Security Projects - Page 52
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
The best way to keep a hacker from breaking into a computer system from the outside may just be to have a hacker on the inside. That's what John Brozycki and Darien Ford's company figured when it paid $7,000 so they . . .
A group of security developers has called for an industry standard for internet security testing. The group, called Ideahamster, which includes a mixture of security experts and developers, has suggested that the introduction of such a standard would make it easier . . .
In an uncharacteristic move, the U.S. National Security Agency (NSA) recently released a security-enhanced version of Linux -- code and all -- to the open source community. Part 2 of this developerWorks exclusive delves deeper into the code, dissecting how the . . .
Today Dave Dittrich of the Honeynet Project announced the results of the "Honeynet Fornesic Challenge". The results of all submitted reports are available on the page. Dave also talks about how the Honeynet Project is going to continue using . . .
This advisory demonstrates several weaknesses in implementations of SSH (Secure Shell) protocols. When exploited, they let the attacker obtain sensitive information by passively monitoring encrypted SSH sessions. The information can later be used to speed up brute-force attacks on . . .
EnGarde is the next generation in Linux security providing a complete suite of e-business services, intrusion alert capabilities, improved authentication and access control utilizing strong cryptography, and complete SSL secure Web-based administration capabilities. Imagine a cohesive suite of Open Source applications . . .
Version 1.3.19 of the Apache web server has been released. This version fixes a security bug which could lead to a directory listing being displayed in place of an error message.. . .
Software that is placed under "copyleft" -- as opposed to copyright -- may be in a legal limbo and is still reliant on the concept of copyright, an Irish legal expert says. Stallman said the GPL and copyleft helps guarantee . . .
The focus of the NSA's enhancements is on mandatory access controls, and the foundation for these is built into the kernel's major subsystems. The hope is that when the controls are properly applied, attackers can no longer expect to be able . . .
Shortly after 3 a.m. EST last Thursday, eWEEK's third Openhack interactive security test finished its 17-day run with all prizes remaining unclaimed. This is eWEEK Labs' first Openhack test in three tries that hasn't been penetrated successfully, and the credit goes . . .
LIDS is a kernel patch to enhance the linux kernel. LIDS 1.0.4 has been released for use with kernel version 2.4.0.. . .
Below is a statement from Ownen Taylor of the GTK+ development team in regards to the recent GTK_MODULES security issue raised on BUGTRAQ. "In the opinion of the GTK+ team, the only correct way to write a setuid program with a graphical user interface is to have a setuid backend that communicates with the non-setuid graphical user interface via a mechanism such as a pipe and that considers the input it receives to be untrusted.". . .
One significant area in biotechnology, the magazine highlights, is work on brain-machine interfaces that could someday allow people to control artificial devices that replace lost functions. Today, research is more limited, with scientists able to take signals from individual neurons in . . .
Openroot is a computer on my network where the root password is open to anyone for learning, experimentation, or whatever. This project has been around for atleast four weeks, and has been doing well. Please visit the openroot site. . . .
Huagang Xie writes: "The LIDS project has just released LIDS 0.9.11 for kernel version 2.2.18. It contain a bugfix for lidsadm. For more detail, please visit www.lids.org." I use LIDS on a daily basis and love it. Anybody who . . .
The chief public policy issue of the Internet Age is privacy, International Business Machines Corp. (nyse: IBM) Chairman and Chief Executive Louis Gerstner said on Tuesday. In a wide-ranging keynote speech at an industry trade show here, Gerstner said that privacy . . .
The documentation of LIDS -- "Build a secure Linux system with LIDS" is updated to version 0.2. This document talks about what LIDS is, what the benifit of LIDS is, and how to build a secure linux system step by step . . .
Solar's kernel security enhancement patch is now available for the recently-released 2.2.17 Linux kernel. "This patch is a collection of security-related features for the Linux kernel, all configurable via the new 'Security options' configuration section. In addition to the new features, . . .
China's Founder Electronics Co. has developed a new method of Internet security and expects that it will become one of the world's leading Internet security solutions. ... He said that most existing Internet security products worldwide are still using the traditional firewall technology whose weakness is the possession of an Internet protocol address, which can be bypassed or destroyed by hackers.. . .
Rep. Stephen Horn, R-Calif., who made a name for himself by grading government agencies on their Y2K computer readiness in the months leading up to last year's millennial date rollover, is at it again, gearing up to release a report card . . .