Security on your mind?
Protect your home and business networks with the free, community version of EnGarde Secure Linux. Don't rely only on a firewall to protect your network, because firewalls can be bypassed. EnGarde Secure Linux is a security-focused Linux distribution made to protect your users and their data.
The security experts at Guardian Digital fortify every download of EnGarde Secure Linux with eight essential types of open source packages. Then we configure those packages to provide maximum security for tasks such as serving dynamic websites, high availability mail, transport, network intrusion detection, and more. The result for you is high security, easy administration, and automatic updates.
The Community edition of EnGarde Secure Linux is completely free and open source. Updates are also freely available when you register with the Guardian Digital Secure Network.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
LinuxSecurity.com Feature Extras:
EnGarde Secure Linux v3.0.6 Now Available - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.6 (Version 3.0, Release 6). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, several updated packages, and a couple of new packages available for installation.
pgp Key Signing Observations: Overlooked Social and Technical Considerations - While there are several sources of technical information on using pgp in general, and key signing in particular, this article emphasizes social aspects of key signing that are too often ignored, misleading or incorrect in the technical literature. There are also technical issues pointed out where I believe other documentation to be lacking. It is important to acknowledge and address social aspects in a system such as pgp, because the weakest link in the system is the human that is using it. The algorithms, protocols and applications used as part of a pgp system are relatively difficult to compromise or 'break', but the human user can often be easily fooled. Since the human is the weak link in this chain, attention must be paid to actions and decisions of that human; users must be aware of the pitfalls and know how to avoid them.
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
Password Hashing | ||
29th, May, 2006
In this article I'm going to cover password hashing, a subject which is often poorly understood by newer developers. Recently I've been asked to look at several web applications which all had the same security issue - user profiles stored in a database with plain text passwords |
||
Post-Encryption Security | ||
3rd, June, 2006
Last month I reviewed Voltage Security's secure email product, a worthy exercise since email is the most common method of transmitting documents from one department to another. |
||
How To Automate Spamcop Submissions | ||
29th, May, 2006
Spamcop is a service which provides RBLs for mailservers in order to reject incoming mail from spammers. Their philosophy is to process possible spam complaints from users. When they receive a certain amount of complaints during a time-period then they will blacklist the offender. This system is dependant on spam reporting from users. However, their submission process is not very user-friendly. |
||
Disaster Practice | ||
4th, June, 2006
When the British government wanted to test the resiliency of its financial institutions, it commissioned "an afternoon from hell". The buildup started on a Monday morning last November. First, there was a failure in the clearing systems used to transfer money between banks after routine systems maintenance. Then, terrorists staged a series of bomb attacks around Britain, causing hundreds of casualties in London and considerable damage to major financial centres. Around the same time, malicious hackers tried their best to break into the banks' systems. All in all, 'twas was a bad day. The disaster recovery simulation was organized by the Tripartite Authorities, a group comprising the Financial Services Authority, the UK Treasury Department and the Bank of England. |
||
MicroWorld to Launch Futuristic Network Firewall | ||
27th, May, 2006
MicroWorld Technologies launched its futuristic, enterprise class firewall eConceal. eConceal is a comprehensive network firewall developed to prevent unauthorized access to a computer or network connected to the Internet. It enforces a boundary between two or more networks by implementing default or user-defined Access Control Policies or Rules. These rules function as filters by analyzing data packets to see if they fulfill the filter criteria and then allow or block the traffic accordingly. |
||
Can single sign-on be simple sign-on? | ||
29th, May, 2006
Fundamentally, Single Sign On (SSO) is a straightforward idea. You use a proxy device to authenticate a user, and the proxy then manages all the login idiosyncrasies of the applications they want to access. |
||
Taking Steps To Protect Customer Data | ||
29th, May, 2006
With so much attention paid to malicious attacks by hackers, worms and viruses, it's a common misconception that outside forces pose the greatest danger to a company's data. The reality, however, is that internal elements are far more dangerous when it comes to data security than anything on the outside, including natural disasters. |
||
Biometrics - The Wave of the Future? | ||
1st, June, 2006
Will biometrics be a factor in our future? Of course it will, at least to the extent that it has been in our past history. We as citizens must decide upon the best methods to use and the best way to utilize this technology. Biometrics can be defined in several ways such as the study of measurable biological characteristics. In reference to Information Security it specifically applies to the automated use of physiological or behavioral characteristics to determine or verify identity. |
||
Security Management From One Platform | ||
28th, May, 2006
Managing network security gets harder every day as the number and types of threats multiply. Security is also a double-edged sword, and an incorrectly implemented or mismanaged security policy can prevent network commerce and stand in the way of the mission of the enterprise. |
||
Linux: Setup a transparent proxy with Squid in three easy steps | ||
29th, May, 2006
Yesterday I got chance to play with Squid and iptables. The job was to setup Squid proxy as a transparent server. Main benefit of setting transparent proxy is you do not have to setup up individual browsers to work with proxies. |
||
Follow the Appiant way to a more secure network… | ||
29th, May, 2006
Hardly a day goes by that we don't hear new information about some company getting themselves hacked. Sure they all have firewalls, but HOW are the hackers getting in? I was hired to perform an application security audit for a local university. They wanted to make sure that they didn't become part of the growing statistics. |
||
Network auditing on a shoestring | ||
30th, May, 2006
What do you do when the auditors are breathing down your neck, wanting to see an exhaustive report on the Windows network security of a 2,000-user network across eight sites? That's easy. Break out a text editor and start writing some Perl. That's what my colleague Matt Prigge and I did when we were tasked with locating every share available on a network and documenting who had access to their files. At first blush, it was a Herculean effort. When we started coding and the pieces began to fall into place, however, it became much simpler. |
||
Execs Express Top Security Concerns | ||
30th, May, 2006
When it comes to protecting corporate assets there seems to be little security managers don't worry about. That the impression of security executives attending this week's Converge '06 conference - also known as security vendor Courion's annual customer meeting. |
||
Security expert recommends 'Net diversity | ||
31st, May, 2006
What do you see as the top three information security threats that are most likely to hit U.S.-based multinationals? |
||
Most sites ready for SSL progress | ||
2nd, June, 2006
Despite the enormous success of SSL for securing web traffic, there has been little technical change in the way that SSL is used for secure HTTP in the ten years since SSL version 3 was introduced. Although it has been around since 1996, most browsers have continued to make connections compatible with the older SSL version 2 protocol. But now the major browser developers are aiming to drop SSL v2 completely; export-grade encryption ciphers are also to be dropped. |