinuxSecurity.com
Feature Extras:
Never Installed a Firewall on Ubuntu? Try Firestarter - When I typed on Google "Do I really need a firewall?" 695,000 results came across. And I'm pretty sure they must be saying "Hell yeah!". In my opinion, no one would ever recommend anyone to sit naked on the internet keeping in mind the insecurity internet carries these days, unless you really know what you are doing.
Read on for more information on Firestarter.
Review: Hacking Exposed Linux, Third Edition - "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community 3.0.20 Now Available (Aug 19)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.20 (Version 3.0, Release 20). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce.
Protect Your Network With pfSense Firewall/Router (Oct 3)
pfSense is a free, powerful firewall and routing application that allows you to expand your network without compromising its security. Started in 2004 as a child project of m0n0wall -- a security project that focuses on embedded systems -- pfSense has had more than 1 million downloads and is used to protect networks of all sizes, from home offices to large enterprises. pfSense has an active development community, and more features are being added in each release to further improve its flexibility, scalability, and, of course, security.
Have you considered using an open source firewall/router solution for securing your network traffic? Check out the features and performance of a free open source firewall/router solution in this informative article.
Simplify System Security With the Uncomplicated Firewall (Oct 2)
The Uncomplicated Firewall (UFW) is a new tool from Ubuntu whose goal is to make configuration of the built-in Linux packet filter less complicated and more secure for novice users. You must run UFW commands as root, so in Ubuntu, you must preface them with the sudo command. With UFW, enabling and disabling packet filtering is a simple matter of issuing the sudo ufw enable and sudo ufw disable commands. You set the default policy for filtering packets by running the sudo ufw default command and passing the allow or deny argument, depending on what you want to achieve. If you issue the sudo ufw default allow command, all incoming packets will be allowed by default, creating a very unsecure packet filter but giving you the broadest range of allowed services.
Have you tested the new Firewall tool from Ubuntu that says that it makes packet filtering easier? There are tons of GUI firewall tools who's goal is to make it easy for novice users. So my question is why do we need another one?
Prominent Web Sites Have Serious Coding Flaw (Oct 1)
Cross-site request forgery flaw on several prominent Web sites allows an attacker to perform actions on behalf of a victim who is already logged into the site Two Princeton University academics have found a type of coding flaw on several prominent Web sites that could jeopardize personal data and in one alarming case, drain a bank account.
The type of flaw, called cross-site request forgery (CSRF), allows an attacker to perform actions on a Web site on behalf of a victim who is already logged into the site.
Have you hear about the news that two Princeton University academics have published security flaws in some high traffic sites? Why do you you think these sites are taking their time in fixing the problem?
Setting Up Your Own Certificate Authority with GnoMint (Sep 30)
gnoMint is a desktop application that lets you easily manage your own certificate authority (CA). Many secure communications technologies use digital certificates to ensure that the party or service they are connecting with is not an impostor. For many people, the main exposure to digital certificates comes when they visit an HTTPS Web site and see a certificate to validate that they have contacted the right Web server.
Have you ever used gnMint? This program tries to help make managing your own certificates easier. Test it out and let use know what you think.
Devil-Linux Bundles Router/Firewall and Server in One Live CD (Sep 29)
Devil-Linux might sound hellish for a Linux distribution, but this live CD offers many blessings for your server needs. Originally developed as a router/firewall distribution, Devil-Linux has expanded its functionality to include nearly every service that a server might offer. It can function as an LDAP server, a VPN server, an email or file server, and more.
As stated in the documentation, Devil-Linux runs directly from a CD or DVD-ROM only, so you don't need to install anything to a hard disk -- just keep the Devil-Linux configuration files that automate the configuration upon reboot on a diskette or USB drive. Since access to the live CD is read-only, it's impossible to install rootkits or other malicious software to the distribution.
Setting up a home firewall can be a great way to protect your network. This article looks at one Linux distro that is designed to be used as a firewall. What do you Devil-Linux for your home network's firewall?
