Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
A Quick View at Proxy's
Proxy servers were originally developed to cache frequently accessed web pages for computersbehind a common Internet connection. In the early days of the Internet, wide area links were veryslow, the Web was relatively small, and web pages were static. The entire Proxy servers were originally developed to cache frequently accessed web pages for computersbehind a common Internet connection. In the early days of the Internet, wide area links were veryslow, the Web was relatively small, and web pages were static. The entire Web consisted of only afew thousand websites shared by scientists and academicians. Whenever an important newselement hit a website, many scientists in the same organization would visit that page (how manytimes have you forwarded a link inside your company?). By caching that page on a local server,proxies could eliminate redundant Internet access to retrieve the same page over and over. So, proxies were originally very effective at web caching. When the Web went supernova, proxies became markedly less effective at caching; the Web wasnow vast, web pages were frequently dynamic (expiring as soon as they'd been transmitted), andthe interests of users within a single organization might range across a million web pages before thesame site was hit three times.
news/firewall/a-quick-view-at-proxys
SSH Port Forwarding
SSH is typically used for logging into remote servers so you have shell access to do maintenance, read your email, restart services, or whatever administration you require. SSH also offers some other native services, such as file copy (using scp and sftp) and remote command execution (using ssh with a command on the command line after the hostname). Whenever we SSH from one machine to another, we establish a secure encrypted session. This first article in this SSH series[1] looked at properly verifying a server's host key, so that we can be sure that no attacker is able to perform a man-in-the-middle attack and gain access to read or manipulate what we do in that session. Other articles in this series looked at removing the need for static passwords using SSH user identities[2], and then using ssh-agent[3] to automate the task of typing passphrases.
news/server-security/ssh-port-forwarding
The Community edition of EnGarde Secure Linux is completely free and open source. Updates are also freely available when you register with the Guardian Digital Secure Network.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
LinuxSecurity.com Feature Extras:
- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.8 (Version 3.0, Release 8). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool, several updated packages, and several new packages available for installation.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New sendmail packages fix denial of service | ||
| 31st, August, 2006
A programming error has been discovered in sendmail, an alternative mail transport agent for Debian, that could allow a remote attacker to crash the sendmail process by sending a specially crafted email message. Please note that in order to install this update you also need libsasl2 library from proposed updates as outlined in DSA 1155-2. advisories/debian/debian-new-sendmail-packages-fix-denial-of-service-22702 |
||
| Debian: New apache packages fix several vulnerabilities | ||
| 4th, September, 2006
Updated package. advisories/debian/debian-new-apache-packages-fix-several-vulnerabilities |
||
| Debian: New cheesetraceker packages fix buffer overflow | ||
| 3rd, September, 2006
Updated package. advisories/debian/debian-new-cheesetraceker-packages-fix-buffer-overflow-57316 |
||
| Debian: New capi4hylafax packages fix arbitrary command execution | ||
| 1st, September, 2006
Lionel Elie Mamane discovered a security vulnerability in capi4hylafax, tools for faxing over a CAPI 2.0 device, that allows remote attackers to execute arbitrary commands on the fax receiving system. advisories/debian/debian-new-capi4hylafax-packages-fix-arbitrary-command-execution |
||
| Debian: New imagemagick packages fix arbitrary code execution | ||
| 4th, September, 2006
Several remote vulnerabilities have been discovered in Imagemagick, a collection of image manipulation tools, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-2440 CVE-2006-3743 CVE-2006-3744 advisories/debian/debian-new-imagemagick-packages-fix-arbitrary-code-execution-48846 |
||
| Debian: New MySQL 4.1 packages fix several vulnerabilities | ||
| 5th, September, 2006
Several local vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-4226 CVE-2006-4380 advisories/debian/debian-new-mysql-41-packages-fix-several-vulnerabilities-31011 |
||
| Debian: New fastjar packages fix directory traversal | ||
| 6th, September, 2006
J | ||
