LinuxSecurity.com

Apache and Setting Up SSL

Tue, 14 Oct 2008 08:20:32 +0000

LinuxSecurity.com: The self-signed certificate is a certificate that you can create yourself that will provide SSL encryption but without the verification of your website from an outside source. The outside verification does cost money. In other words, you can get the protection you need, encryption by doing it yourself. One thing to note, if you are taking people's credit card information then you will need to get a signed certificate as a warning appears when you are using self-signed certificates. Have you every wanted to make your website more secure by using SSL? This article will show you everything you need to setup your own SSL Apache server.

Security Scans with OpenVAS

Mon, 13 Oct 2008 14:03:02 +0000

LinuxSecurity.com: As important as security is, remaining current with every development is hard, and evaluating possible vulnerabilities across a network can be quite a chore. You need a way to both automate tests and make sure you're running the most appropriate and up-to-date tests. Open Vulnerability Assessment System (OpenVAS) is a network security scanner that includes a central server and a graphical front end. Do you want to run network vulnerability tests (NVTs) to identify vulnerabilities in your network? Check out this open source client/server application which provides a graphical front-end for running automated NVTs written in Nessus Attack Scripting Language (NASL).

Monitor Your Network With GroundWork Monitor Community Edition

Wed, 08 Oct 2008 17:06:23 +0000

LinuxSecurity.com: GroundWork Monitor Community Edition is a free edition of GroundWork Monitor Enterprise, a commercial open source network monitoring solution geared toward large enterprise customers. Free editions often have some limited functionality, but GroundWork Monitor Community Edition offers the visibility a small- to medium-sized network needs by harnessing the power of popular tools such as Nagios, MRTG, NeDi, Ganglia, Nmap, MySQL, and RRDtool. Have you ever used an open source network monitoring tool to keep tabs on your network devices? Check out this free open source application which allows you to integrate popular network tools into a comprehensive network monitoring system.

Billy Hoffman On AJAX Security and Browser Attacks

Fri, 10 Oct 2008 08:00:00 +0000

LinuxSecurity.com: As more and more computing moves to the Web, Web application security has become a high priority -- at least for users. In this interview, Executive Editor Dennis Fisher talks to Billy Hoffman, manager of Hewlett-Packard Co.'s Web Security Research Group, about the security features in Google Chrome, the lack of security training for Web developers and how JavaScript has become the favored tool of attackers. This article is an interview with Billy Hoffman, manager of Hewlett-Packard Co.'s Web Security Research Group. Which he talks about how JavaScript has become the favored tool of attackers.

Firefox Extension Blocks Dangerous Web attack

Thu, 09 Oct 2008 08:00:00 +0000

LinuxSecurity.com: A popular free security tool for the Firefox browser has been upgraded to block one of the most dangerous and troubling security problems facing the Web today. NoScript is a small application that integrates into Firefox. It blocks scripts in programming languages such as JavaScript and Java from executing on untrusted Web pages. The scripts could be used to launch an attack on a PC. There are tons of security extensions for Firefox, this article looks at one that helps block dangerous web pages. What is your favorite Firefox security plug-in?

Fwknop - Port Knocking Tool with Single Packet Authorization

Wed, 08 Oct 2008 08:19:22 +0000

LinuxSecurity.com: Port Knocking came about in around 2003, but it has various weaknesses. There are plenty of implentations though (some quite advanced). Most of the problems are fixed however by fwknop! fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter (fwknop supports both iptables on Linux systems and ipfw on FreeBSD and Mac OS X systems) and libpcap. Have you ever tested the port knocking software called "FireWall KNock OPerator? The interesting feature of it is that it only needs a single packet to get information on a host.

Debian: New Linux 2.6.18 packages fix several vulnerabilities

Mon, 13 Oct 2008 16:34:00 +0000

LinuxSecurity.com: Joe Jin reported a local denial of service vulnerability that allows system users to trigger an oops due to an improperly initialized data structure.

Debian: New ruby1.9 packages fix several vulnerabilities

Sun, 12 Oct 2008 05:55:00 +0000

LinuxSecurity.com: Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems.

Debian: New ruby1.8 packages fix several vulnerabilities

Sun, 12 Oct 2008 05:47:00 +0000

LinuxSecurity.com: Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. Christian Neukirchen discovered that the WebRick module uses inefficient algorithms for HTTP header splitting, resulting in denial of service through resource exhaustion.

Debian: New openldap2.3 packags fix denial of service

Sun, 12 Oct 2008 05:36:00 +0000

LinuxSecurity.com: Cameron Hotchkies discovered that the OpenLDAP server slapd, a free implementation of the Lightweight Directory Access Protocol, could be crashed by sending malformed ASN1 requests.

Never Installed a Firewall on Ubuntu? Try Firestarter

Thu, 25 Sep 2008 18:09:41 +0000

LinuxSecurity.com: When I typed on Google "Do I really need a firewall?" 695,000 results came across. And I'm pretty sure they must be saying "Hell yeah!". In my opinion, no one would ever recommend anyone to sit naked on the internet keeping in mind the insecurity internet carries these days, unless you really know what you are doing. Read on for more information on Firestarter.

Review: Hacking Exposed Linux, Third Edition

Mon, 18 Aug 2008 08:00:00 +0000

LinuxSecurity.com: "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack.