Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: January 12th, 2009
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Clam Anti-Virus On Ubuntu," "Choosing A Secure Password," and "Tools To Delete Files Securely In Ubuntu Linux."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Review: Googling Security: How Much Does Google Know About You - If I ask "How much do you know about Google?" You may not take even a second to respond. But if I may ask "How much does Google know about you"? You may instantly reply "Wait... what!? Do they!?" The book "Googling Security: How Much Does Google Know About You" by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself.
A Secure Nagios Server - Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
There are quite a few anti-virus packages that work with Linux, such as ClamAV, AVG, Avast!, Panda, NOD32, Avira, F-Prot, Kaspersky, eScan and Sophos. I got these names from a quick Google search and it may not be an exhaustive list. Most of those packages are proprietary, some are free and open source. Many of them charge licence fees. However, this article is about ClamAV, so lets get on with it!
Have you ever thought about using an Anti-Virus software on your Linux machine? This article takes a look at one popular one called ClamAV. Do you use any others?
Here is my question: Are "cyEma7;IkmH!" or "hot1BA-Bitso69" secure passwords? Yes definitely, but who (the hell) can remember it! YOU WILL - after reading this article! Your passwords play a crucial role in protecting your computing accounts and the personal information that can be accessed through them. One of the problems with passwords is that users forget them. For that reason people use simple password phrases like their dog's name, their kid's first name and birthdates, the name of the current month or everything in different combinations.
I feel that secure passwords are one of the most important security practice any computer user can do. What do you think? How secure and useful are your passwords?
Tools To Delete Files Securely In Ubuntu Linux (Jan 7)
Deleting a file or reformatting a disk does not destroy your sensitive data. The data can easily be undeleted. That's a good thing if you accidentally throw something away, but what if your trying to destroy financial data, bank account passwords, or classified company information. In this article you will learn number of tools to delete files securely in ubuntu Linux.
Did you ever need to reformat your hard drive? Are you sure that your data can't be recovered by anyone? If not this article looks at some tools to make sure what you deleted can't be recovered using Ubuntu.
Version 2.6.28 of the Linux kernel was released during Christmas, so I thought it'd be worthwhile waiting until after typical vacation days to post a summary of changes to the security subsystem. As always, thanks to the Kernel Newbies folk who track major kernel changes. Serge Hallyn added a dummy policy for SELinux to the kernel tree. This is useful for testing SELinux and a base for building minimal and experimental security policies.
Have you noticed some of the security changes to the latest upstream Linux kernel? Read on for more information on these changes.
Firstly, allow me to recap. A couple of days ago, I reported a presentation at the Chaos Computer Club conference in Berlin which outlined a major problem with the way Certificate Authorities handle message hashing, essentially this attack relied on well-known problems with the MD5 hash algorithm.
Problems based on hash collisions, which were previously considered to be theoretical having been discovered in 2004, were now well-lodged within the domain of reality.
Have you heard about the news about the reported problem with how Certificate Authorities are handling message hashing? Read on for more information on some security issues with the current Certificate Authorities.
