Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: February 2nd, 2009
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Transaction Signatures (TSIG) Configuration," and "PostgreSQL Team Soliciting Security Insight."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Review: Googling Security: How Much Does Google Know About You - If I ask "How much do you know about Google?" You may not take even a second to respond. But if I may ask "How much does Google know about you"? You may instantly reply "Wait... what!? Do they!?" The book "Googling Security: How Much Does Google Know About You" by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself.
A Secure Nagios Server - Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
Linux BIND 9 Security: Transaction Signatures (TSIG) Configuration (Jan 27)
Vivek Gite submitted a nice article on implementing TSIG in BIND:
Transaction signatures (TSIG) is a mechanism used to secure DNS messages and to provide secure server-to-server communication. This includes zone transfer, notify, and recursive query messages. TSIG uses shared secrets and a one-way hash function to authenticate DNS messages, particularly responses and updates.This tutorial discusses the security mechanisms implemented in BIND v8.2+ / v9.x to secure DNS messages and name servers Click-through to read more!
PostgreSQL Team Soliciting Security Insight (Jan 26)
This message came across my INBOX this weekend:
The PostgreSQL community is considering including security enhancements in Postgres 8.4, e.g. row-level permissions and SE-Linux security. However, to evaluate the patch and its usefulness, we need security experts who want to use this capability or have used it in other databases.
If you use PostgreSQL and are interested in contributing in the discussion, click-through to read more!
