LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: April 25th, 2011 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.

Book Review: Linux Kernel Programming - As Linux is implemented on increasingly wider number of devices, the number of people responsible for developing and maintaining Linux on those platforms have increased. As the level of maturity of the kernel increases, so does the complexity, capabilities, and size. This book provides the Linux programmer the tools necessary to understand the core aspects of the kernel and how to interface with it.


  EnGarde Secure Community 3.0.22 Now Available!
 

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.

  Worst Computer ‘Hacker' in U.S. History Reveals He Was Paid Informant (Apr 22)
 

In 2008 Albert Gonzalez was charged with committing the largest cyber crime in U.S. history. Today, Gonzalez claims the Secret Service, with whom he was working as a paid informant, sanctioned his actions. An examination of the facts seems to validate his claims that he is a scapegoat used to protect far deeper conspiracies.

  Build Powerful Linux Firewalls with Firewall Builder (Apr 19)
 

Fwbuilder is a unique graphical firewall tool that allows the user to create objects and then drag and drop those objects into firewalls, to build a powerful security system for a single PC or a network of PCs. Fwbuilder supports a wide range of firewalls (Cisco ASA/PIX, Linux iptables, FreeBSD's ipfilter, OpenBSD's pf, and more), so its rules can be deployed on multiple platforms.

  Knockd, to secure your ports on Linux (Apr 19)
 

Today, I'll show you how to use knockd to improve the security of your linux server, the more common use that i've saw so far is: "I'd like to connect on port 22 (ssh) but i don't want to leave to port open for everyone..and i've a dynamic IP". In these cases you can close the ports and use knockd to knock on the ports of your Linux box and let you in.

  SQL injection: why can't we learn? (Apr 20)
 

Recently we have been all witnesses of two high profile incidents where the attackers exploited SQL injection vulnerabilities: the now infamous HBGary Federal hack and the Barracuda Networks hack. What's even more worrying about these two incidents is that they happened to companies which are information security consultants/product developers.

  Live Hacking Team Release Updated Linux Distro for Penetration Testing (Apr 22)
 

The Live Hacking project, led by Dr. Ali Jahangiri, is pleased to announce an updated version of its security orientated Linux distribution the "Live Hacking DVD". Designed for penetration testing and ethical hacking, the new release has updated over 140 packages including Metasploit and Firefox.

  Where's my tinfoil hat? (Apr 21)
 

OK. This column may make me sound like I'm about to make a hat out of tinfoil but bear with me because my paranoia is completely justified. I know the truth and it's not "out there" as in "The X-Files," it's right here and it's a harsh reality that people really don't want to admit to: The reality is that there is no real privacy any more.

  "HTTPS Now" campaign launched to protect internet security (Apr 21)
 

The San Francisco based Electronic Frontier Foundation (EFF) citizens' rights organisation and the Access digital freedom organisation have announced the launch of new international campaign. Called "HTTPS Now", the campaign is aimed at rallying consumers from around the globe to take an active role in making web surfing safer and more secure.

  The Usability of Passwords (Apr 18)
 

Security companies and IT people constantly tells us that we should use complex and difficult passwords. This is bad advice, because you can actually make usable, easy to remember and highly secure passwords. In fact, usable passwords are often far better than complex ones.

  Top Federal Lab Hacked in Spear-Phishing Attack (Apr 20)
 

The Oak Ridge National Laboratory was forced to disconnect internet access for workers on Friday after the federal facility was hacked, and administrators discovered data being siphoned from a server.

  A hardened approach to system security (Apr 18)
 

Primarily a Windows article, but good general security ideas as well. "Glenn Phillips, president of Pelham, Ala.-based Forté, says that the dedicated Windows workstations his company sells to hospital emergency room administrators must not only be secure, but absolutely tamperproof as well. After all, lives depend on the machines' flawless operation."

  Facebook adds two-factor authentication, other new security features (Apr 21)
 

Just a day after security firm Sophos publicly took Facebook to task for lacking important security features, the social network has added some new security elements in what it says is an effort to "make Facebook a more trusted environment ."

  SourceFire Adds FirePOWER to IPS (Apr 19)
 

Sourcefire, Inc. (Nasdaq: FIRE) is accelerating its Intrusion Prevention System (IPS) portfolio this week with the help of FirePOWER.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Removes SSLv3 Fallback Support From Chrome
Hacker Lexicon: What Is End-to-End Encryption?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.